Redirect Service
Overview
Redirect Service redirects HTTP and SMTP traffic.
HTTP Redirect
HTTP redirect forwards the client’s HTTP request (except HTTP traffic destined for the Zyxel Device) to a web proxy server.
SMTP Redirect
SMTP redirect forwards the authenticated client’s SMTP message to a SMTP server, that handles all outgoing e-mail messages.
The Zyxel Device forwards SMTP traffic using TCP port 25.
Web Proxy Server
A proxy server helps client devices make indirect requests to access the Internet or outside network resources/services. A proxy server can act as a security policy or an ALG (application layer gateway) between the private network and the Internet or other networks. It also keeps hackers from knowing internal IP addresses.
A client connects to a web proxy server each time he/she wants to access the Internet. The web proxy provides caching service to allow quick access and reduce network usage. The proxy checks its local cache for the requested web resource first. If it is not found, the proxy gets it from the specified server and forwards the response to the client.
HTTP Redirect, Security Policy and Policy Route
With HTTP redirect, the relevant packet flow for HTTP traffic is:
1 Security Policy
2 Application Patrol
3 HTTP Redirect
4 Policy Route
Even if you set a policy route to the same incoming interface and service as a HTTP redirect rule, the Zyxel Device checks the HTTP redirect rules first and forwards HTTP traffic to a proxy server if matched. You need to make sure there is no security policy blocking the HTTP requests from the client to the proxy server.
You also need to manually configure a policy route to forward the HTTP traffic from the proxy server to the Internet.
SMTP
Simple Mail Transfer Protocol (SMTP) is the Internet’s message transport standard. It controls the sending of e-mail messages between servers. E-mail clients (also called e-mail applications) then use mail server protocols such as POP (Post Office Protocol) or IMAP (Internet Message Access Protocol) to retrieve e-mail. E-mail clients also generally use SMTP to send messages to a mail server. The older POP2 requires SMTP for sending messages while the newer POP3 can be used with or without it. This is why many e-mail applications require you to specify both the SMTP server and the POP or IMAP server (even though they may actually be the same server).
SMTP Redirect, Firewall and Policy Route
With SMTP redirect, the relevant packet flow for SMTP traffic is:
1 Firewall
2 SMTP Redirect
3 Policy Route
Even if you set a policy route to the same incoming interface and service as a SMTP redirect rule, the Zyxel Device checks the SMTP redirect rules first and forwards SMTP traffic to a SMTP server if matched. You need to make sure there is no firewall rule(s) blocking the SMTP traffic from the client to the SMTP server.
You also need to manually configure a policy route to forward the SMTP traffic from the SMTP server to the Internet.
Redirect Service
This screen displays the summary of the redirect rules.
Note: You can configure up to one HTTP redirect rule and one SMTP redirect rule for each (incoming) interface.
Configuration > Network > Redirect Service
Label | Description |
Add | Click this to create a new entry. |
Edit | Double-click an entry or select it and click Edit to open a screen where you can modify the entry’s settings. |
Remove | To remove an entry, select it and click Remove. The Zyxel Device confirms you want to remove it before doing so. |
Activate | To turn on an entry, select it and click Activate. |
Inactivate | To turn off an entry, select it and click Inactivate. |
# | This field is a sequential value, and it is not associated with a specific entry. |
Status | This icon is lit when the entry is active and dimmed when the entry is inactive. |
Service | This is the name of the service: HTTP or SMTP. |
Name | This is the descriptive name of a rule. |
User/Group | This is the user account or user group name to which this rule is applied. |
Interface | This is the interface on which the request must be received. |
Source Address | This is the name of the source IP address object from which the traffic should be sent. If any displays, the rule is effective for every source. |
Server | This is the IP address of the HTTP proxy server or the SMTP server to which the matched traffic is forwarded. |
Port | This is the service port number used by the HTTP proxy server or SMTP server. |
Apply | Click Apply to save your changes back to the Zyxel Device. |
Reset | Click Reset to return the screen to its last-saved settings. |
Redirect Service Edit
Network > Redirect Service > Edit
Label | Description |
Enable | Use this option to turn the Redirect Service rule on or off. |
Service | Select the service to be redirected: HTTP Redirect or SMTP redirect. |
Name | Enter a name to identify this rule. You may use 1-31 alphanumeric characters, underscores(_), or dashes (-), but the first character cannot be a number. This value is case-sensitive. |
Criteria | |
User | Select the user account or user group name to which this rule is applied. |
Interface | Select the interface on which the request must be received for the Zyxel Device to forward it to the specified server. |
Source Address | Select the name of the source IP address object from which the traffic should be sent. Select any for the rule to be effective for every source. |
Redirect Settings | |
Server | Enter the IP address of the HTTP proxy or SMTP server. |
Port | Enter the port number that the HTTP proxy or SMTP server uses. |
OK | Click OK to save your changes back to the Zyxel Device. |
Cancel | Click Cancel to exit this screen without saving. |