diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
index 3db9a2d1713..ff88354dc49 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
@@ -33,6 +33,8 @@ usage() {
 add_snat() {
   logger -t cloud "$(basename $0):Added SourceNAT $pubIp on interface $ethDev"
   vpccidr=$(getVPCcidr)
+  sudo iptables -D FORWARD -s $vpccidr ! -d $vpccidr -j ACCEPT
+  sudo iptables -A FORWARD -s $vpccidr ! -d $vpccidr -j ACCEPT
   sudo iptables -t nat -D POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
   sudo iptables -t nat -A POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
   return $?