diff --git a/src/server/utils/wgHelper.ts b/src/server/utils/wgHelper.ts
index 5ebd0217..2ec9eb57 100644
--- a/src/server/utils/wgHelper.ts
+++ b/src/server/utils/wgHelper.ts
@@ -29,6 +29,7 @@ AllowedIPs = ${allowedIps.join(', ')}`;
 PrivateKey = ${system.interface.privateKey}
 Address = ${system.interface.address4}/${cidr4Block}, ${system.interface.address6}/${cidr6Block}
 ListenPort = ${system.wgPort}
+MTU = ${system.userConfig.serverMtu}
 PreUp = ${system.iptables.PreUp}
 PostUp = ${system.iptables.PostUp}
 PreDown = ${system.iptables.PreDown}
diff --git a/src/services/database/migrations/1.ts b/src/services/database/migrations/1.ts
index 8ca68493..cf930703 100644
--- a/src/services/database/migrations/1.ts
+++ b/src/services/database/migrations/1.ts
@@ -26,6 +26,7 @@ export async function run1(db: Low<Database>) {
       lang: 'en',
       userConfig: {
         mtu: 1420,
+        serverMtu: 1420,
         persistentKeepalive: 0,
         address4Range: address4Range,
         address6Range: address6Range,
@@ -70,7 +71,6 @@ export async function run1(db: Low<Database>) {
     clients: {},
   };
 
-  // TODO: use variables inside up/down script
   // TODO: properly check if ipv6 support
   database.system.iptables.PostUp = `
 iptables -t nat -A POSTROUTING -s ${database.system.userConfig.address4Range} -o ${database.system.wgDevice} -j MASQUERADE;
diff --git a/src/services/database/repositories/system.ts b/src/services/database/repositories/system.ts
index aba8129a..6fae9c8f 100644
--- a/src/services/database/repositories/system.ts
+++ b/src/services/database/repositories/system.ts
@@ -18,6 +18,7 @@ export type WGInterface = {
 
 export type WGConfig = {
   mtu: number;
+  serverMtu: number;
   persistentKeepalive: number;
   address4Range: string;
   address6Range: string;