diff --git a/server/package.json b/server/package.json
index 6c35207..65bdeb4 100644
--- a/server/package.json
+++ b/server/package.json
@@ -28,3 +28,5 @@
     "typescript": "^5.3.2"
   }
 }
+
+
diff --git a/server/src/index.ts b/server/src/index.ts
index 11cc15a..d7cc664 100644
--- a/server/src/index.ts
+++ b/server/src/index.ts
@@ -16,15 +16,28 @@ initDb();
 const app = express();
 const port = process.env.PORT || 4000;
 
+const allowedOrigins = [
+    process.env.CORS_ORIGIN || "http://localhost:3000",
+    "http://localhost:3000",
+    "http://127.0.0.1:3000",
+    "http://192.168.1.131:3000"
+];
+
 app.use(cors({
-    origin: process.env.CORS_ORIGIN || "http://localhost:3000",
+    origin: (origin, callback) => {
+        if (!origin || allowedOrigins.includes(origin)) {
+            callback(null, true);
+        } else {
+            callback(new Error('Not allowed by CORS'));
+        }
+    },
     methods: ["GET", "POST"]
 }));
 
 const server = http.createServer(app);
 const io = new Server(server, {
     cors: {
-        origin: process.env.CORS_ORIGIN || "http://localhost:3000",
+        origin: allowedOrigins,
         methods: ["GET", "POST"]
     }
 });
@@ -408,6 +421,7 @@ io.on('connection', (socket) => {
     // --- ADMIN COMMANDS ---
 
     socket.on('admin_get_data', async () => {
+        console.log('[ADMIN] Petición de datos del dashboard');
         const activeGamesData = Object.values(games).map(g => ({
             id: g.state.roomId,
             name: g.roomName,