SANGFOR IAM v2.1 User Manual85In the [Firewall Rule List], information of [Service], [Source IP Group], [Destination IP Group]can be configured in the corresponding page of [Object] or you can click the buttonfollowed to create a new one. For detailed configuration of each object, please refer to thecorresponding section in Chapter 4Object.[WAN<->LAN] is a most common firewall rule. The IAM gateway device has somebuilt-in and frequently-used firewall rules which default to let pass all the data packets from theexternal networks.5.1.4.VPN <-> WAN[VPN<->WAN] configures the firewall filtering rule for data transmission fulfilled between theVPN interface and WAN interface. If the VPN client connects to the headquarters‟VPN deviceandgetsaccesstotheInternetthroughit,youthencanconfigurethefilteringruleof[VPN<->WAN] on the headquarters‟VPN device to control the Internet access request sent fromthe client terminal (branch VPN user or mobile VPN user).The configuration page is as shown below:
