diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
index b41003a6105..fb9e9b737b8 100644
--- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
@@ -1385,9 +1385,14 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
 
         long networkAclId = NetworkACL.DEFAULT_DENY;
         if (aclId != null) {
-            if ( _networkAclDao.findById(aclId) == null) {
+            NetworkACLVO aclVO = _networkAclDao.findById(aclId);
+            if ( aclVO == null) {
                 throw new InvalidParameterValueException("Invalid network acl id passed ");
             }
+            if (aclVO.getVpcId() != vpcId ) {
+                throw new InvalidParameterValueException("Private gateway and network acl are not in the same vpc");
+            }
+
             networkAclId = aclId;
         }