diff --git a/roles/openshift/project/defaults/main.yml b/roles/openshift/project/defaults/main.yml
index 694a8aea0b..58027c6bdf 100644
--- a/roles/openshift/project/defaults/main.yml
+++ b/roles/openshift/project/defaults/main.yml
@@ -1,2 +1,3 @@
 ---
 allow_fas_db: false
+allow_phx2: true
diff --git a/roles/openshift/project/templates/egresspolicy.yml b/roles/openshift/project/templates/egresspolicy.yml
index 5cb161b4a5..2526281af4 100644
--- a/roles/openshift/project/templates/egresspolicy.yml
+++ b/roles/openshift/project/templates/egresspolicy.yml
@@ -15,6 +15,14 @@ spec:
     to:
       cidrSelector: "10.5.126.99/32"
 {% endif %}
+{% endif %}
+{% if not allow_phx2 %}
+  - type: Deny
+    to:
+      cidrSelector: "10.0.0.0/8"
+  - type: Deny
+    to:
+      cidrSelector: "209.132.181.0/25"
 {% endif %}
   - type: Allow
     to: