diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index 3808e4bb7a84a8d65ff7387a73152098ec842592..cb275e46a630b99e00c5318f75d7fae0a96440b2 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -63,6 +63,13 @@ spec:
       podSelector: 
         matchLabels:
           component: antragsraum-server
+  - from:
+    - namespaceSelector:
+        matchLabels:
+          kubernetes.io/metadata.name: {{ required "ozgcloud.antragraum.antragsraumProxyNamespace must be set if antragraum is enabled" ((.Values.ozgcloud).antragraum).antragsraumProxyNamespace }}
+      podSelector: 
+        matchLabels:
+          component: antragsraum-proxy
 {{- end }}
 
   - from:
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index d96ceb8d562bc5631faca0bd8e8c875e4f797eb2..1fcaf1738ee56778cee39530b3cc7364256c9d9f 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -149,6 +149,7 @@ tests:
         antragraum:
           enabled: true
           namespace: antragraum02
+          antragsraumProxyNamespace: antragraum-proxy
     asserts:
     - contains:
         path: spec.ingress
@@ -160,6 +161,26 @@ tests:
               podSelector: 
                 matchLabels:
                   component: antragsraum-server
+  - it: should add ingress rule for antragraum-proxy if antragraum is enabled
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
+      ozgcloud:
+        antragraum:
+          enabled: true
+          namespace: antragraum-proxy
+          antragsraumProxyNamespace: antragraum-proxy
+    asserts:
+    - contains:
+        path: spec.ingress
+        content:
+          from:
+            - namespaceSelector:
+                matchLabels:
+                  kubernetes.io/metadata.name: antragraum-proxy
+              podSelector: 
+                matchLabels:
+                  component: antragsraum-proxy
 
 
   - it: should not add ingress rule for antragraum if antragraum is disabled
@@ -181,6 +202,25 @@ tests:
                 matchLabels:
                   component: antragraum-server
 
+  - it: should not add ingress rule for antragraum-proxy if antragraum is disabled
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
+      ozgcloud:
+        antragraum:
+          enabled: false
+    asserts:
+    - notContains:
+        path: spec.ingress
+        content:
+          from:
+            - namespaceSelector:
+                matchLabels:
+                  kubernetes.io/metadata.name: antragraum-proxy
+              podSelector: 
+                matchLabels:
+                  component: antragraum-proxy
+
   - it: should throw error if antragraum is enabled but antragraum namespace is not set
     set:
       networkPolicy:
@@ -188,9 +228,21 @@ tests:
       ozgcloud:
         antragraum:
           enabled: true
+          antragsraumProxyNamespace: antragraum-proxy
     asserts:
       - failedTemplate:
           errorMessage: ozgcloud.antragraum.namespace must be set if antragraum is enabled
+  - it: should throw error if antragraum is enabled but antragsraumProxyNamespace is not set
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
+      ozgcloud:
+        antragraum:
+          enabled: true
+          namespace: antragraum2
+    asserts:
+      - failedTemplate:
+          errorMessage: ozgcloud.antragraum.antragsraumProxyNamespace must be set if antragraum is enabled
 
   - it: should add default ingress rule for zentraler-eingang
     set:
@@ -356,6 +408,7 @@ tests:
         antragraum:
           enabled: true
           namespace: antragraum02
+          antragsraumProxyNamespace: antragraum-proxy
     asserts:
       - contains:
           path: spec.egress