diff --git a/ChangeLog b/ChangeLog
index d9b6574d..de743bd4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,6 +16,7 @@ fwknop-2.0.1 (07//2012):
       process to ensure that fwknop is not leaking memory.
     - [test suite] Bug fix on Mac OS X systems to account for libfko.dylib path
       instead of libfko.so.  This fixes the existence check for libfko.
+    - [test suite] Added tests for --nat-local mode.
     - Minor gcc warning fix: fko_decode.c:43:17: warning: variable ‘edata_size’
       set but not used [-Wunused-but-set-variable].
 
diff --git a/server/fw_util_iptables.c b/server/fw_util_iptables.c
index 555eef21..0f374336 100644
--- a/server/fw_util_iptables.c
+++ b/server/fw_util_iptables.c
@@ -693,13 +693,10 @@ process_spa_request(const fko_srv_options_t *opts, const acc_stanza_t *acc, spa_
                 log_msg(LOG_ERR, "Error %i from cmd:'%s': %s", res, cmd_buf, err_buf);
 
         }
-
-        /* Make our FORWARD and NAT rules
-        */
-        if(fwd_chain->to_chain != NULL && strlen(fwd_chain->to_chain))
+        else if(fwd_chain->to_chain != NULL && strlen(fwd_chain->to_chain))
         {
-
-            /* Make sure the required jump rule exists
+            /* Make our FORWARD and NAT rules, and make sure the
+             * required jump rule exists
             */
             if (jump_rule_exists(IPT_FORWARD_ACCESS) == 0)
                 add_jump_rule(opts, IPT_FORWARD_ACCESS);
diff --git a/test/test-fwknop.pl b/test/test-fwknop.pl
index 18f04783..9020f9e6 100755
--- a/test/test-fwknop.pl
+++ b/test/test-fwknop.pl
@@ -967,6 +967,27 @@ my @tests = (
         'server_conf' => $nat_conf,
         'fatal'    => $NO
     },
+    {
+        'category' => 'Rijndael SPA',
+        'subcategory' => 'client+server',
+        'detail'   => "local NAT non-FORCE_NAT (tcp/22 ssh)",
+        'err_msg'  => "could not complete NAT SPA cycle",
+        'function' => \&spa_cycle,
+        'cmdline'  => "LD_LIBRARY_PATH=$lib_dir $valgrind_str " .
+            "$fwknopCmd -A tcp/80 -a $fake_ip -D $loopback_ip --get-key " .
+            "$local_key_file --verbose --verbose --nat-local --nat-port 22",
+        'fwknopd_cmdline'  => "LD_LIBRARY_PATH=$lib_dir $valgrind_str " .
+            "$fwknopdCmd -c $local_nat_fwknopd_conf -a $default_access_conf " .
+            "-d $default_digest_file -p $default_pid_file $intf_str",
+        'server_positive_output_matches' => [qr/to\:$fake_ip\:22/i,
+            qr/FWKNOP_INPUT.*dport\s22.*\sACCEPT/],
+        'server_negative_output_matches' => [qr/to\:$internal_nat_host\:22/i],
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'server_conf' => $nat_conf,
+        'fatal'    => $NO
+    },
+
     {
         'category' => 'Rijndael SPA',
         'subcategory' => 'client+server',