diff --git a/skylab/infra/playbooks/bootstrap.yml b/skylab/infra/playbooks/bootstrap.yml
index 160cfbb..5062150 100644
--- a/skylab/infra/playbooks/bootstrap.yml
+++ b/skylab/infra/playbooks/bootstrap.yml
@@ -168,6 +168,18 @@
       setype: ssh_port_t
       state: present
 
+  - name: Install Firewalld
+    become: true
+    ansible.builtin.dnf:
+      name: firewalld
+      state: present
+
+  - name: Enable Firewalld
+    become: true
+    ansible.builtin.service:
+      name: firewalld
+      enabled: true
+
   - name: Grant SSHD firewall access to the mgmt port
     become: true
     ansible.posix.firewalld: