Manual configurations allow for WAN optimization between one client-side FortiGate unit and one server-side FortiGate unit. To create a manual configuration you add a manual mode WAN optimization security policy to the client-side FortiGate unit. The manual mode policy includes the peer ID of a server-side FortiGate unit.

In a manual mode configuration, the client-side peer can only connect to the named server‑side peer. When the client-side peer initiates a tunnel with the server-side peer, the packets that initiate the tunnel include extra information so that the server-side peer can determine that it is a peer-to-peer tunnel request. This extra information is required because the server-side peer does not require a WAN optimization policy; you just need to add the client peer host ID and IP address to the server-side FortiGate unit peer list and a security policy with the wanopt interface as the incoming interface. WAN optimization tunnel requests are accepted by the policy and if the client-side peer is in the server side peer’s address list the traffic is forwarded to its destination.