Clarify some terms

Forum|Forum|9 years ago
October 17, 2016
2 replies
6115 views

Hello everyone,

I got confused , could you please help to understand below terms:

1- Wan-opt ,Explicit proxy ,web chache

2- why should use ssl offloading ?

I've read some of the topics, but I did not understand very well, because my not so good.

Thanks

CADAuthor

New Member

I hope one interacts

1-do you configure of wanopt requires at least 2 FortiGate devices? ,or if it is configured on a single device performs the same purpose.

2-what the benefit of allowing internet through Explicit proxy?

Thanks

CADAuthor

New Member

i want to enable web cache for the following topology:

Internet ----->forigate------>internal network

do you i need to configure explicit proxy and wanopt to enable web cache? please advise

CADAuthor

New Member

well, i want someone review my config below and advise me accordingly:

-config system settings

- set wccp-cache-engine enable

--------------------config wanopt profile-------------------------- edit "default" set transparent enable set comments "" set auth-group '' config http set status enable set secure-tunnel disable set byte-caching enable set prefer-chunking fix set tunnel-sharing private set log-traffic enable set port 80 set ssl disable set unknown-http-version tunnel set tunnel-non-http disable end config cifs set status enable set secure-tunnel disable set byte-caching enable set prefer-chunking fix set tunnel-sharing private set log-traffic enable set port 445 end config mapi set status disable set secure-tunnel disable set byte-caching enable set tunnel-sharing private set log-traffic enable set port 135 end config ftp set status disable set secure-tunnel disable set byte-caching enable set prefer-chunking fix set tunnel-sharing private set log-traffic enable set port 21 end config tcp set status enable set secure-tunnel disable set byte-caching disable set byte-caching-opt mem-only set tunnel-sharing private set log-traffic enable set port 1-65535 set ssl disable end

Note: i have FG200D running with firmware 5.2.8

CADAuthor

New Member

Thanks for reply,

Already read this topic, but I need your advice to. Based on your experience.

Thanks

CADAuthor

New Member

the above configuration is correct ?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded