Table of Contents
Advertisement
SSL offloading for WAN optimization and web caching
626
Local Host ID
2 Select Create New and add a Peer Host ID and the IP address for the peer side
FortiGate unit.
Peer Host ID
IP Address
3 Select OK to save the peer.
4 Go to WAN Opt. & Cache > Peer > Authentication Group and select Create New to add
an authentication group named SSL_auth_grp to the client side FortiGate unit.
The authentication group includes a pre-shared key and the peer added in step 2. An
authentication group with the same name and the same pre-shared key must also be
added to the server side FortiGate unit. This authentication group is required for the
secure tunnel.
Name
Authentication Method Pre-shared key
Password
Peer Acceptance
5 Go to WAN Opt. & Cache > Rule and select Create New to add the WAN optimization
rule:
Mode
Source
Destination
Port
Auto-Detect
Protocol
Peer
Transparent Mode
Enable Byte Caching Enable
Enable SSL
Enable Secure Tunnel Enable
Authentication Group SSL_auth_grp
6 Select OK to save the rule.
The rule is added to the bottom of the WAN optimization list.
7 If required, move the rule to a different position in the list.
See
"Moving a rule to a different position in the rule list" on page
To configure the server side FortiGate unit
1 Go to WAN Opt. & Cache > Peer and enter a Local Host ID for the server side
FortiGate unit.
Local Host ID
2 Select Create New and add a Peer Host ID and the IP address for the peer side
FortiGate unit.
User_net
Web_servers
192.168.10.1
SSL_auth_grp
<pre-shared_key>
Specify Peer: Web_servers
Full Optimization
172.20.120.0
192.168.10.0
443
Off
HTTP
Web_servers
Enable
Enable
Web_servers
WAN optimization and web caching
607.
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424
http://docs.fortinet.com/
•
Feedback
- Quick Links:
- Introduction
- Ip Addresses
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
