In an enterprise environment, it is common to use proxy chaining to secure the network and for other purposes. Configuring Proxy chaining on Forti Proxy can be done from the below document where the upstream proxy can be any 3rd party proxy: Proxy chaining

It can also be a requirement to send specific URLs or specific traffic to the upstream proxy. Normally, it is required to configure a forwarding server and include the forwarding proxy details on the proxy policy.

When it is required only to send specific traffic to the upstream proxy, below configuration can be done.

1. Remove the forwarding server configuration from the proxy policy to avoid sending all the traffic to the upstream proxy.

config firewall policy
   edit 1
      set type explicit-web
      set name "test proxy"
      set uuid 7cac8578-3f61-51f0-9bed-1a8f308314c8
      set dstintf "port1"
      set srcaddr "all"
      set dstaddr "all"
      set action accept
      set schedule "always"
      set service "webproxy"
      set explicit-web-proxy "web-proxy"
      set utm-status enable
      set logtraffic all
      set log-http-transaction enable
      set ssl-ssh-profile "deep-inspection"
      set av-profile "default"
      set webfilter-profile "default"
      set ips-sensor "default"
      set application-list "default"
   next
end

2. Add a Server URL with the forwarding server details, where the forwarding server is the upstream proxy. It is also possible to add multiple URLs based on the requirement.

config web-proxy url-match
   edit "Youtube"
      set explicit-web-proxy "web-proxy"
      set url-pattern "www.youtube.com"
      set forward-server "Sydlab Squid server"
   next
end

Forwarding Server:

config web-proxy forward-server
   edit "Sydlab Squid server"
      set ip 10.56.140.27
      set healthcheck enable
   next
end

2. Validation from logs: