Firewall/NAT

I have:
 wan  network 192.168.127.0/24 IP 192.168.127.150
 lan  network 192.168.11.0/24 IP 192.168.11.1

I need:
 open access to LAN from WAN
 open access to WAN from LAN

rules: port- *, source- wan *,destination- LAN *,  port- * - not working
rules: port- *, source- wan 192.168.127.0/24, destination- 192.168.11.0/24,  port- * - not working

Please help me? how open access to WAN from LAN?

p.s. sorry for my english!

Enable Advanced NAT on the NAT config.  This will remove the automatic NAT and should allow traffic both ways.

I do this, but result is 0
probably need add some rules to the NAT section, i made it:
soutce 192.168.127.0 destonaton *
or
soutce *,  destonaton *
but its not working!
though ping from 192.168.127.* to 192.168.1.1(its LAN IP m0n0)  passed good! ping from 192.168.127.* to 192.168.1.2(IP pc in LAN)  not passed
 tracert from 192.168.127.* to 192.168.1.2:
1 1ms   1ms  1ms 192.168.127.150
2 1ms   1ms  1ms 192.168.11.1
3 *        *        *
4 *        *         *
etc.

What is the gateway set up on the LAN PC's?  It looks like the traffic is being passed from the WAN subnet (You wouldn't get a reply from the LAN interface if it wasn't)  If the PC's on the LAN subnet do not have 192.168.11.1 as their gateway and you have another router somewhere which is the default route, you will have to add a static route to that router pointing 192.168.127.0/24 to 192.168.11.1.

thanks! I will do it! Thanks once more!

Please tell me,
ping from WAN to LAN - OK
ping from LAN to WAN - OK
LAN rules: port- *, source- LAN *,destination- *,  port- *
WAN rules: port- *, source- WAN, destination- *,  port- *
BUT:
no connect if from WAN try open web page in LAN pc
in log page m0n0:
act       if         Source                            Destination                     Proto

allow  WAN    192.168.127.222, 4700   192.168.11.222, 80         TCP
deny   LAN     192.168.11.222,  80        192.168.127.222,4700    TCP

where is bug???