diff --git a/gestion/gen_confs/firewall4.py b/gestion/gen_confs/firewall4.py
index 6ce75b14..79cf1437 100755
--- a/gestion/gen_confs/firewall4.py
+++ b/gestion/gen_confs/firewall4.py
@@ -561,6 +561,8 @@ class firewall_komaz(firewall_base_routeur):
         if table == 'filter':
             pretty_print(table, chain)
             for net in NETs['adm']:
+                self.add(table, chain, '-o %s -s %s -j ACCEPT' % (dev['tun-ovh'], net))
+                self.add(table, chain, '-i %s -d %s -j ACCEPT' % (dev['tun-ovh'], net))
                 self.add(table, chain, '-d %s -j REJECT' % net)
             print OK