diff --git a/charts/cloudflare-tunnel-remote/templates/deployment.yaml b/charts/cloudflare-tunnel-remote/templates/deployment.yaml
index d4e8a46..97b4796 100644
--- a/charts/cloudflare-tunnel-remote/templates/deployment.yaml
+++ b/charts/cloudflare-tunnel-remote/templates/deployment.yaml
@@ -25,10 +25,14 @@ spec:
         {{- end }}
     spec:
       serviceAccountName: {{ include "cloudflare-tunnel-remote.fullname" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
       containers:
       - name: cloudflared
         image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default "latest" }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
+        securityContext:
+          {{- toYaml .Values.securityContext | nindent 12 }}
         command:
           - cloudflared
           - tunnel
diff --git a/charts/cloudflare-tunnel-remote/values.yaml b/charts/cloudflare-tunnel-remote/values.yaml
index 53c2b98..644fede 100644
--- a/charts/cloudflare-tunnel-remote/values.yaml
+++ b/charts/cloudflare-tunnel-remote/values.yaml
@@ -31,6 +31,9 @@ podLabels: {}
 podSecurityContext:
   runAsNonRoot: true
   runAsUser: 65532
+  sysctls:
+    - name: net.ipv4.ping_group_range
+      value: "65532 65532"
 
 # Security items for one container. We lock it down.
 securityContext:
diff --git a/charts/cloudflare-tunnel/values.yaml b/charts/cloudflare-tunnel/values.yaml
index c6d0e02..fe1a402 100644
--- a/charts/cloudflare-tunnel/values.yaml
+++ b/charts/cloudflare-tunnel/values.yaml
@@ -53,6 +53,9 @@ podLabels: {}
 podSecurityContext:
   runAsNonRoot: true
   runAsUser: 65532
+  sysctls:
+    - name: net.ipv4.ping_group_range
+      value: "65532 65532"
 
 # Security items for one container. We lock it down.
 securityContext: