diff --git a/roles/bastionhost/tasks/system_setup/firewall.yml b/roles/bastionhost/tasks/system_setup/firewall.yml
index 058cb7b..a75b59e 100644
--- a/roles/bastionhost/tasks/system_setup/firewall.yml
+++ b/roles/bastionhost/tasks/system_setup/firewall.yml
@@ -16,12 +16,17 @@
     proto: tcp
     src: 'any'
 
-- name: system setup | firewall | allow monitoring traffic from internal networks
+- name: system setup | firewall | allow ping (ICMP) from internal networks
+  community.general.ufw:
+    rule: allow
+    src: '192.168.1.0/24' # Passe dies an dein internes Netzwerk an
+    proto: icmp
+
+- name: system setup | firewall | allow other monitoring traffic from internal networks
   community.general.ufw:
     rule: allow
     proto: "{{ item.proto }}"
     port: "{{ item.port | default(omit) }}"
     src: '192.168.1.0/24' # Passe dies an dein internes Netzwerk an
   loop:
-    - { proto: 'icmp', comment: 'Allow Ping' }
     - { proto: 'udp', port: '161', comment: 'Allow SNMP' }