Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Anonymous
Not applicable

Created on ‎10-10-2023 02:53 AM Edited on ‎09-21-2025 11:49 PM By Community Manager

Article Id 278188

Technical Tip: SD-WAN performance SLA health check with HTTPS protocol

Description This article describes how to configure the HTTPS protocol in the SD-WAN performance SLA for the health check.
Scope FortiGate v7.4.1.
Solution

Configuring HTTPS protocol in SD-WAN performance SLA uses HTTP-GET to test the link with the server.

 

All default HTTP-based health checks are updated to use HTTPS instead, starting v7.4.1.

 

This includes:

  • Default_AWS.
  • Default_FortiGuard.
  • Default_Google Search.
  • Default_Office_365.

 

default.png

CLI Example (Output contains only important information):

 

sh full-configuration system sdwan

    config system sdwan
        set status enable

            config health-check

                edit "Default_Google Search"
                    set server "www.google.com"
                    set protocol https  -------> Default.
                    set interval 1000
                    set probe-timeout 1000
                    set recoverytime 10
                    set update-static-route disable
                        config sla
                            edit 1
                            next
                        end

end

 

When creating a new performance SLA the most commonly used protocols (ping, HTTP, and DNS) can be configured in the GUI  (Network -> SD-WAN -> Performance SLAs -> Create New).

 

However, the protocol HTTPS can be configured through CLI.

 

facebook.png

CLI Example (Output contains only important information):

 

config system sdwan

    config health-check
        edit "Facebook"
            set server "facebook.com"

            set protocol ping -------> Default for new performance SLA.
            set members 1 2
                config sla
                    edit 1
                    next
                end
        next
end

 

 

To configure HTTPS protocol:


config system sdwan

    config health-check

        edit "Facebook"

            set protocol https <-----------
        next

        end
end

 

The same can be verified from the GUI:

 

Facebook https.png

 

Related document:
Support HTTPS performance SLA health checks
4236
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.