diff --git a/FGCP/6.4/DualAZ/FGCP_DualAZ_ExistingVPC.template.json b/FGCP/6.4/DualAZ/FGCP_DualAZ_ExistingVPC.template.json
index 7fde052..96a51b9 100644
--- a/FGCP/6.4/DualAZ/FGCP_DualAZ_ExistingVPC.template.json
+++ b/FGCP/6.4/DualAZ/FGCP_DualAZ_ExistingVPC.template.json
@@ -394,19 +394,26 @@
 						"CidrIp": {
 							"Ref": "CIDRForInstanceAccess"
 						}
-					},
-					{
-						"Description": "Allow local VPC access to FGT",
-						"IpProtocol": "-1",
-						"FromPort": "0",
-						"ToPort": "65535",
-						"CidrIp": {
-							"Ref": "VPCCIDR"
-						}
 					}
 				]
 			}
 		},
+		"InstanceIngress": {
+ 			"DependsOn": "FortiGateSecGrp",
+			"Type": "AWS::EC2::SecurityGroupIngress",
+			"Properties": {
+				"GroupId": {
+					"Ref": "FortiGateSecGrp"
+				},
+				"Description": "Allow FGTs to talk amongst themselves",
+			"IpProtocol": "-1",
+			"FromPort": "0",
+			"ToPort": "65535",
+			"CidrIp": {
+				"Ref": "VPCCIDR"
+				}
+			}
+		},
 		"FortiGateSecGrpHArule": {
 			"DependsOn": "FortiGateSecGrp",
 			"Type": "AWS::EC2::SecurityGroupIngress",