diff --git a/management/server/types/networkmap.go b/management/server/types/networkmap.go
index c1099726f..21b427b99 100644
--- a/management/server/types/networkmap.go
+++ b/management/server/types/networkmap.go
@@ -3,6 +3,8 @@ package types
 import (
 	"context"
 
+	"gvisor.dev/gvisor/pkg/log"
+
 	nbdns "github.com/netbirdio/netbird/dns"
 	nbpeer "github.com/netbirdio/netbird/management/server/peer"
 	"github.com/netbirdio/netbird/management/server/telemetry"
@@ -29,7 +31,17 @@ func (a *Account) GetPeerNetworkMapExp(
 	metrics *telemetry.AccountManagerMetrics,
 ) *NetworkMap {
 	a.initNetworkMapBuilder(validatedPeers)
-	return a.NetworkMapCache.GetPeerNetworkMap(ctx, peerID, peersCustomZone, validatedPeers, metrics)
+	nmap := a.NetworkMapCache.GetPeerNetworkMap(ctx, peerID, peersCustomZone, validatedPeers, metrics)
+	if len(nmap.Peers) > 0 && len(nmap.FirewallRules) == 0 {
+		log.Debugf("NetworkMapBuilder: generated network map for peer %s with peers but no firewall rules", peerID)
+		a.OnPeerDeletedUpdNetworkMapCache(peerID)
+		a.OnPeerAddedUpdNetworkMapCache(peerID)
+		nmap = a.NetworkMapCache.GetPeerNetworkMap(ctx, peerID, peersCustomZone, validatedPeers, metrics)
+		if len(nmap.Peers) > 0 && len(nmap.FirewallRules) == 0 {
+			log.Debugf("NetworkMapBuilder: regenerated network map for peer %s still has no firewall rules", peerID)
+		}
+	}
+	return nmap
 }
 
 func (a *Account) OnPeerAddedUpdNetworkMapCache(peerId string) error {
diff --git a/management/server/types/networkmapbuilder.go b/management/server/types/networkmapbuilder.go
index 5790f1646..9514d5190 100644
--- a/management/server/types/networkmapbuilder.go
+++ b/management/server/types/networkmapbuilder.go
@@ -224,6 +224,9 @@ func (b *NetworkMapBuilder) buildPeerACLView(account *Account, peerID string) {
 	}
 
 	allPotentialPeers, firewallRules := b.getPeerConnectionResources(account, peer, b.validatedPeers)
+	if len(allPotentialPeers) > 0 && len(firewallRules) == 0 {
+		log.Debugf("NetworkMapBuilder: peer %s - no fwrules was calculated for %d potential peers", peerID, len(allPotentialPeers))
+	}
 
 	isRouter, networkResourcesRoutes, sourcePeers := b.getNetworkResourcesForPeer(account, peer)
 
@@ -1013,6 +1016,8 @@ func (b *NetworkMapBuilder) assembleNetworkMap(
 	for _, ruleID := range aclView.FirewallRuleIDs {
 		if rule := b.cache.globalRules[ruleID]; rule != nil {
 			firewallRules = append(firewallRules, rule)
+		} else {
+			log.Debugf("NetworkMapBuilder: peer %s assembling network map has no fwrule %s in globalRules", peer.ID, ruleID)
 		}
 	}
 
@@ -1988,11 +1993,11 @@ func (b *NetworkMapBuilder) cleanupUnusedRules() {
 		}
 	}
 
-	for ruleID := range b.cache.globalRules {
-		if _, used := usedFirewallRules[ruleID]; !used {
-			delete(b.cache.globalRules, ruleID)
-		}
-	}
+	// for ruleID := range b.cache.globalRules {
+	// 	if _, used := usedFirewallRules[ruleID]; !used {
+	// 		delete(b.cache.globalRules, ruleID)
+	// 	}
+	// }
 
 	for ruleID := range b.cache.globalRouteRules {
 		if _, used := usedRouteRules[ruleID]; !used {