Chapter 14 Redirect Service
ZyWALL USG Series User’s Guide
449
Even if you set a policy route to the same incoming interface and service as a HTTP redirect rule, the
Zyxel Device checks the HTTP redirect rules first and forwards HTTP traffic to a proxy server if matched.
You need to make sure there is no security policy blocking the HTTP requests from the client to the proxy
server.
You also need to manually configure a policy route to forward the HTTP traffic from the proxy server to
the Internet. To make the example in Figure 310 on page 447 work, make sure you have the following
settings.
For HTTP traffic between lan1 and dmz:
• a from LAN1 to DMZ security policy (default) to allow HTTP requests from lan1 to dmz. Responses to this
request are allowed automatically.
• a application patrol rule to allow HTTP traffic between lan1 and dmz.
• a HTTP redirect rule to forward HTTP traffic from lan1 to proxy server A.
For HTTP traffic between dmz and wan1:
• a from DMZ to WAN security policy (default) to allow HTTP requests from dmz to wan1. Responses to
these requests are allowed automatically.
• a application patrol rule to allow HTTP traffic between dmz and wan1.
• a policy route to forward HTTP traffic from proxy server A to the Internet.
SMTP
Simple Mail Transfer Protocol (SMTP) is the Internet’s message transport standard. It controls the sending
of e-mail messages between servers. E-mail clients (also called e-mail applications) then use mail server
protocols such as POP (Post Office Protocol) or IMAP (Internet Message Access Protocol) to retrieve e-
mail. E-mail clients also generally use SMTP to send messages to a mail server. The older POP2 requires
SMTP for sending messages while the newer POP3 can be used with or without it. This is why many e-mail
applications require you to specify both the SMTP server and the POP or IMAP server (even though they
may actually be the same server).
SMTP Redirect, Firewall and Policy Route
With SMTP redirect, the relevant packet flow for SMTP traffic is:
1 Firewall
2 SMTP Redirect
3 Policy Route
Even if you set a policy route to the same incoming interface and service as a SMTP redirect rule, the
Zyxel Device checks the SMTP redirect rules first and forwards SMTP traffic to a SMTP server if matched.
You need to make sure there is no firewall rule(s) blocking the SMTP traffic from the client to the SMTP
server.
You also need to manually configure a policy route to forward the SMTP traffic from the SMTP server to
the Internet. To make the example in Figure 311 on page 448 work, make sure you have the following
settings.
To Next Page
Loading...
