diff --git a/neutron/services/vpn/agent.py b/neutron/services/vpn/agent.py
index 8c666b497f6..771a67dce0a 100644
--- a/neutron/services/vpn/agent.py
+++ b/neutron/services/vpn/agent.py
@@ -98,7 +98,7 @@ class VPNAgent(l3_agent.L3NATAgentWithStateReport):
         if not router_info:
             return
         router_info.iptables_manager.ipv4['nat'].remove_rule(
-            chain, rule)
+            chain, rule, top=top)
 
     def iptables_apply(self, router_id):
         """Apply IPtables.
diff --git a/neutron/tests/unit/services/vpn/test_vpn_agent.py b/neutron/tests/unit/services/vpn/test_vpn_agent.py
index 09d7260625c..7b1cab5239a 100644
--- a/neutron/tests/unit/services/vpn/test_vpn_agent.py
+++ b/neutron/tests/unit/services/vpn/test_vpn_agent.py
@@ -127,9 +127,9 @@ class TestVPNAgent(base.BaseTestCase):
         iptables = mock.Mock()
         ri.iptables_manager.ipv4['nat'] = iptables
         self.agent.router_info = {router_id: ri}
-        self.agent.remove_nat_rule(router_id, 'fake_chain', 'fake_rule')
+        self.agent.remove_nat_rule(router_id, 'fake_chain', 'fake_rule', True)
         iptables.remove_rule.assert_called_once_with(
-            'fake_chain', 'fake_rule')
+            'fake_chain', 'fake_rule', top=True)
 
     def test_remove_rule_with_no_router(self):
         self.agent.router_info = {}