FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
1) Enable Explicit Proxy feature under System -> Config ->
Features in GUI or by running the following CLI commands:
# config system global
(global) # set gui-explicit-proxy enable
(global) # end
2) Check 'HTTP / HTTPS' option to enable Explicit Web Proxy under
System -> Network -> Explicit Proxy in the GUI or by running
the following CLI commands:
# config web-proxy explicit
(explicit) # set status enable
(explicit) # end
3) Check 'Enable Explicit Web Proxy' on the Interface which the
workstation is connected to under System -> Network ->
Interface in the GUI or by running the following CLI
commands:
# config system interface
(interface) # edit internal
(internal) # set explicit-web-proxy enable
(internal) # end
4) Configure a static default route, if not already
configured under System -> Network -> Routing Table in
the GUI or by running the following CLI commands:
# config router static
static) # edit 1
(1) # set gateway <The default gateway IP address>
(1) # end
5) Configure an Explicit Proxy policy for the traffic which is
coming from the workstation to 'any' interface under Policy &
Objects -> Policy -> Explicit Proxy in the GUI or by running
the following CLI commands:
# config firewall explicit-proxy-policy
(explicit-proxy-p~icy) # edit 1
(1) # set proxy web
(1) # set dstintf any
(1) # set srcaddr all
(1) # set dstaddr all
(1) # set service webproxy
(1) # set action accept
(1) # set schedule always
(1) # end
On the Windows Workstation:
Configure the Internet browser to use Web Proxy:
1) Configure proxy server based on the address of the Management
IP* of the Transparent mode
2) Choose the port number based on the HTTP port number setting of
Explicit Proxy configuration on FortiGate # By default, it
is 8080 #
* this is different than the default Gateway of the
Workstation
