ZyXEL Communications 1000 ユーザーズマニュアル

Chapter 20 HTTP Redirect

ZyWALL USG 1000 User’s Guide

A proxy server helps client devices make indirect requests to access the Internet 
or outside network resources/services. A proxy server can act as a firewall or an 
ALG (application layer gateway) between the private network and the Internet or 
other networks. It also keeps hackers from knowing internal IP addresses.

A client connects to a web proxy server each time he/she wants to access the 
Internet. The web proxy provides caching service to allow quick access and reduce 
network usage. The proxy checks its local cache for the requested web resource 
first. If it is not found, the proxy gets it from the specified server and forwards the 
response to the client. 

With HTTP redirect, the relevant packet flow for HTTP traffic is:

Firewall

Application Patrol 

HTTP Redirect

Policy Route 

Even if you set a policy route to the same incoming interface and service as a 
HTTP redirect rule, the ZyWALL checks the HTTP redirect rules first and forwards 
HTTP traffic to a proxy server if matched. You need to make sure there is no 
firewall rule(s) blocking the HTTP requests from the client to the proxy server. 

You also need to manually configure a policy route to forward the HTTP traffic from 
the proxy server to the Internet. To make the example in 

work, make sure you have the following settings.

For HTTP traffic between ge1 and ge4: 

• a from LAN to WAN firewall rule (default) to allow HTTP requests from ge1 to 

ge4. Responses to this request are allowed automatically.

• a application patrol rule to allow HTTP traffic between ge1 and ge4.
• a HTTP redirect rule to forward HTTP traffic from ge1 to proxy server A. 

For HTTP traffic between ge4 and ge2:

• a from DMZ to WAN firewall rule (default) to allow HTTP requests from ge4 to 

ge2. Responses to these requests are allowed automatically.