Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
NicholeKaligian
New Contributor

Created on ‎11-10-2022 02:32 AM

HTTP/2 support on a proxy

Hi,

 

I'm using a Fortigate device to configure a proxy in our network that will be used to test our software. This particular proxy needs to support HTTP/2 traffic. Its role is only to be a proxy for this traffic, no security policies or firewalling needs to be done on this traffic. 

 

Looking at the Fortigate documentation, I find some info on what Fortigate can do with this traffic, when using a reversed or 'true transparent' proxy. 

  • From what I understand, a transparent proxy requires the device to be the default gateway? This device is just sitting in the test lab, it currently isn't setup as a gateway (or anything else). 
  • This suggests that the explicit web proxy can't handle HTTP/2 traffic?
Labels:
2415
0 Kudos
4 REPLIES 4
Sheikh
Staff
Staff

Created on ‎11-10-2022 04:11 AM

Hi NicholeKaligian,

 

I was checking internally and found that as per Admin guide, HTTP/2 in FortiOS Proxy mode is supported. I found some articles and that might help you.

 

https://docs.fortinet.com/document/fortiweb/7.0.1/administration-guide/36824/http-2-support

 

https://docs.fortinet.com/document/fortigate/7.0.0/new-features/710924/http-2-support-in-proxy-mode-...

 

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiOS-unencrypted-encrypted-HTTP-2-suppo...

 

regards,

 

Sheikh

**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**
2406
0 Kudos
NicholeKaligian
New Contributor
In response to Sheikh

Created on ‎11-10-2022 04:16 AM

Hi Sheikh,

 

Thank you for your reply.

 

Those are indeed the articles that I had found so far, but that doesn't provide any information on the explicit web proxy specifically. The documentation only mentions reverser proxy and transparent proxy. 

2404
0 Kudos
Sheikh
Staff
Staff
In response to NicholeKaligian

Created on ‎11-10-2022 04:33 AM

Hi NicholeKaligian,

 

I further checked internally and found these documents of "Supported RFCs"

 

FortiOS 7.0

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/3ccd389a-e341-11eb-97f7-005056...

 

Added RFC 1928 to Other protocols on page 15.
Supported when explicit proxy is implemented.


https://www.rfc-editor.org/rfc/rfc7540

 

FortiOS 6.2

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/22795caa-468c-11e9-94bf-005056...

RFC 7540: Hypertext Transfer Protocol Version 2 (HTTP/2) added.
Only flow mode is supported; proxy mode is not yet supported.

 

regards,

 

Sheikh

**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**
2400
0 Kudos
NicholeKaligian
New Contributor
In response to Sheikh

Created on ‎11-10-2022 06:53 AM

Thank you for that. Do you know of any way to track/confirm which protocol is being used? Either on the device itself or externally?

2390
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.