diff --git a/roles/base/defaults/main.yml b/roles/base/defaults/main.yml
index 4111dcb..663af4f 100644
--- a/roles/base/defaults/main.yml
+++ b/roles/base/defaults/main.yml
@@ -1,2 +1,4 @@
 ---
 deploy_username: "deploy"
+fail2ban_ignorelist:
+  - 10.0.0.0/8
diff --git a/roles/base/templates/etc/fail2ban/jail.d/sshd.local.j2 b/roles/base/templates/etc/fail2ban/jail.d/sshd.local.j2
index 1ba69dd..f58b046 100644
--- a/roles/base/templates/etc/fail2ban/jail.d/sshd.local.j2
+++ b/roles/base/templates/etc/fail2ban/jail.d/sshd.local.j2
@@ -1,7 +1,7 @@
 [DEFAULT]
 maxretry    = 3
 bantime     = 14400
-ignoreip    = 127.0.0.0/8 10.0.0.0/8 198.55.48.48/28
+ignoreip    = 127.0.0.0/8 {% for ignore in fail2ban_ignorelist %}{{ ignore }} {% endfor %}
 
 [ssh]
 enabled     = true