ZyXEL Communications ZyWALL 1000 User Manual

ZyWALL USG 1000 User’s Guide

This chapter shows you how to configure HTTP redirection on your ZyWALL. See 

 for related information on these screens.

HTTP redirect forwards the client’s HTTP request (except HTTP traffic destined for the 
ZyWALL) to a web proxy server.

A proxy server helps client devices make indirect requests to access the Internet or outside 
network resources/services. A proxy server can act as a firewall or an ALG (application layer 
gateway) between the private network and the Internet or other networks. It also keeps hackers 
from knowing internal IP addresses.
A client connects to a web proxy server each time he/she wants to access the Internet. The web 
proxy provides caching service to allow quick access and reduce network usage. The proxy 
checks its local cache for the requested web resource first. If it is not found, the proxy gets it 
from the specified server and forwards the response to the client. 

With HTTP redirect, the relevant packet flow for HTTP traffic is:

1 Firewall
2 Application Patrol 
3 HTTP Redirect
4 Policy Route 

Even if you set a policy route to the same incoming interface and service as a HTTP redirect 
rule, the ZyWALL checks the HTTP redirect rules first and forwards HTTP traffic to a proxy 
server if matched. You need to make sure there is no firewall rule(s) blocking the HTTP 
requests from the client to the proxy server. 
You also need to manually configure a policy route to forward the HTTP traffic from the 
proxy server to the Internet.