diff --git a/ansible/router/tasks/main.yaml b/ansible/router/tasks/main.yaml
index 996821c15329e14f1ffa40d9ed3e05e1530d6981..c0cc55c1c7a36f9e52ce5d5de98b478d6d00e369 100644
--- a/ansible/router/tasks/main.yaml
+++ b/ansible/router/tasks/main.yaml
@@ -21,13 +21,18 @@
     src: etc/ssh/sshd_config.j2
     dest: /etc/ssh/sshd_config
     mode: 0600
+ 
+# disable the ssh.socket, otherwise it will collide with ssh.service
+- name: Ensure ssh socket is disabled
+  service:
+    name: ssh.socket
+    enabled: no
 
-- name: Ensure sshd is restarted and enabled to start at boot.
+- name: Ensure ssh is restarted and enabled to start at boot.
   service:
-    name: sshd
+    name: ssh
     state: restarted
     enabled: yes
-    daemon_reload: yes
 
 - name: Setup firewall
   include_tasks: firewall.yaml
diff --git a/terraform/router.tf b/terraform/router.tf
index 872b8ff37b084ec83b110eba0f544f4878afc175..d3b3da63fc3d03523106d1945f114ce277f32870 100644
--- a/terraform/router.tf
+++ b/terraform/router.tf
@@ -13,6 +13,7 @@ resource "proxmox_lxc" "router" {
   cores        = 4
   onboot       = true
   startup      = "order=1"
+  unprivileged = true
 
   ssh_public_keys  = local.ssh_keys
 
@@ -26,6 +27,7 @@ resource "proxmox_lxc" "router" {
     bridge = "vmbr211"
     ip     = "152.66.211.122/24"
     gw     = "152.66.211.254"
+    hwaddr = "BE:7E:2B:F3:19:7A"
   }
 
   network {
@@ -33,5 +35,6 @@ resource "proxmox_lxc" "router" {
     bridge = "vmbr0"
     ip     = "192.168.99.254/22"
     ip6    = "fd00::9:254/96" 
+    hwaddr = "7A:9C:F7:A8:5D:1C"
   }
 }