Inbound Firewall Rules

I have a peplink balance 380 and I have the following configuration:
I have 2 wans
Wan1 38.X.X.10 (Public IP ) and Wan2 24.x.x.15 (Public IP )
on My LAN I have the following:
Vlan1 Webserver (TCP 80 and 443) FTP 20, 21 and 11000 - 13000 (for passive ftp) TCP ports, sFTP port 22 Public IP 38.x.x.10 Sip Server 5060 UDP and RTP Ports 10000 - 12000 UDP Public IP 38x.x.10 Cisco Router for EzVpn Client connectivity Ports UDP 443, 500, 4500 Public IP 38.x.x.10
OpenVPN, Remote management via 443 and Speedfusion so my peers can connect to my peplink.
Vlan2 Webserver TCP Port 8086, Public IP 24.x.x.15
I need to block all in the inbound firewall for both public ip addresses, and allow only what is mentioned above, and
In the outbound, I want to allow only Web, DNS, Mail, and allow my peplink to connect to IPSec tunnels that I have to another Cisco router peer.

I tried to configure the inbound, but whenever I change the default rule to deny any any, my IPSec tunnel to my cisco peer stops working, as well as all the inbound connections that I have configured…
Do you have an example on what I need to do? or do you have some time to connect to my computer so you can check my configuration and tell me what is wrong?
Thank you very much for your help!

Are you using Port Forwarding rules? have to created FW Rules to allow all of those?

What happens if you insert a rule above the Default rule that permits the IPSec ports and IP’s of remote sites? When you have enabled IPSec VPN you must be thinking “this should automatically be allowed traffic”… OPNsense does this sort of thing with auto-generated global fw rules to ensure certain traffic cannot be blocked accidentally.

When you configure a deny, without the appropriate ‘allow’ above it, traffic is gonna get blocked - including IPSec, it seems. Create rules for IPSec IPs/Ports… probly would solve this

It’s working now.
I created the port forwarding rules first and but In the firewall in the source address and port I selected any, in the destination address I entered the local ip address of the devices along with the tcp/udp port…
I’m new with peplink and the way the firewall rules need to be entered are totally different to other appliances.