VNC port not open in firewall


I trying to setup a 3 node juno on CentOS and most part it is successful. Issue what I am facing is the VNC console access through the Horizon dashboard. I figured the issue is with the iptables on compute node refusing the connection. The workaround I used is to put a firewall rule on compute node to allow the ports 5900-5999.

iptables -A IN_public_allow -p tcp --match multiport --dports 5900:5999 -j ACCEPT

But my question is this should be added to the rules dynamically by nova, right? Am I missing something?

Thanks RV