diff --git a/app/network/views.py b/app/network/views.py
index 6abdd1235d8778516c8268bd83b0ffde78a00f55..e759400ad08c61458b34a723c96a11c7def74886 100644
--- a/app/network/views.py
+++ b/app/network/views.py
@@ -285,6 +285,15 @@ def create_interface(hostname):
     form = InterfaceForm(
         request.form, host_id=host.id, interface_name=host.name, random_mac=random_mac
     )
+    if not current_user.is_admin:
+        # Restrict the networks to the same network scope as the main interface
+        form.network_id.choices = [
+            (str(network.id), network.vlan_name)
+            for network in models.Network.query.filter_by(scope=host.main_network.scope)
+            .order_by(models.Network.vlan_name)
+            .all()
+            if current_user.has_access_to_network(network)
+        ]
     if form.validate_on_submit():
         # User shall have access to the new interface domain
         network = models.Network.query.get(form.network_id.data)
@@ -337,6 +346,17 @@ def edit_interface(name):
         interface_name=interface.name,
         cnames_string=cnames_string,
     )
+    if not current_user.is_admin and not interface.is_main:
+        # Restrict the networks to the same network scope as the main interface
+        form.network_id.choices = [
+            (str(network.id), network.vlan_name)
+            for network in models.Network.query.filter_by(
+                scope=interface.host.main_network.scope
+            )
+            .order_by(models.Network.vlan_name)
+            .all()
+            if current_user.has_access_to_network(network)
+        ]
     # Remove the random_mac field (not used when editing)
     del form.random_mac
     ips = [interface.ip]