diff --git a/digitalocean/resource_digitalocean_firewall.go b/digitalocean/resource_digitalocean_firewall.go
index bac53511..af5327ca 100644
--- a/digitalocean/resource_digitalocean_firewall.go
+++ b/digitalocean/resource_digitalocean_firewall.go
@@ -85,6 +85,12 @@ func resourceDigitalOceanFirewall() *schema.Resource {
 						"port_range": {
 							Type:     schema.TypeString,
 							Optional: true,
+							DiffSuppressFunc: func(k, oldV, newV string, d *schema.ResourceData) bool {
+								if oldV == "0" && newV == "all" {
+									return true
+								}
+								return (oldV == newV)
+							},
 						},
 						"source_addresses": {
 							Type:     schema.TypeList,
@@ -122,6 +128,12 @@ func resourceDigitalOceanFirewall() *schema.Resource {
 						"port_range": {
 							Type:     schema.TypeString,
 							Optional: true,
+							DiffSuppressFunc: func(k, oldV, newV string, d *schema.ResourceData) bool {
+								if oldV == "0" && newV == "all" {
+									return true
+								}
+								return (oldV == newV)
+							},
 						},
 						"destination_addresses": {
 							Type:     schema.TypeList,
diff --git a/digitalocean/resource_digitalocean_firewall_test.go b/digitalocean/resource_digitalocean_firewall_test.go
index 1f1ae886..8e9f0a2e 100644
--- a/digitalocean/resource_digitalocean_firewall_test.go
+++ b/digitalocean/resource_digitalocean_firewall_test.go
@@ -167,6 +167,35 @@ func TestAccDigitalOceanFirewall_MultipleInboundAndOutbound(t *testing.T) {
 	})
 }
 
+func TestAccDigitalOceanFirewall_fullPortRange(t *testing.T) {
+	rName := acctest.RandString(10)
+	var firewall godo.Firewall
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckDigitalOceanFirewallDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDigitalOceanFirewallConfig_fullPortRange(rName),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckDigitalOceanFirewallExists("digitalocean_firewall.foobar", &firewall),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "inbound_rule.#", "1"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "inbound_rule.0.port_range", "0"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "inbound_rule.0.protocol", "tcp"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "inbound_rule.0.source_addresses.#", "1"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "inbound_rule.0.source_addresses.0", "192.168.1.1/32"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "outbound_rule.#", "1"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "outbound_rule.0.port_range", "0"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "outbound_rule.0.protocol", "tcp"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "outbound_rule.0.destination_addresses.#", "1"),
+					resource.TestCheckResourceAttr("digitalocean_firewall.foobar", "outbound_rule.0.destination_addresses.0", "192.168.1.2/32"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccDigitalOceanFirewall_ImportMultipleRules(t *testing.T) {
 	resourceName := "digitalocean_firewall.foobar"
 	rName := acctest.RandString(10)
@@ -290,6 +319,24 @@ func testAccDigitalOceanFirewallConfig_MultipleInboundAndOutbound(tagName string
 	`, tagName, rName, tagName, tagName)
 }
 
+func testAccDigitalOceanFirewallConfig_fullPortRange(rName string) string {
+	return fmt.Sprintf(`
+resource "digitalocean_firewall" "foobar" {
+	name          = "%s"
+	inbound_rule {
+		protocol         = "tcp"
+		port_range       = "all"
+		source_addresses = ["192.168.1.1/32"]
+	}
+	outbound_rule {
+		protocol              = "tcp"
+		port_range            = "all"
+		destination_addresses = ["192.168.1.2/32"]
+	}
+}
+`, rName)
+}
+
 func testAccCheckDigitalOceanFirewallDestroy(s *terraform.State) error {
 	client := testAccProvider.Meta().(*godo.Client)