diff --git a/ansible/roles/common/tasks/main.yaml b/ansible/roles/common/tasks/main.yaml
index 556c924..96ceffa 100644
--- a/ansible/roles/common/tasks/main.yaml
+++ b/ansible/roles/common/tasks/main.yaml
@@ -14,3 +14,27 @@
     state: started
     enabled: true
 
+- name: Add ssh to firewalld
+  ansible.posix.firewalld:
+    service: ssh
+    state: enabled
+    permanent: true
+    immediate: true
+    offline: true
+
+- name: Add dhcpv6-client to firewalld
+  ansible.posix.firewalld:
+    service: dhcpv6-client
+    state: enabled
+    permanent: true
+    immediate: true
+    offline: true
+
+- name: Disallow cockpit firewalld
+  ansible.posix.firewalld:
+    service: cockpit
+    state: disabled
+    permanent: true
+    immediate: true
+    offline: true
+