Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
CAD
Contributor

Created on ‎10-17-2016 12:23 AM

Clarify some terms

Hello everyone,

 

I got confused , could you please help to understand below terms:

 

1- Wan-opt ,Explicit proxy ,web chache

2- why should use ssl offloading ? 

 

I've read some of the topics, but I did not understand very well, because my not so good.

 

Thanks

4498
0 Kudos
6 REPLIES 6
CAD
Contributor

Created on ‎10-17-2016 05:30 AM

I hope one interacts 

 

1-do you configure of wanopt requires at least 2 FortiGate devices? ,or if it is configured on a single device performs the same purpose.

 

2-what the benefit of allowing internet through Explicit proxy?

 

Thanks

2198
0 Kudos
CAD
Contributor
In response to CAD

Created on ‎10-17-2016 06:53 AM

i want to enable web cache  for the following topology:

 

Internet ----->forigate------>internal network  

 

do you i need to configure explicit proxy and wanopt to enable web cache? please advise

2198
0 Kudos
CAD
Contributor
In response to CAD

Created on ‎10-18-2016 04:35 AM

well, i want someone review my config below and advise me accordingly:

-config system settings

- set wccp-cache-engine enable

 

--------------------config wanopt profile-------------------------- edit "default" set transparent enable set comments "" set auth-group '' config http set status enable set secure-tunnel disable set byte-caching enable set prefer-chunking fix set tunnel-sharing private set log-traffic enable set port 80 set ssl disable set unknown-http-version tunnel set tunnel-non-http disable end config cifs set status enable set secure-tunnel disable set byte-caching enable set prefer-chunking fix set tunnel-sharing private set log-traffic enable set port 445 end config mapi set status disable set secure-tunnel disable set byte-caching enable set tunnel-sharing private set log-traffic enable set port 135 end config ftp set status disable set secure-tunnel disable set byte-caching enable set prefer-chunking fix set tunnel-sharing private set log-traffic enable set port 21 end config tcp set status enable set secure-tunnel disable set byte-caching disable set byte-caching-opt mem-only set tunnel-sharing private set log-traffic enable set port 1-65535 set ssl disable end

 

Note: i have FG200D running with firmware 5.2.8

2193
0 Kudos
CAD
Contributor
In response to CAD

Created on ‎10-18-2016 04:42 AM

follow,

config firewall policy 

edit""

set webcache enable

set wanopt enable

 

2193
0 Kudos
CAD
Contributor

Created on ‎10-18-2016 10:17 PM

Thanks for reply,

Already read this topic, but I need your advice to. Based on your experience.

 

Thanks

2193
0 Kudos
CAD
Contributor
In response to CAD

Created on ‎10-23-2016 05:59 AM

the above configuration is correct ?

2193
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.