FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes how to enable multiple outgoing IP for explicit web proxy.
Solution To enable multiple outgoing IP for explicit web proxy, configure the secondary IP in the external interface for outgoing traffic.
1) Configure multiple secondary IP:
# config system interface edit "port1" set vdom "root" set ip 10.1.1.73 255.255.252.0 set allowaccess ping https ssh http telnet set type physical set snmp-index 1 set secondary-IP enable config secondaryip edit 1 set ip 10.1.0.214 255.255.252.0 next edit 2 set ip 10.1.0.215 255.255.252.0 next end next end
2) Enable multiple outgoing IP address in explicit web proxy setting:
# config web-proxy explicit set status enable set http-incoming-port 8080 set outgoing-ip 10.1.0.214 10.1.0.215 end
3) Run sniffer command to verify if both IP are being used for outgoing traffic:
# diag sniffer packet port1 ‘host 10.1.0.214’ 4 0 l # diag sniffer packet port1 ‘host 10.1.0.215’ 4 0 l
