diff --git a/hosts/proxy/default.nix b/hosts/proxy/default.nix
index 6c454a3..7bc977e 100644
--- a/hosts/proxy/default.nix
+++ b/hosts/proxy/default.nix
@@ -118,22 +118,26 @@ services = {
 
           acl is_plone hdr(host) -i stura.htw-dresden.de
           acl is_www_plone hdr(host) -i www.stura.htw-dresden.de
+          acl is_tix hdr(host) -i tix.htw.stura-dresden.de
+          acl is_vot hdr(host) -i vot.htw.stura-dresden.de
+          acl is_dat hdr(host) -i dat.htw.stura-dresden.de
           acl is_pro hdr(host) -i pro.stura.htw-dresden.de
           
           use_backend plone_80 if is_plone
           use_backend plone_80 if is_www_plone
           use_backend pro_80 if is_pro
+          use_backend tix_80 if is_tix
+          use_backend dat_80 if is_dat
+          use_backend vot_80 if is_vot
           default_backend plone_80
 
 
-        # ---- SSH Jump ----
-        frontend ssh_jump
-          bind *:22
-          mode tcp
-          use_backend ssh_srs2
         frontend ssh_jump_alt
           bind *:2142
           mode tcp
+          timeout client 30m
+          timeout connect 10s
+          log-format "%ci:%cp [%t] %ft %b/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq dst:%[var(sess.dst)] "
           use_backend ssh_srs2
 
         # ---- SNI routing (TCP, peek at handshake) ----
@@ -147,7 +151,9 @@ services = {
           #use_backend terminate_plone if { req_ssl_sni -i stura.htw-dresden.de }
           use_backend plone_passthrough if { req_ssl_sni -i stura.htw-dresden.de }
           use_backend plone_passthrough if { req_ssl_sni -i www.stura.htw-dresden.de }
-          # passed through to nginx on remote host
+          use_backend tix_passthrough if { req_ssl_sni -i tix.htw.stura-dresden.de }
+          use_backend vot_passthrough if { req_ssl_sni -i vot.htw.stura-dresden.de }
+          use_backend dat_passthrough if { req_ssl_sni -i dat.htw.stura-dresden.de }
           use_backend tls_passthrough if { req_ssl_sni -i pro.stura.htw-dresden.de }
 
         backend terminate_plone
@@ -157,12 +163,27 @@ services = {
 
         backend ssh_srs2
           mode tcp
+          timeout server 30m
+          timeout connect 10s
+          option tcpka
           server srs2 141.56.51.2:80 check
 
         backend tls_passthrough
           mode tcp
           server nginx_host 141.56.51.15:443 check
 
+        backend tix_passthrough
+          mode tcp
+          server nginx_host 141.56.51.220:443 check
+
+        backend vot_passthrough
+          mode tcp
+          server nginx_host 141.56.51.57:443 check
+
+        backend dat_passthrough
+          mode tcp
+          server nginx_host 141.56.51.81:443 check
+
         backend plone_passthrough
           mode tcp
           server nginx_host 141.56.51.3:443 check
@@ -177,6 +198,18 @@ services = {
           mode http
           server plone 141.56.51.3:80 check
 
+        backend tix_80
+          mode http
+          server plone 141.56.51.220:80 check
+
+        backend vot_80
+          mode http
+          server plone 141.56.51.57:80 check
+
+        backend dat_80
+          mode http
+          server plone 141.56.51.81:80 check
+
         backend pro_80
           mode http
           server plone 141.56.51.15:80 check