diff --git a/core/server.go b/core/server.go
index 49d8af9a00e485f89dcf7033cea523433fe3c5ba..c2287f7c2f38fa969642321da9a7d1f2957146f3 100644
--- a/core/server.go
+++ b/core/server.go
@@ -36,6 +36,10 @@ func ReadServer() (*model.Server, error) {
 		server.Dns = append(server.Dns, "fd9f::10:0:0:2")
 		server.Dns = append(server.Dns, "10.0.0.2")
 
+		server.AllowedIPs = make([]string, 0)
+		server.AllowedIPs = append(server.AllowedIPs, "0.0.0.0/0")
+		server.AllowedIPs = append(server.AllowedIPs, "::/0")
+
 		server.PersistentKeepalive = 16
 		server.Mtu = 0
 		server.PreUp = "echo WireGuard PreUp"
diff --git a/model/server.go b/model/server.go
index c495e1567312026fc7bda52138bdd7b86602e19b..b7c2cdf7ec28891505cf0bb5f7cc7d6663bb9bcf 100644
--- a/model/server.go
+++ b/model/server.go
@@ -16,6 +16,7 @@ type Server struct {
 	Endpoint            string    `json:"endpoint"`
 	PersistentKeepalive int       `json:"persistentKeepalive"`
 	Dns                 []string  `json:"dns"`
+	AllowedIPs          []string  `json:"allowedips"`
 	PreUp               string    `json:"preUp"`
 	PostUp              string    `json:"postUp"`
 	PreDown             string    `json:"preDown"`
@@ -59,6 +60,12 @@ func (a Server) IsValid() []error {
 			errs = append(errs, fmt.Errorf("dns %s is invalid", dns))
 		}
 	}
+	// check if the allowedIPs are valid
+	for _, allowedIP := range a.AllowedIPs {
+		if !util.IsValidCidr(allowedIP) {
+			errs = append(errs, fmt.Errorf("allowedIP %s is invalid", allowedIP))
+		}
+	}
 
 	return errs
 }
diff --git a/ui/src/components/Clients.vue b/ui/src/components/Clients.vue
index f383e779467045c3e78c82ed22b28301df1508c4..e2c5786e41446302f36084ce977dd2d7742e27b1 100644
--- a/ui/src/components/Clients.vue
+++ b/ui/src/components/Clients.vue
@@ -382,7 +382,7 @@
           name: "",
           email: "",
           enable: true,
-          allowedIPs: ["0.0.0.0/0", "::/0"],
+          allowedIPs: this.server.allowedips,
           address: this.server.address,
         }
       },
diff --git a/ui/src/components/Server.vue b/ui/src/components/Server.vue
index eb37cb25751dcc87c9c041e83abe84c9e80726fe..c8fdffcff90b00f4bc4ca008a348fa7cd10c02af 100644
--- a/ui/src/components/Server.vue
+++ b/ui/src/components/Server.vue
@@ -85,6 +85,26 @@
                                     </v-chip>
                                 </template>
                             </v-combobox>
+                            <v-combobox
+                                    v-model="server.allowedips"
+                                    chips
+                                    hint="Write IPv4 or IPv6 address and hit enter"
+                                    label="Default Allowed IPs for clients"
+                                    multiple
+                                    dark
+                            >
+                                <template v-slot:selection="{ attrs, item, select, selected }">
+                                    <v-chip
+                                            v-bind="attrs"
+                                            :input-value="selected"
+                                            close
+                                            @click="select"
+                                            @click:close="server.allowedips.splice(server.allowedips.indexOf(item), 1)"
+                                    >
+                                        <strong>{{ item }}</strong>&nbsp;
+                                    </v-chip>
+                                </template>
+                            </v-combobox>
                             <v-text-field
                                     type="number"
                                     v-model="server.mtu"
@@ -218,6 +238,18 @@
           }
         }
 
+        // check client AllowedIPs
+        if (this.server.allowedips.length < 1) {
+          this.notify('error', 'Please provide at least one valid CIDR address for client allowed IPs');
+          return;
+        }
+        for (let i = 0; i < this.server.allowedips.length; i++){
+          if (this.$isCidr(this.server.allowedips[i]) === 0) {
+            this.notify('error', 'Invalid CIDR detected, please correct before submitting');
+            return
+          }
+        }
+
         this.api.patch('/server', this.server).then((res) => {
           this.notify('success', "Server successfully updated");
           this.server = res;