diff --git a/cni/network/network_windows.go b/cni/network/network_windows.go
index a0de63283..2de28d113 100644
--- a/cni/network/network_windows.go
+++ b/cni/network/network_windows.go
@@ -252,11 +252,14 @@ func getPoliciesFromRuntimeCfg(nwCfg *cni.NetworkConfig) []policy.Policy {
 			protocol = policy.ProtocolUdp
 		}
 
+		// To support hostport policy mapping
+		// uint32 NatFlagsLocalRoutedVip = 1
 		rawPolicy, _ := json.Marshal(&hnsv2.PortMappingPolicySetting{
 			ExternalPort: uint16(mapping.HostPort),
 			InternalPort: uint16(mapping.ContainerPort),
 			VIP:          mapping.HostIp,
 			Protocol:     protocol,
+			Flags:        hnsv2.NatFlagsLocalRoutedVip,
 		})
 
 		hnsv2Policy, _ := json.Marshal(&hnsv2.EndpointPolicy{
diff --git a/cni/network/network_windows_test.go b/cni/network/network_windows_test.go
index c622a9811..56c84f2e9 100644
--- a/cni/network/network_windows_test.go
+++ b/cni/network/network_windows_test.go
@@ -235,8 +235,21 @@ func TestSetPoliciesFromNwCfg(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "Runtime hostPort mapping polices",
+			nwCfg: cni.NetworkConfig{
+				RuntimeConfig: cni.RuntimeConfig{
+					PortMappings: []cni.PortMapping{
+						{
+							Protocol:      "tcp",
+							HostPort:      44000,
+							ContainerPort: 80,
+						},
+					},
+				},
+			},
+		},
 	}
-
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {