Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
oarslan
Staff
Staff

Created on ‎03-02-2022 05:17 AM Edited on ‎02-05-2024 03:42 AM By Community Manager

Article Id 205897

Technical Tip : How To Troubleshoot ICAP

Description This article describes how to Troubleshoot ICAP.
Scope FortiGate.
Solution

ICAP (Internet Content Adaptation Protocol) is an application layer protocol for offloading responsibilities from the firewall to dedicated servers.

 

Only policies that use proxy-based inspection can use ICAP profiles. When you enable ICAP in a policy, all HTTP and HTTPS traffic intercepted by the policy (if HTTPS inspection is supported) is sent to the ICAP server defined by the selected ICAP profile.

The FortiGate receives responses from the ICAP server and forwards them to their intended destination.

To troubleshoot connection issues between FortiGate and ICAP server:

1) Collect following sniffer output:


# diag sniffer packet any 'host <icap_server_ip> and port 1344' 6 none l


2) Collect following WAD debug:


# diag debug reset
# diag debug console timestamp enable
# diag wad debug enable category http
# diag wad debug enable category icap
# diag wad debug enable level info
# diag debug enable
1839
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.