Configuration Steps - CLI
Use the following steps to configure the example configuration from the FortiGate CLI.
To add HTTP and HTTPS web caching to a security policy
1. Enter the following command to add a security policy that allows all users on the internal network to access the Internet and that includes web caching of HTTP and HTTPS traffic.
config firewall policy
edit 0
set srcintf internal
set srcaddr all
set dstintf wan1
set distinf all
set schedule always
set service ANY
set action accept
set nat enable
set webcache enable
set webcache-https any
end
To cache HTTP traffic on port 80 and 8080 and HTTPS traffic on ports 443 and 8443
1. Enter the following command to edit the default proxy options profile to configure it to look for HTTP traffic on ports 80 and 8080:
config firewall profile-protocol-options
edit default
config http
set status enable
set ports 80 8080
end
2. Enter the following command to edit the certification-inspection SSL SSH options profile to configure it to look for HTTPS traffic on ports 443 and 8443:
config firewall ssl-ssh-profile
edit certificate-inspection
config https
set status certificate-inspection
set ports 443 8443
end
3. Enter the following command to add the default proxy options profile and the certificate-inspection SSL SSH profile to the firewall policy.
config firewall policy
edit 5
set utm-status enable
set profile-protocol-options default
set ssl-ssh-profile certificate-inspection
end