diff --git a/caddy/Caddyfile b/caddy/Caddyfile
index 901c18d..4c87bfc 100644
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@@ -7,6 +7,15 @@
 		versions ipv4
 	}
 
+	layer4 {
+		:443 {
+			@openvpn openvpn
+			route @openvpn {
+				proxy host:444 # Proxy OpenVPN traffic to its backend
+			}
+		}
+	}
+
 	order geoip2_vars first
 	geoip2 {
 		accountId {$GEO_ACCOUNT_ID}
@@ -159,8 +168,6 @@ geo.rik.veenboer.xyz {
 
 	@geofilter expression ({geoip2.country_code} == "NL")
 
-    # @geofilter expression {geoip2.country_eu}
-
 	route @geofilter {
 		reverse_proxy host:12345 {
 			header_up X-Real-IP {remote_host}
diff --git a/caddy/Dockerfile b/caddy/Dockerfile
index 4b48367..324c332 100644
--- a/caddy/Dockerfile
+++ b/caddy/Dockerfile
@@ -3,13 +3,9 @@ FROM caddy:2.9-builder AS builder
 RUN xcaddy build \
     --with github.com/caddy-dns/route53 \
     --with github.com/mholt/caddy-dynamicdns \
-    --with github.com/zhangjiayin/caddy-geoip2
-    #--with github.com/shift72/caddy-geo-ip \
-    #--with github.com/aablinov/caddy-geoip \
-    #--with github.com/porech/caddy-maxmind-geolocation
+    --with github.com/zhangjiayin/caddy-geoip2 \
+    --with github.com/mholt/caddy-l4
 
 FROM caddy:2.9-alpine
 
 COPY --from=builder /usr/bin/caddy /usr/bin/caddy
-
-
diff --git a/docker-compose.openvpn-server.yml b/docker-compose.openvpn-server.yml
index ec82b62..ec56a03 100644
--- a/docker-compose.openvpn-server.yml
+++ b/docker-compose.openvpn-server.yml
@@ -6,7 +6,8 @@ services:
         extra_hosts:
         - host:192.168.2.200
         image: kylemanna/openvpn:2.4
-        network_mode: host
+        ports:
+        - 444:443
         privileged: true
         restart: unless-stopped
         volumes:
diff --git a/docker-compose.yml b/docker-compose.yml
index 523491d..0156a77 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -28,7 +28,7 @@ include:
 
 # Networking
 - docker-compose.surfshark.yml
-#- docker-compose.openvpn-server.yml
+- docker-compose.openvpn-server.yml
 - docker-compose.dns-ad-blocker.yml
 
 # Backup