diff --git a/group_vars/stage_prodnso/prometheus.yml b/group_vars/stage_prodnso/prometheus.yml
index cf9e81b..124e3be 100644
--- a/group_vars/stage_prodnso/prometheus.yml
+++ b/group_vars/stage_prodnso/prometheus.yml
@@ -3,3 +3,7 @@ prometheus_lvm_hcloudvol_size: 30
 prometheus_lvm_hcloudvol_count: 10
 
 prometheus_tsdb_rentention_time: '90d'
+
+# check firewall settings
+smardigo_connect_extra_servers:
+  - ext-bdev-mpmexec-02-connect.smardigo.digital
diff --git a/host_vars/ext-bdev-mpmexec-02/plain.yml b/host_vars/ext-bdev-mpmexec-02/plain.yml
index 2d9d770..09bd724 100644
--- a/host_vars/ext-bdev-mpmexec-02/plain.yml
+++ b/host_vars/ext-bdev-mpmexec-02/plain.yml
@@ -11,6 +11,6 @@ traefik_dns_01_challenge: false
 
 sma_jwt_secret: "{{ sma_jwt_secret_vault }}"
 
-connect_version: "10.3.11"
+connect_version: "10.3"
 connect_email_username: "{{ connect_email_username_vault }}"
 connect_email_password: "{{ connect_email_password_vault }}"
diff --git a/templates/connect-compact/docker-compose.yml.j2 b/templates/connect-compact/docker-compose.yml.j2
index b3624a9..a9973d9 100644
--- a/templates/connect-compact/docker-compose.yml.j2
+++ b/templates/connect-compact/docker-compose.yml.j2
@@ -23,9 +23,17 @@ services:
       - "traefik.http.routers.{{ connect_id }}.tls=true"
       - "traefik.http.routers.{{ connect_id }}.tls.certresolver=letsencrypt-http"
       - "traefik.http.services.{{ connect_id }}.loadbalancer.server.port=8080"
+
+      - "traefik.http.routers.{{ connect_id }}-admin.service={{ connect_id }}-admin"
+      - "traefik.http.routers.{{ connect_id }}-admin.rule=Host(`{{ connect_id }}.{{ domain }}`)"
+      - "traefik.http.routers.{{ connect_id }}-admin.entrypoints=admin-service"
+      - "traefik.http.routers.{{ connect_id }}-admin.tls=true"
+      - "traefik.http.routers.{{ connect_id }}-admin.tls.certresolver=letsencrypt-http"
+      - "traefik.http.services.{{ connect_id }}-admin.loadbalancer.server.port={{ management_port }}"
 {% if
   connect_external_subdomain is defined
 %}
+
       - "traefik.http.routers.{{ connect_id }}-extern.service={{ connect_id }}-extern"
       - "traefik.http.routers.{{ connect_id }}-extern.rule=Host(`{{ connect_external_subdomain }}.{{ domain }}`)"
       - "traefik.http.routers.{{ connect_id }}-extern.entrypoints=websecure"
diff --git a/templates/prometheus/config/prometheus/prometheus.yml.j2 b/templates/prometheus/config/prometheus/prometheus.yml.j2
index 32c00bf..ce1dab5 100644
--- a/templates/prometheus/config/prometheus/prometheus.yml.j2
+++ b/templates/prometheus/config/prometheus/prometheus.yml.j2
@@ -245,6 +245,29 @@ scrape_configs:
         target_label:  instance
         replacement:   $1
 
+#############################################
+###             Smardigo Extra           ####
+#############################################
+
+  - job_name: 'connect-extra'
+    scheme: {{ http_s }}
+    metrics_path: '/management/prometheus'
+    static_configs:
+      - targets: [
+{% for server in smardigo_connect_extra_servers | default([]) %}
+          '{{ server }}:{{ admin_port_service }}',
+{% endfor %}
+        ]
+        labels:
+          env: {{ stage }}
+          project: smardigo
+          application: connect
+    relabel_configs:
+      - source_labels: [__address__]
+        regex:         (.*):.*
+        target_label:  instance
+        replacement:   $1
+
 #############################################
 ###               Keycloak               ####
 #############################################