Adding ICAP to a web proxy security policy - web‑based manager
In order to configure ICAP using the web-based manager, this feature must be enabled using Feature Select. For more information, see
“Feature Select”.
The following is an example of configuring the ICAP feature on the FortiGate unit and applying an ICAP profile to an existing web proxy security policy.
1 Go to Security Profiles > ICAP > Servers and select Create New to add the following ICAP server:
Name | New ICAP Server |
IP Type | IPv4 |
IP Address | 172.16.122.151 |
Port | 453 |
2 Go to Security Profiles > ICAP > Profiles and select Create New to add an ICAP profile names New ICAP Profile.
3 Select Enable Request Processing and configure the following:
Server | New ICAP Server |
Path | /service-in |
On Failure | Error |
4 Select Enable Response Processing and configure the following:
Server | New ICAP Server |
Path | /service-out |
On Failure | Error |
5 Select Enable Streaming Media Bypass and select OK.
6 Go to Policy > Policy > Policy and edit the security policy that accepts the traffic to be processed by the ICAP server.
7 Under Security Policies, select Enable ICAP and set New ICAP Server.
8 Select OK.