diff --git a/modules/ionos-datacenter/README.md b/modules/ionos-datacenter/README.md
index 2330d9f..020fe64 100644
--- a/modules/ionos-datacenter/README.md
+++ b/modules/ionos-datacenter/README.md
@@ -19,6 +19,7 @@ No modules.
 | <a name="input_create_alb_target_lan"></a> [create\_alb\_target\_lan](#input\_create\_alb\_target\_lan) | Specifies whether a private target for the Application Load Balancer shall be created. | `bool` | `false` | no |
 | <a name="input_create_backend_crossconnect"></a> [create\_backend\_crossconnect](#input\_create\_backend\_crossconnect) | Specifies whether crossconnect shall be created. Default: false. | `bool` | `false` | no |
 | <a name="input_create_frontend_crossconnect"></a> [create\_frontend\_crossconnect](#input\_create\_frontend\_crossconnect) | Specifies whether crossconnect shall be created. Default: false. | `bool` | `false` | no |
+| <a name="input_create_nat_lan"></a> [create\_nat\_lan](#input\_create\_nat\_lan) | Specifies whether a private lan to connect a NAT gateway shall be created. | `bool` | `false` | no |
 | <a name="input_create_nfs_server_lan"></a> [create\_nfs\_server\_lan](#input\_create\_nfs\_server\_lan) | Specifies whether a private lan to connect an NFS server shall be created. | `bool` | `false` | no |
 | <a name="input_create_nlb_target_lan"></a> [create\_nlb\_target\_lan](#input\_create\_nlb\_target\_lan) | Specifies whether a private target for the Network Load Balancer shall be created. | `bool` | `false` | no |
 | <a name="input_create_postgres_lan"></a> [create\_postgres\_lan](#input\_create\_postgres\_lan) | Specifies whether a private lan to connect Postgres shall be created. | `bool` | `false` | no |
@@ -42,10 +43,12 @@ No modules.
 | <a name="output_lan_alb_target"></a> [lan\_alb\_target](#output\_lan\_alb\_target) | n/a |
 | <a name="output_lan_backend"></a> [lan\_backend](#output\_lan\_backend) | n/a |
 | <a name="output_lan_frontend"></a> [lan\_frontend](#output\_lan\_frontend) | n/a |
+| <a name="output_lan_nat"></a> [lan\_nat](#output\_lan\_nat) | n/a |
 | <a name="output_lan_nfs_server"></a> [lan\_nfs\_server](#output\_lan\_nfs\_server) | n/a |
 | <a name="output_lan_nlb_target"></a> [lan\_nlb\_target](#output\_lan\_nlb\_target) | n/a |
 | <a name="output_lan_postgres"></a> [lan\_postgres](#output\_lan\_postgres) | n/a |
 | <a name="output_lan_service"></a> [lan\_service](#output\_lan\_service) | n/a |
+| <a name="output_nat_lan_id"></a> [nat\_lan\_id](#output\_nat\_lan\_id) | n/a |
 | <a name="output_nfs_server_lan_id"></a> [nfs\_server\_lan\_id](#output\_nfs\_server\_lan\_id) | n/a |
 | <a name="output_nlb_target_lan_id"></a> [nlb\_target\_lan\_id](#output\_nlb\_target\_lan\_id) | n/a |
 | <a name="output_postgres_lan_id"></a> [postgres\_lan\_id](#output\_postgres\_lan\_id) | n/a |
@@ -64,6 +67,7 @@ No modules.
 | [ionoscloud_lan.alb_target_lan](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/lan) | resource |
 | [ionoscloud_lan.backend_lan](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/lan) | resource |
 | [ionoscloud_lan.frontend_lan](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/lan) | resource |
+| [ionoscloud_lan.nat_lan](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/lan) | resource |
 | [ionoscloud_lan.nfs_server_lan](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/lan) | resource |
 | [ionoscloud_lan.nlb_target_lan](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/lan) | resource |
 | [ionoscloud_lan.postgres_lan](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/lan) | resource |
diff --git a/modules/ionos-datacenter/locals.tf b/modules/ionos-datacenter/locals.tf
index 8afd83a..9f51c62 100644
--- a/modules/ionos-datacenter/locals.tf
+++ b/modules/ionos-datacenter/locals.tf
@@ -1,19 +1,20 @@
 locals {
-  create_frontend_crossconnect           = var.create_frontend_crossconnect
-  create_frontend_lan                    = (local.create_frontend_crossconnect == true || var.associated_frontend_crossconnect_id != "") ? true : false
-  create_backend_crossconnect            = var.create_backend_crossconnect
-  create_backend_lan                     = (local.create_backend_crossconnect == true || var.associated_backend_crossconnect_id != "") ? true : false
-  create_service_crossconnect            = var.create_service_crossconnect
-  create_service_lan                     = (local.create_service_crossconnect == true || var.associated_service_crossconnect_id != "") ? true : false
-  create_public_lan                      = var.create_public_lan
-  create_nfs_server_lan                  = var.create_nfs_server_lan
-  create_alb_target_lan                 = var.create_alb_target_lan
-  create_nlb_target_lan                 = var.create_nlb_target_lan
