Technical Tip: How to enable Explicit Proxy

DPadula · ‎01-09-2024

Description

This article describes how to enable Explicit Proxy on FortiGate with different versions of FortiOS.

Scope

FortiGate.

Solution

For FortiGate v7.0.x and previous:

Go to System -> Feature Visibility, enable Explicit Proxy, and select 'Apply'.

7.0.x_previous.png

For FortiGate v7.2.x or later, in some models, the option above may be greyed out. To enable it:

From CLI:

config system settings

set gui-proxy-inspection enable

end

Note:

The commands above enable Proxy Features on the FortiGate (for example, enabling proxy inspection in firewall policies). However, this is not enough to enable the Explicit Proxy feature, which still needs to be enabled from Feature Visibility in the following steps.

7.2.x_future.JPG

From the GUI: Go to System -> Feature Visibility, enable Explicit Proxy, and select 'Apply'.

7.4.x_gui.png

Enabling this feature will also enable and allow administrators to create Authentication Rules and Schemes on the FortiGate.

Note:

It was reported by users and tested in the lab that in v7.2.6, the explicit proxy feature is disabled after reboot. The latest version, v7.2.9, is not affected by the issue; explicit proxy is kept enabled after reboot, as it is supposed to. Effective from v7.4.4 and later, explicit proxy features are no longer supported on FortiGate models with 2 GB RAM or less.

Technical Tip: How to enable Explicit Proxy

You are leaving our website