diff --git a/src/oneprovision/lib/terraform/providers/templates/digitalocean/host.erb b/src/oneprovision/lib/terraform/providers/templates/digitalocean/host.erb
index 51f00c41ec..f6caf2e7c1 100644
--- a/src/oneprovision/lib/terraform/providers/templates/digitalocean/host.erb
+++ b/src/oneprovision/lib/terraform/providers/templates/digitalocean/host.erb
@@ -22,14 +22,14 @@ resource "digitalocean_firewall" "device_<%= obj['ID'] %>" {
     inbound_rule {
         protocol         = "tcp"
         port_range       = "179"
-        source_addresses = ["10.10.10.0/24"]
+        source_addresses = [digitalocean_vpc.device_<%= c['ID'] %>.ip_range]
     }
 
     # VXLAN traffic from VPC droplets. IP range MUST be consistent with cluster.erb
     inbound_rule {
         protocol         = "udp"
         port_range       = "8472"
-        source_addresses = ["10.10.10.0/24"]
+        source_addresses = [digitalocean_vpc.device_<%= c['ID'] %>.ip_range]
     }
 
     # Client Ports for VMs. Port range MUST be consistent with VNET definition