A never-admit policy has an option (Web only) to redirect the user to another web page. (See Set a Never-Admit Policy in PacketGuide.)

In addition, rate policies have an option for redirecting HTTP traffic to a user-specified URL when there isn't enough bandwidth to guarantee rate requests. (See Apply Admission Control.)

How PacketShaper web redirection works when no proxy is in place:

1. The client machine attempts to connect to a web server via port 80. The PacketShaper allows the SYN, SYN-ACK, and ACK packets to go through.
2. The fourth packet with a GET request for the URL is stopped by the PacketShaper and dropped. This is not seen by the client machine.
3. The PacketShaper responds to the GET with a "302" HTTP code which is for redirection. This includes the URL of the new page to which the client is being redirected.
4. The PacketShaper sends a TCP RST packet to both client and web server to close this connection.
5. After having received the "302" message, the web browser will automatically open a new connection to the new page.