diff --git a/playbooks/roles/kanidm/tasks/main.yml b/playbooks/roles/kanidm/tasks/main.yml
index 4afebdf..142adbe 100644
--- a/playbooks/roles/kanidm/tasks/main.yml
+++ b/playbooks/roles/kanidm/tasks/main.yml
@@ -32,6 +32,12 @@
     group: root
     mode: 0755
 
+- name: Allow all LDAPS connections from everywhere
+  ansible.builtin.ufw:
+    rule: allow
+    proto: tcp
+    port: '3636'
+
 - name: Enable kanidm
   ansible.builtin.systemd_service:
     state: restarted