diff --git a/playbooks/proxy.yml b/playbooks/proxy.yml
index 4ab8d0a..e6c8b6b 100644
--- a/playbooks/proxy.yml
+++ b/playbooks/proxy.yml
@@ -11,7 +11,6 @@
 
   roles:
     - base
-    - relayd
     - ifstated
     - nginx/server
     - role: nginx/site
diff --git a/roles/relayd/templates/relayd.conf.j2 b/roles/relayd/templates/relayd.conf.j2
index 46830c9..530dc0a 100644
--- a/roles/relayd/templates/relayd.conf.j2
+++ b/roles/relayd/templates/relayd.conf.j2
@@ -1,15 +1,26 @@
+log state changes
+log connection
+
+relay "syslog-int" {
+    listen on 172.20.20.5 port 6514
+    forward to log01.home.foo.sh port 6514
+}
+relay "syslog-ext" {
+    listen on 37.16.96.150 port 6514
+    forward to log01.home.foo.sh port 6514
+}
 
-{% if inventory_hostname == "proxy01.home.foo.sh" %}
-table <ldap_servers> { ldap01.home.foo.sh }
-{% else %}
 table <ldap_servers> { ldap01.home.foo.sh, ldap02.home.foo.sh }
-{% endif %}
-relay "ldap" {
-    listen on 0.0.0.0 port 636
+relay "ldap-int" {
+    listen on 172.20.20.6 port 636
+    forward to <ldap_servers> check tls
+}
+relay "ldap-ext" {
+    listen on 37.16.96.151 port 636
     forward to <ldap_servers> check tls
 }
 
-relay "syslog" {
-    listen on 0.0.0.0 port 6514
-    forward to log01.home.foo.sh port 6514
+relay "ldap01-ext" {
+    listen on 37.16.96.152 port 636
+    forward to ldap01.home.foo.sh port 636
 }