diff --git a/config.cfg b/config.cfg
index 08a6f5b6..1ba7b086 100644
--- a/config.cfg
+++ b/config.cfg
@@ -40,20 +40,8 @@ wireguard_port: 51820
 wireguard_PersistentKeepalive: 0
 
 # WireGuard network configuration
-_wireguard_network_ipv4:
-  subnet: 10.19.49.0
-  prefix: 24
-  gateway: 10.19.49.1
-  clients_range: 10.19.49
-  clients_start: 2
-_wireguard_network_ipv6:
-  subnet: 'fd9d:bc11:4021::'
-  prefix: 48
-  gateway: 'fd9d:bc11:4021::1'
-  clients_range: 'fd9d:bc11:4021::'
-  clients_start: 2
-wireguard_network_ipv4: "{{ _wireguard_network_ipv4['subnet'] }}/{{ _wireguard_network_ipv4['prefix'] }}"
-wireguard_network_ipv6: "{{ _wireguard_network_ipv6['subnet'] }}/{{ _wireguard_network_ipv6['prefix'] }}"
+wireguard_network_ipv4: 10.19.49.0/24
+wireguard_network_ipv6: fd9d:bc11:4021::/48
 
 # Reduce the MTU of the VPN tunnel
 # Some cloud and internet providers use a smaller MTU (Maximum Transmission
@@ -101,16 +89,8 @@ dns_servers:
     - 2606:4700:4700::1001
 
 # Randomly generated IP address for the local dns resolver
-local_service_ip: >-
-  10.
-  {{- 255 | random(start=20, seed=algo_server_name + ansible_fqdn + 'second') }}.
-  {{- 255 | random(seed=algo_server_name + ansible_fqdn + 'third') }}.
-  {{- 255 | random(seed=algo_server_name + ansible_fqdn + 'fourth') }}
-local_service_ipv6: >-
-  FD{{ 99 | random(seed=algo_server_name + ansible_fqdn + 'first') }}:
-  {{- 9999 | random(seed=algo_server_name + ansible_fqdn + 'second') }}:
-  {{- 9999 | random(seed=algo_server_name + ansible_fqdn + 'third') }}:
-  {{- 9999 | random(seed=algo_server_name + ansible_fqdn + 'fourth') }}::1
+local_service_ip: "{{ '172.16.0.1' | ipmath(1048573 | random(seed=algo_server_name + ansible_fqdn)) }}"
+local_service_ipv6: "{{ 'fd00::1' | ipmath(1048573 | random(seed=algo_server_name + ansible_fqdn)) }}"
 
 # Your Algo server will automatically install security updates. Some updates
 # require a reboot to take effect but your Algo server will not reboot itself
diff --git a/main.yml b/main.yml
index c1c14abd..45aae582 100644
--- a/main.yml
+++ b/main.yml
@@ -2,11 +2,19 @@
 - hosts: localhost
   become: false
   tasks:
-    - name: Verify Ansible meets Drupal VM's version requirements.
+    - name: Ensure the requirements installed
+      debug:
+        msg: "{{ '' | ipaddr }}"
+      ignore_errors: true
+      no_log: true
+      register: ipaddr
+
+    - name: Verify Ansible meets Algo VPN requirements.
       assert:
-        that: "ansible_version.full is version('2.7.10', '==')"
+        that:
+          - ansible_version.full is version('2.7.10', '==')
+          - not ipaddr.failed
         msg: >
-          Ansible version is {{ ansible_version.full }}.
           You must update the requirements to use this version of Algo.
           Try to run python -m pip install -U -r requirements.txt
 
diff --git a/requirements.txt b/requirements.txt
index 60c89a08..b79aa5fa 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1 +1,2 @@
 ansible==2.7.10
+netaddr
diff --git a/roles/wireguard/defaults/main.yml b/roles/wireguard/defaults/main.yml
index 4c7f17f3..e0c82f51 100644
--- a/roles/wireguard/defaults/main.yml
+++ b/roles/wireguard/defaults/main.yml
@@ -10,5 +10,9 @@ wireguard_dns_servers: >-
   {% else %}
   {% for host in dns_servers.ipv4 %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}{% if ipv6_support %},{% for host in dns_servers.ipv6 %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}{% endif %}
   {% endif %}
-wireguard_client_ip: "{{ _wireguard_network_ipv4['clients_range'] }}.{{ _wireguard_network_ipv4['clients_start'] + index|int + 1 }}/{{ _wireguard_network_ipv4['prefix'] }}{% if ipv6_support %},{{ _wireguard_network_ipv6['clients_range'] }}{{ _wireguard_network_ipv6['clients_start'] + index|int + 1 }}/{{ _wireguard_network_ipv6['prefix'] }}{% endif %}"
-wireguard_server_ip: "{{ _wireguard_network_ipv4['gateway'] }}/{{ _wireguard_network_ipv4['prefix'] }}{% if ipv6_support %},{{ _wireguard_network_ipv6['gateway'] }}/{{ _wireguard_network_ipv6['prefix'] }}{% endif %}"
+wireguard_client_ip: >-
+  {{ wireguard_network_ipv4 | ipaddr(index|int+2) }}
+  {{ ',' + wireguard_network_ipv6 | ipaddr(index|int+2) if ipv6_support else '' }}
+wireguard_server_ip: >-
+  {{ wireguard_network_ipv4 | ipaddr('1') }}
+  {{ ',' + wireguard_network_ipv6 | ipaddr('1') if ipv6_support else '' }}
diff --git a/roles/wireguard/templates/server.conf.j2 b/roles/wireguard/templates/server.conf.j2
index 247c7d2f..5e19d865 100644
--- a/roles/wireguard/templates/server.conf.j2
+++ b/roles/wireguard/templates/server.conf.j2
@@ -11,7 +11,6 @@ SaveConfig = false
 [Peer]
 # {{ u }}
 PublicKey = {{ lookup('file', wireguard_pki_path + '/public/' + u) }}
-AllowedIPs = {{ _wireguard_network_ipv4['clients_range'] }}.{{ _wireguard_network_ipv4['clients_start'] + index }}/32{% if ipv6_support %},{{ _wireguard_network_ipv6['clients_range'] }}{{ _wireguard_network_ipv6['clients_start'] + index }}/128{% endif %}
-
+AllowedIPs = {{ wireguard_network_ipv4 | ipaddr(index|int+1) }}{{ ',' + wireguard_network_ipv6 | ipaddr(index) if ipv6_support else '' }}
 {% endif %}
 {% endfor %}