diff --git a/vsellier/plantuml/fw/vpn final.png b/vsellier/plantuml/fw/vpn final.png
new file mode 100644
index 0000000..ec1c5ab
Binary files /dev/null and b/vsellier/plantuml/fw/vpn final.png differ
diff --git a/vsellier/plantuml/fw/vpn temporary.png b/vsellier/plantuml/fw/vpn temporary.png
new file mode 100644
index 0000000..e634e8d
Binary files /dev/null and b/vsellier/plantuml/fw/vpn temporary.png differ
diff --git a/vsellier/plantuml/fw/vpn-target.plantuml b/vsellier/plantuml/fw/vpn-target.plantuml
new file mode 100644
index 0000000..c6fab5f
--- /dev/null
+++ b/vsellier/plantuml/fw/vpn-target.plantuml
@@ -0,0 +1,44 @@
+@startuml "vpn final"
+nwdiag {
+
+    opnsense 
+
+    network openvpn {
+        address = "192.168.101.0/24"
+
+        opnsense [address = "192.168.101.1"]
+    
+        users [address="192.168.101.x" description = "<&people*4.5>\n users"];
+    }
+
+    network ipsec {
+        address = "192.168.200.1/24"
+
+        opnsense
+        azure_nodes [address="192.168.200.x" description = "<&cloudy*4.5>\n Azure"]
+    }
+
+    network VLAN440 {
+        address = "192.168.100.0/24"
+
+        opnsense [address = "192.168.100.1"]
+    }
+
+    network staging {
+        address = "192.168.130.0/24"
+
+        opnsense [address="192.168.130.1"]
+    }
+
+    network admin {
+        address = "192.168.130.1/24"
+
+        opnsense [address="192.168.50.1"]
+    }
+
+    legend
+    Final configuration
+    end legend
+}
+
+@enduml
diff --git a/vsellier/plantuml/fw/vpn-test-phase.plantuml b/vsellier/plantuml/fw/vpn-test-phase.plantuml
new file mode 100644
index 0000000..ba06b50
--- /dev/null
+++ b/vsellier/plantuml/fw/vpn-test-phase.plantuml
@@ -0,0 +1,54 @@
+@startuml "vpn temporary"
+nwdiag {
+
+    network VLAN440 {
+        address = "192.168.100.0/24"
+
+        louvre [address = "192.168.100.1"]
+        opnsense [address = "192.168.100.130"]
+
+    }
+
+
+    network openvpn {
+        address = "192.168.102.0/23"
+
+        opnsense [address = "192.168.102.1"]
+
+        user [address="192.168.102.x" description = "<&people*4.5>\n users"];
+    }
+
+    network legacy_openvpn {
+        address = "192.168.101.0/24"
+
+        louvre [address = "192.168.101.1"]
+        users [address="192.168.101.x" description = "<&people*4.5>\n users"];
+    }
+
+    network ipsec {
+        address = "192.168.200.1/24"
+
+        azure_nodes [address="192.168.200.x" description = "<&cloudy*4.5>\n Azure"]
+
+        louvre
+        opnsense
+    }
+
+    network staging {
+        address = "192.168.130.1/24"
+
+        opnsense [address="192.168.130.1"]
+    }
+
+    network admin {
+        address = "192.168.50.1/24"
+
+        opnsense [address="192.168.50.1"]
+    }
+
+    legend
+    Temporary configuration during tests
+    end legend
+}
+
+@enduml