diff --git a/morph/grid/local/grid.nix b/morph/grid/local/grid.nix
index fdda12e4537cd281a8d0768f0a95aa0608eca36b..1be6bffc5d24d5e7522b0970e30c67eb7b957790 100644
--- a/morph/grid/local/grid.nix
+++ b/morph/grid/local/grid.nix
@@ -28,5 +28,12 @@ import ../../lib/make-grid.nix {
       hardware = import ./virtual-hardware.nix ({ inherit publicIPv4; });
       stateVersion = "19.09";
     } // cfg);
+
+    "monitoring1" = import ../../lib/make-monitoring.nix (rec {
+      publicIPv4 = "192.168.67.24";
+      inherit sshUsers;
+      hardware = import ./virtual-hardware.nix ({ inherit publicIPv4; });
+      stateVersion = "19.09";
+    } // cfg);
   };
 }
diff --git a/morph/lib/make-issuer.nix b/morph/lib/make-issuer.nix
index 52f0f82be914fed91192127b833f351e5a3d4be3..271980cfd87e214312112d300642cfc8996f261c 100644
--- a/morph/lib/make-issuer.nix
+++ b/morph/lib/make-issuer.nix
@@ -29,6 +29,14 @@
         permissions = "0400";
         action = ["sudo" "systemctl" "restart" "zkapissuer.service"];
       };
+      "monitoringvpn-secret-key" = {
+        source = "../PrivateStorageSecrets/monitoringvpn/storage1.key";
+        destination = "/var/secrets/monitoringvpn/client.key";
+        owner.user = "root";
+        owner.group = "root";
+        permissions = "0400";
+        action = ["sudo" "systemctl" "restart" "wireguard-monitoringvpn.service"];
+      };
     };
   };
 
@@ -55,9 +63,9 @@
 
   services.private-storage.monitoring.vpn.client = {
     enable = true;
-    privateKeyFile = "/var/secrets/vpn/host.key";
-    ips = ["172.23.23.21/24"];
+    privateKeyFile = "/var/secrets/monitoringvpn/client.key";
+    ips = ["172.23.23.11/24"];
     allowedIPs = ["172.23.23.1/32"];
-    endpointPublicKeyFile = "/var/secrets/vpn/server.pub";
+    endpointPublicKeyFile = "/home/flo/Repositories/PrivateStorageio/morph/PrivateStorageSecrets/monitoringvpn/server.pub";
   };
 }
diff --git a/nixos/modules/monitoring/vpn/client.nix b/nixos/modules/monitoring/vpn/client.nix
index 434165c227a9bcb832456e3f31fd8923c786d4ca..06aa255396a18ee45b3c1a12ae27645dd26080eb 100644
--- a/nixos/modules/monitoring/vpn/client.nix
+++ b/nixos/modules/monitoring/vpn/client.nix
@@ -9,6 +9,7 @@ in {
     privateKeyFile = lib.mkOption {
       type = lib.types.str;
       example = lib.literalExample "/var/secrets/monitoring-vpn/host.key";
+      default = "/var/secrets/monitoring-vpn/client.key";
       description = ''
         File with base64 private key generated by <command>wg genkey</command>.
       '';