diff --git a/packer/rootfs/etc/wireguard/wg0.conf b/packer/rootfs/etc/wireguard/wg0.conf
index bc2cd24..3b9aaff 100644
--- a/packer/rootfs/etc/wireguard/wg0.conf
+++ b/packer/rootfs/etc/wireguard/wg0.conf
@@ -13,7 +13,7 @@ PostUp = grep -Fxq 1 /proc/sys/net/ipv4/ip_forward              || printf 1 > /p
 PostUp = grep -Fxq 1 /proc/sys/net/ipv6/conf/all/forwarding     || printf 1 > /proc/sys/net/ipv6/conf/all/forwarding
 PostUp = grep -Fxq 1 /proc/sys/net/ipv6/conf/default/forwarding || printf 1 > /proc/sys/net/ipv6/conf/default/forwarding
 # Store the internet-facing interface in a file for later use
-PostUp = ip route show default | awk '/^default/{print $5}' > /etc/wireguard/default-iface
+PostUp = ip route show default 0.0.0.0/0 | awk '/^default/{print $5}' > /etc/wireguard/default-iface
 # Allow access WireGuard via port 51820/UDP on the internet-facing interface
 PostUp   = iptables  -A INPUT -i "$(cat /etc/wireguard/default-iface)" -p udp --dport 51820 -j ACCEPT
 PostUp   = ip6tables -A INPUT -i "$(cat /etc/wireguard/default-iface)" -p udp --dport 51820 -j ACCEPT