EasyManua.ls Logo

Fortinet Gate 60D - WAN Optimization Tunnels; WAN Optimization Peer Authentication

Fortinet Gate 60D
706 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Overview of FortiGate WAN optimization WAN optimization and web caching
FortiGate Version 4.0 Administration Guide
602 01-400-89802-20090424
http://docs.fortinet.com/Feedback
Protocol optimization (increases the efficiency of data transmission of traffic based on
the communication protocol)
Byte caching
Byte caching (reduces the amount of duplicate data transmission caching data for
future re-transmission)
SSL offloading for WAN optimization and web caching (using FortiGate CP6 FortiASIC
acceleration to accelerate encryption/decryption of SSL traffic)
Secure tunnelling (employs SSL encryption to encrypt the WAN optimization tunnel)
WAN optimization with FortiClient
You can apply different combinations of these WAN optimization techniques to a single
traffic stream depending on the traffic type. For example, you can apply byte caching and
secure tunneling to any TCP traffic. For HTTP traffic you can also apply protocol
optimization and web caching.
WAN optimization tunnels
All optimized traffic passes between the FortiGate units or between a PC running
FortiClient and a FortiGate unit over a WAN optimization tunnel. Traffic in the tunnel can
be sent in plain text or encrypted using SSL. Both the plain text and the encrypted tunnels
use TCP port 7810.
Figure 400: WAN optimization flow
A tunnel is started with a client side WAN optimization peer attempts to start a WAN
optimization tunnel with a server side WAN optimization peer. Before the tunnel can be
started the peers must authenticate with each other and then agree on the tunnel
configuration. Then the peers bring up the tunnel and WAN optimization communication
over the tunnel starts.
WAN optimization peer authentication
All communication between WAN optimization peers begins with one WAN optimization
peer sending a WAN optimization tunnel request to another peer. The tunnel request
starts with the WAN optimization peers identifying and authenticating with each other.
Peer authentication requires the following configuration on each peer.
WAN
WAN
Optimization
Client
WAN
Optimization
Server
Client Server
Client Connects to Server Server Receives connection from Client
3 1
2
3 1
2
Packets
3 1
2
Packets
Packets in WAN
Optimization Tunnel
Port 7810
Note: Once a tunnel has been established multiple WAN optimization sessions can start
and stop between peers without restarting the tunnel.

Table of Contents