-  frontend_crossconnect_shared_group_ids = (length(var.crossconnect_shared_group_ids) > 0 && local.create_frontend_crossconnect == true) ? var.crossconnect_shared_group_ids : []
-  backend_crossconnect_shared_group_ids  = (length(var.crossconnect_shared_group_ids) > 0 && local.create_backend_crossconnect == true) ? var.crossconnect_shared_group_ids : []
-  service_crossconnect_shared_group_ids  = (length(var.crossconnect_shared_group_ids) > 0 && local.create_frontend_crossconnect == true) ? var.crossconnect_shared_group_ids : []
-  routes_map                             = var.routes_map 
-  create_postgres_lan                    = var.create_postgres_lan
+  create_frontend_crossconnect            = var.create_frontend_crossconnect
+  create_frontend_lan                     = (local.create_frontend_crossconnect == true || var.associated_frontend_crossconnect_id != "") ? true : false
+  create_backend_crossconnect             = var.create_backend_crossconnect
+  create_backend_lan                      = (local.create_backend_crossconnect == true || var.associated_backend_crossconnect_id != "") ? true : false
+  create_service_crossconnect             = var.create_service_crossconnect
+  create_service_lan                      = (local.create_service_crossconnect == true || var.associated_service_crossconnect_id != "") ? true : false
+  create_public_lan                       = var.create_public_lan
+  create_nfs_server_lan                   = var.create_nfs_server_lan
+  create_alb_target_lan                   = var.create_alb_target_lan
+  create_nlb_target_lan                   = var.create_nlb_target_lan
+  create_nat_lan                          = var.create_nat_lan
+  frontend_crossconnect_shared_group_ids  = (length(var.crossconnect_shared_group_ids) > 0 && local.create_frontend_crossconnect == true) ? var.crossconnect_shared_group_ids : []
+  backend_crossconnect_shared_group_ids   = (length(var.crossconnect_shared_group_ids) > 0 && local.create_backend_crossconnect == true) ? var.crossconnect_shared_group_ids : []
+  service_crossconnect_shared_group_ids   = (length(var.crossconnect_shared_group_ids) > 0 && local.create_frontend_crossconnect == true) ? var.crossconnect_shared_group_ids : []
+  routes_map                              = var.routes_map 
+  create_postgres_lan                     = var.create_postgres_lan
   # this saves the service/backend/frontend lans as an object in a list
   # Example of an object:
   # > type({"id" = "id", "routes_list" = [{"network" = "10.0.0.0/24", gateway_ip="10.0.0.0"}]})
@@ -34,4 +35,5 @@ locals {
   lan_postgres = flatten([ for id in ionoscloud_lan.postgres_lan.*.id: { id = id, routes_list = [{}] }])
   lan_alb_target = flatten([ for id in ionoscloud_lan.alb_target_lan.*.id: { id = id, routes_list =[{}] }])
   lan_nlb_target = flatten([ for id in ionoscloud_lan.nlb_target_lan.*.id: { id = id, routes_list =[{}] }])
+  lan_nat = flatten([ for id in ionoscloud_lan.nat_lan.*.id: { id = id, routes_list = [{}] }])
 }
diff --git a/modules/ionos-datacenter/main.tf b/modules/ionos-datacenter/main.tf
index a33151d..e5b0e5d 100644
--- a/modules/ionos-datacenter/main.tf
+++ b/modules/ionos-datacenter/main.tf
@@ -110,4 +110,11 @@ resource "ionoscloud_lan" "nlb_target_lan" {
   name          = "${var.datacenter_name}-nlb-target-lan"
   datacenter_id = ionoscloud_datacenter.datacenter.id
   public        = false
+}
+
+resource "ionoscloud_lan" "nat_lan" {
+  count         = local.create_nat_lan ? 1 : 0
+  name          = "${var.datacenter_name}-nat-lan"
+  datacenter_id = ionoscloud_datacenter.datacenter.id
+  public        = false
 }
\ No newline at end of file
diff --git a/modules/ionos-datacenter/output.tf b/modules/ionos-datacenter/output.tf
index 18f56eb..2666b6c 100644
--- a/modules/ionos-datacenter/output.tf
+++ b/modules/ionos-datacenter/output.tf
@@ -69,4 +69,12 @@ output "nlb_target_lan_id" {
 
 output "lan_nlb_target" {
   value = local.lan_nlb_target
+}
+
+output "nat_lan_id" {
+  value = join("", ionoscloud_lan.nat_lan.*.id)
+}
+
+output "lan_nat" {
+  value = local.lan_nat
 }
\ No newline at end of file
diff --git a/modules/ionos-datacenter/variables.tf b/modules/ionos-datacenter/variables.tf
index 00ad14e..be07972 100644
--- a/modules/ionos-datacenter/variables.tf
+++ b/modules/ionos-datacenter/variables.tf
@@ -95,4 +95,10 @@ variable "create_nlb_target_lan" {
   type = bool
   description = "Specifies whether a private target for the Network Load Balancer shall be created."
   default = false
+}
+
+variable "create_nat_lan" {
+  type = bool
+  description = "Specifies whether a private lan to connect a NAT gateway shall be created."
+  default = false
 }
\ No newline at end of file