So would I only need to configure the 60c side, and check the " optimize connection" on the specific rule?

I spent a lot of time getting Wan Opt to work in a lab and also did 2 onsite demonstrations. There are several ways to deploy it. WAN Opt does a really good job of speeding up web browsing. Let' s start with that. It does a great job of it. So, you should turn that on if you have enough storage on your 60C flash drives. By the way, be careful what firmware you' re running. Too new and the WAN opt. options go away in the GUI. Wan Opt does a poor job of speeding up file access. Let' s continue with that. Yikes. Under perfect conditions, it will make the 3rd 4th or 5th file copy of the same file go much faster. I also tried doing the same WAN Opt speed tests with a Forticlient installed and properly licensed for client side CIFS (Windows file sharing) and got poor results. So, without much further ado, here' s what you should expect: For Fortinet WAN Opt: - For Windows file copy (SMB/CIFS) you can see a *decrease in bandwidth used* but generally no speed increase - this may be enough for you - occasionally you' ll see a speed increase, but that' s few and far between - when the GUI in the 60C says you' re getting awesome speed increases in CIFS, you' re actually having login problems and the Windows clients are unable to login or access shares. This is clearly a bug in the CIFS acceleration in the FG. - MAPI acceleration doesn' t work that well, don' t bother for modern outlook clients (encryption on or off, it just doesn' t make that much difference), but older 2000 Outlook seems to be a little faster So what' s a guy in your position to do: - Windows 2008 R2 server, enable SMB v2 anywhere you can - Windows 2008 R2 branch cache should be on, since it is a client side cache and file check out system, it will be better than a network solution - Windows 7 clients, use SMB v2 anywhere you can - for high impact sites, set up a BranchCache server Hope this helps.

The WAN Opt acceleration of CIFS is only worth going through if you' re serious about it. Generally: You want WAN Optimization enabled on both ends of the pipe. What appears to be happening is that the two devices are looking at the traffic which would have been going over the pipe and the destination device is determining if it' s seen it before. Then it asks the device at the main office if that is indeed what is going to come next. Then the main device says that the remote device really has seen this file before and go ahead and pull it from cache. There are some good docs on this: http://docs.fortinet.com/fgt/techdocs/fortigate_wanopt_cache_proxy.pdf Also, I used two separate Fortigate devices in transparent mode at both ends of my pipes so that I could easily do A/B testing. This may help you with your testing as well.

SteveRoadWarrior, I agree with you MAPI does not work in 4.3 or 4.2 (Maybe 5.0, have not tested yet) and that’s because of the outlook encryption. I do not agree that CIFS gets poor performance. In my experience I have notice a performance increase. I have tested and noticed that the charts are accurate. See my screenshot below. We use CIFS wan opt for a server that is not using DFS and it works great. If you are using a DFS share I would not recommend using Fortinet WAN Opt CIFS.

RetchedOne, ejhardin is right, CIFS acceleration can work. If it works for you then you should use it. As you can see from his chart, he saved at least 90MB of bandwidth over the last month. If you are doing DFS to each remote site, then I have to echo ejhardin and ask: what problem are you trying to fix? If you' re having problems with DFS sync or file locking issues, then consider the Win2008R2 options I' ve listed. Otherwise, could you be more specific in your problem description?

Thanks for the replies, Let' s see if I can clarify on what I attempted to say. I have two main sites and about 35 remote small site. The two main sites A and B. These two sites have the file servers that use DFS to replicate various file shares between A and B, and are accessed by users in the remote sites. These sites each have 2 300c' s. I do not plan/want to uses wan-opt between A and B. I DO want to use wan-ops/cifs between A and the remote sites and B and the remote sites. I have a feeling I am just configuring it incorrectly as my graph never shows a single thing and the lofs show one of the sides is mis-configured. I' m sure there is more than just checking " Use Wan Opt" and choosing default in the GUI when making rules. Should i make specific rules to go between the remote sites' subnet and the file servers single IP' s? And should it be active or passive?

the remote sites are all 60c' s