diff --git a/configuration.nix b/configuration.nix
index c12c58e..cf1dbb3 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -182,16 +182,38 @@
 
     peers = [{
       publicKey = "VEpzr/CeGdS6Wsy0NDDfmlB/bCYxS55A155HWGCIIzc=";
-      endpoint = "69.48.243.22:51820";
-      allowedIPs = [ "0.0.0.0/0" ];
+      endpoint = "vpn.leeworks.dev:51820";
+      # Route all traffic through VPN EXCEPT the local 10.0.0.0/24 network
+      allowedIPs = [
+        "0.0.0.0/5"
+        "8.0.0.0/7"
+        "10.0.1.0/24"
+        "10.0.2.0/23"
+        "10.0.4.0/22"
+        "10.0.8.0/21"
+        "10.0.16.0/20"
+        "10.0.32.0/19"
+        "10.0.64.0/18"
+        "10.0.128.0/17"
+        "10.1.0.0/16"
+        "10.2.0.0/15"
+        "10.4.0.0/14"
+        "10.8.0.0/13"
+        "10.16.0.0/12"
+        "10.32.0.0/11"
+        "10.64.0.0/10"
+        "10.128.0.0/9"
+        "11.0.0.0/8"
+        "12.0.0.0/6"
+        "16.0.0.0/4"
+        "32.0.0.0/3"
+        "64.0.0.0/2"
+        "128.0.0.0/1"
+      ];
       persistentKeepalive = 25;
     }];
   };
 
-  services.tailscale = {
-    enable = true;
-    useRoutingFeatures = "client";  # or "both" for subnet routing
-  };
 
   # Open firewall for Tailscale
   networking.firewall = {