diff --git a/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php b/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php
index 90bcab8ee..15dabf36c 100644
--- a/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php
+++ b/src/opnsense/mvc/app/library/OPNsense/Firewall/FilterRule.php
@@ -174,6 +174,13 @@ class FilterRule extends Rule
                 $rule['disabled'] = true;
                 $this->log("Gateway down");
             }
+            if (!empty($rule['gateway']) &&
+                  !empty($this->gatewayMapping[$rule['gateway']]) &&
+                  !empty($rule['ipprotocol']) &&
+                  $this->gatewayMapping[$rule['gateway']]['proto'] != $rule['ipprotocol']) {
+                $rule['disabled'] = true;
+                $this->log("Gateway protocol mismatch");
+            }
             if (!isset($rule['quick'])) {
                 // all rules are quick by default except floating
                 $rule['quick'] = !isset($rule['floating']) ? true : false;