SANGFOR IAM v2.1 User Manual
85
In the [Firewall Rule List], information of [Service], [Source IP Group], [Destination IP Group]
can be configured in the corresponding page of [Object] or you can click the <Add> button
followed to create a new one. For detailed configuration of each object, please refer to the
corresponding section in Chapter 4 Object.
[WAN<->LAN] is a most common firewall rule. The IAM gateway device has some
built-in and frequently-used firewall rules which default to let pass all the data packets from the
external networks.
5.1.4.
VPN <-> WAN
[VPN<->WAN] configures the firewall filtering rule for data transmission fulfilled between the
VPN interface and WAN interface. If the VPN client connects to the headquarters‟ VPN device
and gets access to the Internet through it, you then can configure the filtering rule of
[VPN<->WAN] on the headquarters‟ VPN device to control the Internet access request sent from
the client terminal (branch VPN user or mobile VPN user).
The configuration page is as shown below: