diff --git a/bootstrap/templates/kubernetes/apps/kube-system/cilium/app/cilium-bgp.yaml.j2 b/bootstrap/templates/kubernetes/apps/kube-system/cilium/app/cilium-bgp.yaml.j2
index ef6cea45b40..ccd6eb7500a 100644
--- a/bootstrap/templates/kubernetes/apps/kube-system/cilium/app/cilium-bgp.yaml.j2
+++ b/bootstrap/templates/kubernetes/apps/kube-system/cilium/app/cilium-bgp.yaml.j2
@@ -17,7 +17,11 @@ spec:
           peerASN: {{ distribution.talos.bgp.peer_asn }}
         {% endfor %}
         {% else %}
+        {% if nodes.default_gateway %}
+        - peerAddress: "{{ nodes.default_gateway }}/32"
+        {% else %}
         - peerAddress: "{{ nodes.host_network | nthhost(1) }}/32"
+        {% endif %}
           peerASN: {{ distribution.talos.bgp.peer_asn }}
         {% endif %}
       serviceSelector:
diff --git a/bootstrap/templates/kubernetes/talos/talconfig.yaml.j2 b/bootstrap/templates/kubernetes/talos/talconfig.yaml.j2
index 95ac2f52ba5..53d568d0d40 100644
--- a/bootstrap/templates/kubernetes/talos/talconfig.yaml.j2
+++ b/bootstrap/templates/kubernetes/talos/talconfig.yaml.j2
@@ -50,7 +50,11 @@ nodes:
             mtu: 1500
             routes:
               - network: 0.0.0.0/0
+                {% if nodes.default_gateway %}
+                gateway: "{{ nodes.default_gateway }}"
+                {% else %}
                 gateway: "{{ nodes.host_network | nthhost(1) }}"
+                {% endif %}
             {% if item.controller %}
             vip:
               ip: "{{ cluster.endpoint_vip }}"
@@ -61,7 +65,11 @@ nodes:
         mtu: 1500
         routes:
           - network: 0.0.0.0/0
+            {% if nodes.default_gateway %}
+            gateway: "{{ nodes.default_gateway }}"
+            {% else %}
             gateway: "{{ nodes.host_network | nthhost(1) }}"
+            {% endif %}
         {% if item.controller %}
         vip:
           ip: "{{ cluster.endpoint_vip }}"
diff --git a/config.sample.yaml b/config.sample.yaml
index 3db0b3bce8c..785d360f66d 100644
--- a/config.sample.yaml
+++ b/config.sample.yaml
@@ -34,6 +34,7 @@ distribution:
     #   loadbalancer_network: 10.123.0.0/16
     # secureboot:
     #   # (Optional) Enable secureboot on UEFI systems. Not supported on x86 platforms in BIOS mode.
+    #   # If you want to use this. Please make sure to boot from secureboot ISO and enroll keys first.
     #   #   See: https://www.talos.dev/latest/talos-guides/install/bare-metal-platforms/secureboot
     #   enabled: true
     #   # (Optional) Enable TPM-based disk encryption. Requires TPM 2.0
@@ -53,6 +54,8 @@ timezone: ""
 nodes:
   # (Required) CIDR your nodes are on (e.g. 192.168.1.0/24)
   host_network: ""
+  # (Optional) Talos only: If your gateway is not on the .1 address of above CIDR you can set it here (e.g. 192.168.1.254)
+  default_gateway: ""
   # (Optional) The DNS server to use for the cluster, this can be an existing
   #   local DNS server or a public one.
   #   Default is ["1.1.1.1", "1.0.0.1"]