Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Potato168
New Contributor II

Created on ‎12-21-2025 07:58 AM Edited on ‎12-21-2025 08:00 AM

Web cache for my HTTP website is not working

Hi all,

 

I just have a very simple port portward config for my wan:8888 to my Lan Web server:80

 

There is nothing special on that webserver, what just a page to say "Hi". Even is no HTML coding.

 

My Firewall policy for this server like below:

 

config firewall policy
edit 13
set name "Incoming-NAS-Web"
set srcintf "virtual-wan-link"
set dstintf "Lan"
set action accept
set srcaddr "all"
set dstaddr "VIP-NAS-T8888"
set schedule "always"
set service "ALL"
set utm-status enable
set inspection-mode proxy
set ssl-ssh-profile "CA"
set logtraffic all
set webcache enable
next
end

 

The port forward is:

 

config firewall vip
edit "VIP-NAS-T8888"
set mappedip "172.30.0.2"
set extintf "wan1"
set portforward enable
set extport 8888
set mappedport 80
next
end

 

Why my webcache keep 0 hit in this case?

 

123123.png

Labels:
64
0 Kudos
2 REPLIES 2
kaman
Staff
Staff

Created on ‎12-21-2025 10:10 PM Edited on ‎12-22-2025 12:31 AM

Hi Potato168,

Please refer to the documents below for more information:

https://docs.fortinet.com/document/%2520fortigate/6.0.0/handbook/675134/web-caching-topologies


https://docs.fortinet.com/document/%20fortigate/6.0.0/handbook/657294/reverse-proxy-configuration


Regards,
Aman

39
0 Kudos
Potato
New Contributor III
In response to kaman

Created on ‎12-22-2025 12:28 AM Edited on ‎12-22-2025 12:29 AM

But the KB you provide - 

Reverse proxy configuration

config firewall vip

edit Reverse_proxy_VIP

set extintf port2

set type static-nat

set extip 192.168.10.1

set mappedip 172.10.20.30

end

 

config firewall policy

edit 0

set srcintf port2

set srcaddr all

set dstintf port1

set dstaddr Reverse_proxy_VIP

set schedule always

set service HTTP HTTPS

set action accept

set webcache enable

set webcache-https ssl-server

end

 

That KB mentions the same way for the web cache purpose.

The only difference is HTTP and HTTPS.

26
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.