Add Access rules to redirect traffic

Define the connections that you want to redirect to a particular Proxy Server in the IPv4 or IPv6 Access rules.

To activate redirection, you use a custom Service element. Both incoming and outgoing connections can be redirected.

If the proxy service is in the cloud, a rule is needed to redirect the matching traffic to the proxy service. If the proxy service is on premises, a rule is needed to redirect the matching traffic to the proxy service and another rule is needed to allow the connection from the proxy service to the actual destination.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Browse to Policies > Firewall Policies.
  3. Right-click a policy, then select Edit Firewall Policy.
  4. Add an IPv4 or IPv6 Access rule that redirects the traffic to the proxy service.
    Source Destination Service Action
    Original source address of the traffic to be inspected (for example, clients in the internal network). Original destination address of the traffic (for example, a web server). Your custom Service element that refers to the Proxy Server. Allow
  5. (When the proxy service is on premises) Add a rule that allows redirecting connections from the proxy service to the original destination.
    Source Destination Service Action
    Proxy Server’s IP address. Original destination IP address (for example, a web server).

    A service element that does not include redirection.

    Allow