diff --git a/Documentation/troubleshooting.md b/Documentation/troubleshooting.md
index a563c26228..6893b8e52d 100644
--- a/Documentation/troubleshooting.md
+++ b/Documentation/troubleshooting.md
@@ -66,6 +66,8 @@ When using `vxlan` backend, kernel uses UDP port 8472 for sending encapsulated p
 
 Make sure that your firewall rules allow this traffic for all hosts participating in the overlay network.
 
+Make sure that your firewall rules allow traffic from pod network cidr visit your kubernetes master node.
+
 # Kubernetes Specific
 The flannel kube subnet manager relies on the fact that each node already has a `podCIDR` defined.