diff --git a/inventory/group_vars/proxies b/inventory/group_vars/proxies
index 5b0a25feef..cd9823025c 100644
--- a/inventory/group_vars/proxies
+++ b/inventory/group_vars/proxies
@@ -64,6 +64,7 @@ custom_rules: [
     '-A INPUT -p tcp -m tcp --dport 44342 -s 209.132.183.252 -j ACCEPT',
 
     # Allow ocp control plane hosts
+    '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.35 -j ACCEPT', # batcave01
     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.120 -j ACCEPT',
     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.121 -j ACCEPT',
     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.122 -j ACCEPT',
diff --git a/inventory/group_vars/proxies_stg b/inventory/group_vars/proxies_stg
index 341ad52143..7a0d79c65c 100644
--- a/inventory/group_vars/proxies_stg
+++ b/inventory/group_vars/proxies_stg
@@ -66,6 +66,7 @@ custom_rules: [
     # Allow happinesspackets-stg.fedorainfracloud.org to talk to the inbound fedmsg relay
     '-A INPUT -p tcp -m tcp --dport 9941 -s 209.132.184.123 -j ACCEPT',
     # Allow ocp control plane hosts
+    '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.163.35 -j ACCEPT', # batcave01
     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.115 -j ACCEPT',
     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.116 -j ACCEPT',
     '-A INPUT -p tcp -m tcp --dport 6443 -s 10.3.166.117 -j ACCEPT',