Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
**I recommend that you use the new Fortinet Community Portal - FUSE going forwards**
First port of call is the FortiCache Admin Guide but in summary the minimum configuration to get up and running is:
[ul]There are other setting which you can look at changing once you have the basics set up e.g. PAC files, alternate ports, FTP over HTTP but get the basics working first, then move on.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
**I recommend that you use the new Fortinet Community Portal - FUSE going forwards**
First port of call is the FortiCache Admin Guide but in summary the minimum configuration to get up and running is:
[ul]There are other setting which you can look at changing once you have the basics set up e.g. PAC files, alternate ports, FTP over HTTP but get the basics working first, then move on.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
Got this to work earlier.
I posted on this forum since when default port (8080) was used, the browser was
getting "connection refused" errors - I thought I was missing something.
Only when I changed the default port did it work.
I'm surprised the Admin Guide does not have a procedure on this.
Although, I've noticed, video traffic running on HTTPS is not being cached for some reason.
This is actually just a side step, to a more complicated setup which involves the Forticache being
integrated with a FG1000D via WCCP. HTTP caching is working on that setup but HTTPS is not working.
I wanted to try the Explicit Proxy setup just to make sure HTTPS proxy can work.
I've got a ticket opened for the "WCCP-HTTPS" problem, still waiting for an Engineer to take ownership.
Thank you for the reply, your answer leads to a solution.
Carl Windsor wrote:**I recommend that you use the new Fortinet Community Portal - FUSE going forwards**
First port of call is the FortiCache Admin Guide but in summary the minimum configuration to get up and running is:
[ul]Ensure the FortiCache is set up with the basic networking (interface IPs, Static Route, DNS)[ul] If this is a VM, ensure your data disks are mounted, formatted and assigned to the cache process[/ul] Enable Explicit Proxy on the client facing FCH interface under Firewall Objects > Explicit Proxy > Explicit Configure a Firewall Policy between the Explicit Interface and the Internet. Test that this works first, then enable caching (as shown in this screenshot).[ul] To test, change your browser setting to point at the FAC IP on port 8080 if you use the defaults in Firewall Objects > Explicit Proxy > Explicit[/ul][/ul] There are other setting which you can look at changing once you have the basics set up e.g. PAC files, alternate ports, FTP over HTTP but get the basics working first, then move on.
rocampo wrote:Although, I've noticed, video traffic running on HTTPS is not being cached for some reason.
I am assuming you have enabled HTTPS Inspection on the firewall policy. If so, add the following command to the firewall policy (CLI only).
config firewall policy edit 1 set srcintf "Explicit_Proxy" set dstintf "port1" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "webproxy" set utm-status enable set logtraffic all set logtraffic-start enable set log-http-transaction enable set webcache enable set webcache-https any <------ Required to cache video content set profile-protocol-options "default" set deep-inspection-options "default" next end
Dr. Carl Windsor Field Chief Technology Officer Fortinet
That one I missed. :)
Btw, these 2 commands:
set profile-protocol-options "default" set deep-inspection-options "default"
Are not available for Explicit Proxy ---> Internet Facing Interface, Firewall Policy.
Hello, Has there been any solution to got this work. Had the same issue and only HTTP is being cached.
Any idea on how to cache HTTPS?
Support also not helping a lot on this issue.
Regards, Ashley
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.