SSL offloading for WAN optimization and web caching WAN optimization and web caching
FortiGate Version 4.0 Administration Guide
626 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
2 Select Create New and add a Peer Host ID and the IP address for the peer side
FortiGate unit.
3 Select OK to save the peer.
4 Go to WAN Opt. & Cache > Peer > Authentication Group and select Create New to add
an authentication group named SSL_auth_grp to the client side FortiGate unit.
The authentication group includes a pre-shared key and the peer added in step 2. An
authentication group with the same name and the same pre-shared key must also be
added to the server side FortiGate unit. This authentication group is required for the
secure tunnel.
5 Go to WAN Opt. & Cache > Rule and select Create New to add the WAN optimization
rule:
6 Select OK to save the rule.
The rule is added to the bottom of the WAN optimization list.
7 If required, move the rule to a different position in the list.
See “Moving a rule to a different position in the rule list” on page 607.
To configure the server side FortiGate unit
1 Go to WAN Opt. & Cache > Peer and enter a Local Host ID for the server side
FortiGate unit.
2 Select Create New and add a Peer Host ID and the IP address for the peer side
FortiGate unit.
Local Host ID User_net
Peer Host ID Web_servers
IP Address 192.168.10.1
Name SSL_auth_grp
Authentication Method Pre-shared key
Password <pre-shared_key>
Peer Acceptance Specify Peer: Web_servers
Mode Full Optimization
Source 172.20.120.0
Destination 192.168.10.0
Port 443
Auto-Detect Off
Protocol HTTP
Peer Web_servers
Transparent Mode Enable
Enable Byte Caching Enable
Enable SSL Enable
Enable Secure Tunnel Enable
Authentication Group SSL_auth_grp
Local Host ID Web_servers
To Next Page
Loading...