Created on 07-29-2015 09:35 PM Edited on 05-26-2022 11:02 AM By Anonymous
Purpose
Scope
Diagram
Expectations, Requirements
Configuration
config system interface
edit "WAN"
set ip 192.168.146.73 255.255.255.0
set alias "connect to ISP Router"
next
edit "LAN"
set ip 10.137.0.73 255.255.254.0
set alias "connect to LAN"
next
edit "port3"
set ip 10.128.0.73 255.255.254.0
set alias "connect to Forticache"
set wccp enable
next
end
config system wccp
edit "91"
set router-id 10.128.0.73
set server-list 10.128.0.0 255.255.254.0
next
end
config firewall policy
edit 1
set srcintf " LAN "
set dstintf " WAN "
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "HTTP" "HTTPS"
set logtraffic all
set wccp enable
set nat enable
next
edit 2
set srcintf " LAN "
set dstintf " WAN "
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "ANY"
set nat enable
next
end
config system interface
edit "port1"
set ip 192.168.146.175 255.255.255.0
set alias "Connect to ISP Router"
next
edit "port4"
set ip 10.128.0.175 255.255.254.0
set wccp enable
set alias "Connect to FortiGate"
next
config system wccp
edit "91"
set cache-id 10.128.0.175
set router-list "10.128.0.73"
set ports 80 443
set assignment-bucket-format wccp-v2
next
end
config firewall policy
edit 1
set srcintf "w.root"
set dstintf "port1"
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set utm-status enable
set logtraffic all
set webcache enable
set webcache-https any
set profile-protocol-options "default"
set deep-inspection-options "default"
set nat enable
next
Verification
# diag wad web list 10min
Troubleshooting
get sys perf stat
diag test app wad 1
diag wad web list 10min
diag test app wad 50
WCCP service group info:-
The WCCP routers and web caches form service groups in order to handle the redirection of traffic whose characteristics are part of the service group definition.
Service Group |
Type |
Description |
Service 90-97 |
user configurable |
User-defined WCCP services that support up to eight ports for each WCCP service. When you configure these user-defined services, you must specify whether to redirect the traffic to the HTTP caching application, to the HTTPS application, or to the streaming application on the content engine. |
Related Articles
Technical Note: How to integrate FortiCache with FortiGate using WCCP
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.