Configuring a WAN optimization rule WAN optimization and web caching
FortiGate Version 4.0 MR1 Administration Guide
686 01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
Mode Select Full Optimization to add a rule that can apply all WAN optimization features.
Select Web Cache Only to add a rule that just applies web caching. If you select
Web Cache Only, you can configure the source and destination address and port
for the rule. You can also select Transparent Mode and Enable SSL.
Source Enter an IP address, followed by a forward slash (/), then subnet mask, or enter an
IP address range separated by a hyphen. See “About WAN optimization
addresses” on page 687.
Only packets whose source address header contains an IP address matching this
IP address or address range will be accepted by and subject to this rule.
For a passive rule, the server (passive) source address range should be
compatible with the source addresses of the matching client (active) rule. To match
one passive rule with many active rules, the passive rule source address range
should include the source addresses of all of the active rules.
Destination Enter an IP address, followed by a forward slash (/), then subnet mask, or enter an
IP address range separated by a hyphen. See “About WAN optimization
addresses” on page 687.
Only a packet whose destination address header contains an IP address matching
this IP address or address range will be accepted by and subject to this rule.
Tip: For a Web Cache Only rule, if you set Destination to 0.0.0.0, the rule caches
web pages on the Internet or any network.
For a passive rule, the server (passive) destination address range should be
compatible with the destination addresses of the matching client (active) rule. To
match one passive rule with many active rules, the passive rule destination
address range should include the destination addresses of all of the active rules.
Port Enter a single port number or port number range. Only packets whose destination
port number matches this port number or port number range will be accepted by
and subject to this rule.
For a passive rule, the server (passive) port range should be compatible with the
port range of the matching client (active) rule. To match one passive rule with many
active rules, the passive rule port range should include the port ranges of all of the
active rules.
Auto-Detect Available only if Mode is set to Full Optimization.
Specify whether the rule is an Active (client) rule, a Passive (server) rule or if auto-
detect is Off. If auto-detect is off the rule is a peer-to-peer rule.
• For an Active (client) rule, you must select all of the WAN optimization features to
be applied by the rule. You can select the protocol to optimize, transparent mode,
byte caching, SSL offloading, secure tunneling, and an authentication group.
•A Passive (server) rule uses the settings in the active rule on the client FortiGate
unit to apply WAN optimization settings. You can also select web caching for a
passive rule.
•If Auto-Detect is Off, the rule must include all required WAN optimization features
and you must select a Peer for the rule. Select this option to configure peer-to-
peer WAN optimization where this rule can start a WAN optimization tunnel with
this peer only.
Protocol Available only if Mode is set to Full Optimization, and
Auto-Detect is set to Off or
Active.
Select CIFS, FTP, HTTP, or MAPI to apply protocol optimization for one of these
protocols. For information about protocol optimization, see the FortiGate WAN
Optimization, Web Cache, and Web Proxy User Guide.
Select TCP if the WAN optimization tunnel accepts sessions that use more than
one protocol or that do not use the CIFS, FTP, HTTP, or MAPI protocol.
Peer Available only if Mode is set to Full Optimization, and Auto-Detect is set to Off.
Select the peer host ID of the peer that this peer-to-peer WAN optimization rule will
start a WAN optimization tunnel with. You can also select [Create New ...] to add a
new peer.
Enable Web
Cache
Available only if Mode is set to Full Optimization, and Auto-Detect is set to Off or
Passive. If Auto-Detect is set to Off, then Protocol must be set to HTTP.
Select to apply WAN optimization web caching to the sessions accepted by this
rule. For more information, see the FortiGate WAN Optimization, Web Cache, and
Web Proxy User Guide.
To Next Page
Loading...
Need help?
General
