Help
FortiWeb
A FortiWeb can be configured to join a Security Fabric through the root or downstream FortiGate.
Rajashekar
Staff
Staff

Created on ‎12-29-2023 09:31 AM

Article Id 291025

Technical Tip: Enable transaction-based persistence when a deployed FortiWeb is deployed behind Cloudflare

Description Enable transaction-based persistence when FortiWeb is deployed behind Cloudflare.
Scope FortiWeb v7.4.0 and above.
Solution

Ensure the following:

  • FortiWeb operates on Reverse Proxy mode.
  • The server pool has been configured with the server balance mode method.

Follow these steps:

  • Navigate to Persistence Policy under Server Objects and create a Persistence Policy with the Session Type shown in the example below:

    Service Objects -> Persistence -> Type: Insert Cookie:

cookie.png

 

  • After creating the Persistence Policy, assign the Persistence Policy to the Server Pool:

 

1.png

 

  • Apply the following command on the server policy to enable Transaction Persistence:

config server-policy policy

edit Policy1<server-policy_name>

set transaction-based-persistence enable

next

end

 

This will enable persistence information to be checked by each transaction rather than with the connection itself.

This is beneficial in scenarios where FortiWeb is deployed behind Cloudflare, which would forward different customers' traffic within the same connection.
115
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.