diff --git a/defaults/main/openvpn.yml b/defaults/main/openvpn.yml
index 8e62bc9f..986e9f23 100644
--- a/defaults/main/openvpn.yml
+++ b/defaults/main/openvpn.yml
@@ -18,6 +18,8 @@ openvpn_server_netmask: 255.255.255.0
 openvpn_server_network: 10.9.0.0
 openvpn_set_dns: true
 openvpn_tun_mtu:
+openvpn_lan_source_ip: "{{ ansible_default_ipv4.address }}"
+
 # Security
 openvpn_auth_alg: SHA256
 openvpn_cipher: AES-256-CBC
diff --git a/tasks/ufw.yml b/tasks/ufw.yml
index 350400c1..b2a92ca9 100644
--- a/tasks/ufw.yml
+++ b/tasks/ufw.yml
@@ -39,7 +39,7 @@
       # OpenVPN config
       *nat
       :POSTROUTING ACCEPT [0:0]
-      -A POSTROUTING -s {{ openvpn_server_network }}/24 -j SNAT --to-source {{ ansible_default_ipv4.address }}
+      -A POSTROUTING -s {{ openvpn_server_network }}/24 -j SNAT --to-source {{ openvpn_lan_source_ip }}
       COMMIT
   when: not openvpn_masquerade_not_snat
   notify: