diff --git a/nachrichten-bayernid-proxy/src/main/helm/templates/network_policy.yaml b/nachrichten-bayernid-proxy/src/main/helm/templates/network_policy.yaml
index e0effc809597979a1cdb01c636f868c63574f617..95cd70f64a419cc1e585a2f977f48d45aae0eaee 100644
--- a/nachrichten-bayernid-proxy/src/main/helm/templates/network_policy.yaml
+++ b/nachrichten-bayernid-proxy/src/main/helm/templates/network_policy.yaml
@@ -44,6 +44,9 @@ spec:
           component: vorgang-manager
 {{- with (.Values.networkPolicy).additionalIngressConfig }}
 {{ toYaml . | indent 2 }}
+{{- end }}
+{{- with (.Values.networkPolicy).additionalIngressConfigNamespace }}
+{{ toYaml . | indent 2 }}
 {{- end }}
   egress:
   - to:
@@ -62,5 +65,8 @@ spec:
 {{- with (.Values.networkPolicy).additionalEgressConfig }}
 {{ toYaml . | indent 2 }}
 {{- end }}
+{{- with (.Values.networkPolicy).additionalEgressConfigNamespace }}
+{{ toYaml . | indent 2 }}
+{{- end }}
 
 {{- end }}
\ No newline at end of file
diff --git a/nachrichten-bayernid-proxy/src/test/helm/network_policy_test.yaml b/nachrichten-bayernid-proxy/src/test/helm/network_policy_test.yaml
index 7382ad0947be9db238ff1b5d7f9de08439716165..fbb9de636d7a0242b7ea2ce25f299d134416118e 100644
--- a/nachrichten-bayernid-proxy/src/test/helm/network_policy_test.yaml
+++ b/nachrichten-bayernid-proxy/src/test/helm/network_policy_test.yaml
@@ -110,6 +110,7 @@ tests:
                 matchLabels:
                   component: client2
 
+
   - it: add egress rules by values
     set:
       networkPolicy:
@@ -144,6 +145,44 @@ tests:
             - port: 12345
               protocol: TCP
 
+
+  - it: should add additionalIngressConfigNamespace
+    set:
+      networkPolicy:
+        ssoPublicIp: 51.89.117.53/32
+        dnsServerNamespace: test-namespace-dns
+        additionalIngressConfigNamespace:
+        - from:
+          - podSelector: 
+              matchLabels:
+                additionalIngressConfigNamespace: yes
+    asserts:
+      - contains:
+          path: spec.ingress
+          content:
+            from:
+            - podSelector: 
+                matchLabels:
+                  additionalIngressConfigNamespace: yes
+
+  - it: should add additionalEgressConfigNamespace
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
+        additionalEgressConfigNamespace:
+        - to:
+          - podSelector:
+              matchLabels:
+                additionalEgressConfigNamespace: yes
+    asserts:
+    - contains:
+        path: spec.egress
+        content:
+          to:
+          - podSelector:
+              matchLabels:
+                additionalEgressConfigNamespace: yes
+
   - it: test network policy disabled
     set:
       networkPolicy:
diff --git a/src/main/helm/templates/network_policy.yaml b/src/main/helm/templates/network_policy.yaml
index fb20373df7e5cf5c1045657b25fb3df4057f48cc..88ad059ed4898240276aa3f9a0dc05775705a87e 100644
--- a/src/main/helm/templates/network_policy.yaml
+++ b/src/main/helm/templates/network_policy.yaml
@@ -47,6 +47,9 @@ spec:
           ozg-component: eingangsadapter
 {{- with (.Values.networkPolicy).additionalIngressConfig }}
 {{ toYaml . | indent 2 }}
+{{- end }}
+{{- with (.Values.networkPolicy).additionalIngressConfigNamespace }}
+{{ toYaml . | indent 2 }}
 {{- end }}
   egress:
   - to:
@@ -101,5 +104,8 @@ spec:
 {{- with (.Values.networkPolicy).additionalEgressConfig }}
 {{ toYaml . | indent 2 }}
 {{- end }}
+{{- with (.Values.networkPolicy).additionalEgressConfigNamespace }}
+{{ toYaml . | indent 2 }}
+{{- end }}
 
 {{- end }}
\ No newline at end of file
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 16661a34b0b43473c82029e7496f2867220dd785..e31527a6ade27749981059e2ceb64ff890bb1ef1 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -287,6 +287,44 @@ tests:
             - port: 12345
               protocol: TCP
 
+
+  - it: should add additionalIngressConfigNamespace
+    set:
+      networkPolicy:
+        ssoPublicIp: 51.89.117.53/32
+        dnsServerNamespace: test-namespace-dns
+        additionalIngressConfigNamespace:
+        - from:
+          - podSelector: 
+              matchLabels:
+                additionalIngressConfigNamespace: yes
+    asserts:
+      - contains:
+          path: spec.ingress
+          content:
+            from:
+            - podSelector: 
+                matchLabels:
+                  additionalIngressConfigNamespace: yes
+
+  - it: should add additionalEgressConfigNamespace
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
+        additionalEgressConfigNamespace:
+        - to:
+          - podSelector:
+              matchLabels:
+                additionalEgressConfigNamespace: yes
+    asserts:
+    - contains:
+        path: spec.egress
+        content:
+          to:
+          - podSelector:
+              matchLabels:
+                additionalEgressConfigNamespace: yes
+
   - it: test network policy disabled
     set:
       networkPolicy: