Description
This article focuses on those FortiGate models which support Explicit Proxy, WAN Optimization and web caching, but the specific features are not found on the GUI or even on the CLI.
It should be noted that different FortiGate models support different features. Certain features such as explicit proxy, web caching and WAN optimization will only be available on models which have a hard disk.
The FortiGate Feature/Platform Matrix in the Reference Manuals section of the Fortinet Document Library should be consulted to check feature availability per model and firmware version.
Solution
Explicit proxy will be the most straight forward, as only FortiGate 30D models can be configured via CLI, all other models can be configure via GUI or CLI. To enable explicit proxy to be visible via GUI, go to System > Feature Visibility and turn on "Explicit Proxy" under Security Features.
However, on a new (or factory reset) unit, this option may not be seen. This is because starting from firmware 5.4.0 onwards, there is an added option to configure the VDOM to be proxy-based or flow-based (default is flow-based). Explicit proxy, web caching and WAN optimization are not supported for flow-based VDOM, therefore they cannot be configured on the GUI, or even via CLI.
To do this, go to System > Settings, under System Operation Settings, change the inspection mode to Proxy. Alternatively, change it using the following command:
After changing the inspection mode and the FortiGate has been rebooted to make the change take effect, explicit proxy will now be available in Feature Visibility:
For WAN optimization and web caching, there is an additional step. For FortiGate models with only a single hard disk, the hard disk can be used for disk logging or WAN optimization and web caching. Starting from firmware v5.4 onwards, the disk option can be toggled to achieve this. By default, disk is used for logging. The command to toggle the disk is as follows:
config system global
set inspection-mode proxy
end
After changing the inspection mode and the FortiGate has been rebooted to make the change take effect, explicit proxy will now be available in Feature Visibility:
For WAN optimization and web caching, there is an additional step. For FortiGate models with only a single hard disk, the hard disk can be used for disk logging or WAN optimization and web caching. Starting from firmware v5.4 onwards, the disk option can be toggled to achieve this. By default, disk is used for logging. The command to toggle the disk is as follows:
config system global
set disk-usage wanopt
end
