SANGFOR IAM v2.1 User Manual
302
Step 4: Click the <LAN Privilege> button and the [Privilege Settings] configuration dialog pops
up, as shown below:
Step 5: Move the needed services to the service list (move from left to right) and check [Allow].
Select the [Deny] as the [Default Action].
Having completed configuring the above, you have to click the <OK> button to save the settings.
Till then, the configuring of [LAN Service] finishes; the branch1 user (172.16.1.200) can only
access the FTP server (192.168.1.20), and the requests initiated by other IP address of that local
area network will be denied.
These configurations also disable the access requests initiated by the other computers of the
headquarters to access the Branch1. Because the [LAN Service] configurations will deny the
response packet sent from other computers of the headquarters if the destination IP address is not
192.168.1.20 (IP address of the FTP server).
13.3.12.2.
VPN Interface
[VPN Interface] configures the IP address of the virtual network adapter for the VPN service.
The configuration page is as shown below: