diff --git a/documentation/docs/components/operators/snippets/wg-exit-policy-test.mdx b/documentation/docs/components/operators/snippets/wg-exit-policy-test.mdx
index e69de29bb2..f8a25006f3 100644
--- a/documentation/docs/components/operators/snippets/wg-exit-policy-test.mdx
+++ b/documentation/docs/components/operators/snippets/wg-exit-policy-test.mdx
@@ -0,0 +1,39 @@
+import { Tabs } from 'nextra/components';
+import { Steps } from 'nextra/components';
+
+import ExitPolicyTestServer from 'components/operators/snippets/wg-exit-policy-testing-from-server.mdx';
+import ExitPolicyTestOutside from 'components/operators/snippets/wg-exit-policy-testing-from-outside.mdx';
+
+**For all routing configuration we provide one tool [`network-tunnel-manager.sh` (NTM)](https://raw.githubusercontent.com/nymtech/nym/refs/heads/develop/scripts/wireguard-exit-policy/wireguard-exit-policy-manager.sh). This tool manages WireGuard tests all configurations, including WireGuard exit policy as well.**
+
+
+You can use NTM to validate the application of the IP tables routes on your `nym-node` by checking it from the server side as well as from the outside.
+
+
+ From the server,
+ From the outside - using NymVPN
+ ]} defaultIndex={0}>
+
+
+
+
+
+
+If all works , your node has successfully implemented WireGuard exit policy with the same routing permissions like [Nym exit policy](https://nymtech.net/.wellknown/network-requester/exit-policy.txt) used on 5-hop (Mixnet) for TCP routing.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/documentation/docs/components/operators/snippets/wg-exit-policy-testing-from-outside.mdx b/documentation/docs/components/operators/snippets/wg-exit-policy-testing-from-outside.mdx
index ebc11c315c..35b61745db 100644
--- a/documentation/docs/components/operators/snippets/wg-exit-policy-testing-from-outside.mdx
+++ b/documentation/docs/components/operators/snippets/wg-exit-policy-testing-from-outside.mdx
@@ -1,9 +1,29 @@
+import { Steps } from 'nextra/components';
+
+Here are a few ways you can ensre your WireGuard exit policy is working correctly from the outside.
+
+
+
+###### 1. Using NymVPN
+
+- Connect to NymVPN and use your node as an Exit Gateway in dVPN (2-hop) mode
+
+- While connected to NymVPN, navigate to [`portquiz.net:12345`](http://portquiz.net:12345) and see if you can load the page
+
+- It shouldn't load, but if you navigate to some of the accepted ports, like[`portquiz.net:443`](http://portquiz.net:443) it should all work
+
+###### 2. Test it from your local terminal
+
- Install these dependencies on your local machine:
```shell
sudo apt install tcpdump
sudo tcpdump -i nymwg -n
```
-- Connect to [NymVPN](https://nym.com) and select your node as an Exit Gateway (after running the exit policy [manager script](#wireguard-exit-policy-configuration))
+- Connect to [NymVPN](https://nym.com) and select your node as an Exit Gateway
+
- Run the `tcpdump` command before registering
-- Have the output of the `echo $BLOCKED_IP` from your node and try to go into your browser or a registered client and try to connect - It will not resolve.
+
+- Have the output of the `echo $BLOCKED_IP` from your node and try to go into your browser or a registered client and try to connect - It should not resolve
+
+ Steps>
\ No newline at end of file
diff --git a/documentation/docs/components/operators/snippets/wg-exit-policy-testing-from-server.mdx b/documentation/docs/components/operators/snippets/wg-exit-policy-testing-from-server.mdx
index 02fe54adfa..501dcc3876 100644
--- a/documentation/docs/components/operators/snippets/wg-exit-policy-testing-from-server.mdx
+++ b/documentation/docs/components/operators/snippets/wg-exit-policy-testing-from-server.mdx
@@ -1,11 +1,39 @@
-Run this command to define variable `BLOCKED_IP` and try to `ping` it:
+import { Steps } from 'nextra/components';
+import { AccordionTemplate } from 'components/accordion-template.tsx';
+import ExitPolicyTestOutput from 'components/operators/snippets/wg-exit-policy-test-output.mdx';
+
+
+
+
+###### 1. Make sure to have the latest NTM:
+```sh
+curl -L https://raw.githubusercontent.com/nymtech/nym/refs/heads/develop/scripts/nym-node-setup/network-tunnel-manager.sh -o network-tunnel-manager.sh && \
+chmod +x network-tunnel-manager.sh && \
+./network-tunnel-manager.sh --help
+```
+
+###### 2. Run tests with NTM
+```sh
+./network-tunnel-manager.sh exit_policy_test_connectivity
+./network-tunnel-manager.sh exit_policy_tests
+```
+
+- The output should look like this:
+
+
+ AccordionTemplate>
+
+###### 3. Optionally you can do some manual sanity checks
+- Run this command to define variable `BLOCKED_IP` and try to `ping` it:
```shell
BLOCKED_IP=$(grep "ExitPolicy reject" /etc/nym/exit-policy.txt | head -1 | sed -E 's/ExitPolicy reject ([^:]+):.*/\1/' | sed 's/\/.*$//')
ping -c 3 $BLOCKED_IP
```
-You should see `100% packet loss` as an outcome.
+- You should see `100% packet loss` as an outcome.
```shell
telnet $BLOCKED_IP 80
```
-You should see `telnet: Unable to connect to remote host: Connection timed out`.
+- You should see `telnet: Unable to connect to remote host: Connection timed out`.
+
+ Steps>
\ No newline at end of file