Chapter 23 WAN Optimization, Web Cache, Explicit Proxy, and WCCP : FortiGate WCCP : Example: caching HTTP sessions on port 80 and HTTPS sessions on port 443 using WCCP : Configuring the WCCP server (WCCP_srv)
  
Configuring the WCCP server (WCCP_srv)
Use the following steps to configure WCCP_srv as the WCCP server for the example network. The example steps only describe the WCCP-related configuration.
To configure WCCP_srv as a WCCP server
1. Add a port2 to port1 security policy that accepts HTTP traffic on port 80 and HTTPS traffic on port 443 and is configured for WCCP:
config firewall policy
edit 0
set srtintf port2
set dstintf port1
set srcaddr all
set dstaddr all
set action accept
set schedule always
set service HTTP HTTPS
set wccp enable
set nat enable
end
2 Add another port2 to port1 security policy to allow all other traffic to connect to the Internet.
.config firewall policy
edit 0
set srtintf port2
set dstintf port1
set srcaddr all
set dstaddr all
set action accept
set schedule always
set service ANY
set nat enable
end
3 Move this policy below the WCCP policy in the port2 to port1 policy list.
4 Enable WCCP on the port5 interface.
config system interface
edit port5
set wccp enable
end
5 Add a WCCP service group with service ID 90 (can be any number between 51 and 255).
config system wccp
edit 90
set router-id 10.51.101.100
set server-list 10.51.101.0 255.255.255.0
end
6 Add a firewall address and security policy to allow the WCCP_client to connect to the internet.
config firewall address
edit WCCP_client_addr
set subnet 10.51.101.10
end
 
.config firewall policy
edit 0
set srtintf port5
set dstintf port1
set srcaddr WCCP_client_addr
set dstaddr all
set action accept
set schedule always
set service ANY
set nat enable
end