Fortinet black logo

CLI Reference

web-proxy forward-server

web-proxy forward-server

Use this command to support explicit web proxy forwarding, also known as proxy chaining.

config web-proxy forward-server
    edit {name}
    # Configure forward-server addresses.
        set name {string}   Server name. size[63]
        set addr-type {ip | fqdn}   Address type of the forwarding proxy server: IP or FQDN.
                ip    Use an IP address for the forwarding proxy server.
                fqdn  Use the FQDN for the forwarding proxy server.
        set ip {ipv4 address any}   Forward proxy server IP address.
        set fqdn {string}   Forward server Fully Qualified Domain Name (FQDN). size[255]
        set port {integer}   Port number that the forwarding server expects to receive HTTP sessions on (1 - 65535, default = 3128). range[1-65535]
        set healthcheck {disable | enable}   Enable/disable forward server health checking. Attempts to connect through the remote forwarding server to a destination to verify that the forwarding server is operating normally.
        set monitor {string}   URL for forward server health check monitoring (default = http://www.google.com). size[255]
        set server-down-option {block | pass}   Action to take when the forward server is found to be down: block sessions until the server is back up or pass sessions to their destination.
                block  Block sessions until the server is back up.
                pass   Pass sessions to their destination bypassing the forward server.
        set comment {string}   Comment. size[63]
    next
end

Additional information

The following section is for those options that require additional explanation.

ip <ipv4-address>

Note: This entry is only available when addr-type is set to ip. IP address of the forwarding proxy server.

fqdn <fqdn>

Note: This entry is only available when addr-type is set to fqdn. Fully Qualified Domain Name (FQDN) of the forwarding proxy server.

addr-type {ip | fqdn}

Address type of the forwarding proxy server: IP (by default) or FQDN.

port <port>

Port number that the forwarding server expects to receive HTTP sessions on. Set the value between 1-65535. The default is set to 3128.

healthcheck {enable | disable}

Enable or disable (by default) proxy server health check, a function that attempts to connect to a web server to make sure that the remote forwarding server is operating. Once enabled, use the monitor entry to set the forward health checking URL.

monitor <url>

Note: This entry is only available when health-check is set to enable. URL to use for health check monitoring. If the web proxy can't connect to this URL, it will assume that forwarding server is down. The default is set to http://www.google.com.

server-down-option {block | pass}

Action to take when the forwarding server is down:

  • block: Blocks sessions until the server comes back up (set by default).
  • pass: Allows sessions to connect to their destination.

comment [string]

Optional comments.

web-proxy forward-server

Use this command to support explicit web proxy forwarding, also known as proxy chaining.

config web-proxy forward-server
    edit {name}
    # Configure forward-server addresses.
        set name {string}   Server name. size[63]
        set addr-type {ip | fqdn}   Address type of the forwarding proxy server: IP or FQDN.
                ip    Use an IP address for the forwarding proxy server.
                fqdn  Use the FQDN for the forwarding proxy server.
        set ip {ipv4 address any}   Forward proxy server IP address.
        set fqdn {string}   Forward server Fully Qualified Domain Name (FQDN). size[255]
        set port {integer}   Port number that the forwarding server expects to receive HTTP sessions on (1 - 65535, default = 3128). range[1-65535]
        set healthcheck {disable | enable}   Enable/disable forward server health checking. Attempts to connect through the remote forwarding server to a destination to verify that the forwarding server is operating normally.
        set monitor {string}   URL for forward server health check monitoring (default = http://www.google.com). size[255]
        set server-down-option {block | pass}   Action to take when the forward server is found to be down: block sessions until the server is back up or pass sessions to their destination.
                block  Block sessions until the server is back up.
                pass   Pass sessions to their destination bypassing the forward server.
        set comment {string}   Comment. size[63]
    next
end

Additional information

The following section is for those options that require additional explanation.

ip <ipv4-address>

Note: This entry is only available when addr-type is set to ip. IP address of the forwarding proxy server.

fqdn <fqdn>

Note: This entry is only available when addr-type is set to fqdn. Fully Qualified Domain Name (FQDN) of the forwarding proxy server.

addr-type {ip | fqdn}

Address type of the forwarding proxy server: IP (by default) or FQDN.

port <port>

Port number that the forwarding server expects to receive HTTP sessions on. Set the value between 1-65535. The default is set to 3128.

healthcheck {enable | disable}

Enable or disable (by default) proxy server health check, a function that attempts to connect to a web server to make sure that the remote forwarding server is operating. Once enabled, use the monitor entry to set the forward health checking URL.

monitor <url>

Note: This entry is only available when health-check is set to enable. URL to use for health check monitoring. If the web proxy can't connect to this URL, it will assume that forwarding server is down. The default is set to http://www.google.com.

server-down-option {block | pass}

Action to take when the forwarding server is down:

  • block: Blocks sessions until the server comes back up (set by default).
  • pass: Allows sessions to connect to their destination.

comment [string]

Optional comments.