Got this to work earlier.

I posted on this forum since when default port (8080) was used, the browser was

getting "connection refused" errors - I thought I was missing something.

Only when I changed the default port did it work.

I'm surprised the Admin Guide does not have a procedure on this.

Although, I've noticed, video traffic running on HTTPS is not being cached for some reason.

This is actually just a side step, to a more complicated setup which involves the Forticache being

integrated with a FG1000D via WCCP. HTTP caching is working on that setup but HTTPS is not working.

I wanted to try the Explicit Proxy setup just to make sure HTTPS proxy can work.

I've got a ticket opened for the "WCCP-HTTPS" problem, still waiting for an Engineer to take ownership.

Thank you for the reply, your answer leads to a solution.

Carl Windsor wrote:

**I recommend that you use the new Fortinet Community Portal - FUSE going forwards**

 

First port of call is the FortiCache Admin Guide but in summary the minimum configuration to get up and running is:

[ul]

Ensure the FortiCache is set up with the basic networking (interface IPs, Static Route, DNS)[ul]

If this is a VM, ensure your data disks are mounted, formatted and assigned to the cache process[/ul]

Enable Explicit Proxy on the client facing FCH interface under Firewall Objects > Explicit Proxy > Explicit

Configure a Firewall Policy between the Explicit Interface and the Internet.  Test that this works first, then enable caching (as shown in this screenshot).[ul]

To test, change your browser setting to point at the FAC IP on port 8080 if you use the defaults in Firewall Objects > Explicit Proxy > Explicit[/ul][/ul]

There are other setting which you can look at changing once you have the basics set up e.g. PAC files, alternate ports, FTP over HTTP but get the basics working first, then move on.

 

rocampo wrote:

Although, I've noticed, video traffic running on HTTPS is not being cached for some reason.

I am assuming you have enabled HTTPS Inspection on the firewall policy.  If so, add the following command to the firewall policy (CLI only). 

config firewall policy    edit 1        set srcintf "Explicit_Proxy"        set dstintf "port1"        set srcaddr "all"        set dstaddr "all"        set action accept        set schedule "always"        set service "webproxy"        set utm-status enable        set logtraffic all        set logtraffic-start enable        set log-http-transaction enable        set webcache enable        set webcache-https any            <------ Required to cache video content        set profile-protocol-options "default"        set deep-inspection-options "default"   next end

That one I missed. :)

Btw, these 2 commands:

 set profile-protocol-options "default"   set deep-inspection-options "default"

Are not available for Explicit Proxy ---> Internet Facing Interface, Firewall Policy.

Hello, Has there been any solution to got this work. Had the same issue and only HTTP is being cached.

Any idea on how to cache HTTPS?

Support also not helping a lot on this issue.

Regards, Ashley