diff --git a/iptables/templates/iptables-rules.v4.j2 b/iptables/templates/iptables-rules.v4.j2
index 95d93951..683f019f 100644
--- a/iptables/templates/iptables-rules.v4.j2
+++ b/iptables/templates/iptables-rules.v4.j2
@@ -252,14 +252,21 @@
 {% else %}
 # NAT is enabled, we need to accept traffic that is forwarded
 -A FORWARD -j ACCEPT
+{% endif %}
+COMMIT
+{% if iptables_nat_enabled %}
 # NAT rules
 *nat
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
 {% if iptables_nat_specify_interfaces %}
-{% for int in iptables_nat_interface %}
+{% for int in iptables_nat_interfaces %}
 -A POSTROUTING -o {{ int }} -j MASQUERADE
 {% endfor %}
 {% else %}
 -A POSTROUTING  -j MASQUERADE
 {% endif %}
-
 COMMIT
+{% endif %}