diff --git a/proxmox-ve-config/src/firewall/parse.rs b/proxmox-ve-config/src/firewall/parse.rs
index 93cf014..7bf00c0 100644
--- a/proxmox-ve-config/src/firewall/parse.rs
+++ b/proxmox-ve-config/src/firewall/parse.rs
@@ -2,6 +2,8 @@ use std::fmt;
 
 use anyhow::{bail, format_err, Error};
 
+const NAME_SPECIAL_CHARACTERS: [u8; 2] = [b'-', b'_'];
+
 /// Parses out a "name" which can be alphanumeric and include dashes.
 ///
 /// Returns `None` if the name part would be empty.
@@ -16,10 +18,14 @@ use anyhow::{bail, format_err, Error};
 /// assert_eq!(match_name(" someremainder"), None);
 /// ```
 pub fn match_name(line: &str) -> Option<(&str, &str)> {
+    if !line.starts_with(|c: char| c.is_ascii_alphabetic()) {
+        return None;
+    }
+
     let end = line
         .as_bytes()
         .iter()
-        .position(|&b| !(b.is_ascii_alphanumeric() || b == b'-'));
+        .position(|&b| !(b.is_ascii_alphanumeric() || NAME_SPECIAL_CHARACTERS.contains(&b)));
 
     let (name, rest) = match end {
         Some(end) => line.split_at(end),
diff --git a/proxmox-ve-config/src/firewall/types/alias.rs b/proxmox-ve-config/src/firewall/types/alias.rs
index 43c6486..e6aa30d 100644
--- a/proxmox-ve-config/src/firewall/types/alias.rs
+++ b/proxmox-ve-config/src/firewall/types/alias.rs
@@ -147,6 +147,20 @@ impl FromStr for Alias {
 mod tests {
     use super::*;
 
+    #[test]
+    fn test_parse_alias() {
+        for alias in [
+            "local_network 10.0.0.0/32",
+            "test-_123-___-a---- 10.0.0.1/32",
+        ] {
+            alias.parse::<Alias>().expect("valid alias");
+        }
+
+        for alias in ["-- 10.0.0.1/32", "0asd 10.0.0.1/32", "__test 10.0.0.0/32"] {
+            alias.parse::<Alias>().expect_err("invalid alias");
+        }
+    }
+
     #[test]
     fn test_parse_alias_name() {
         for name in ["dc/proxmox_123", "guest/proxmox-123"] {