Fortinet black logo

CLI Reference

wanopt settings

Configure WAN optimization settings.

  config wanopt settings
      Description: Configure WAN optimization settings.
      set host-id {string}
      set tunnel-ssl-algorithm [high|medium|...]
      set auto-detect-algorithm [simple|diff-req-resp]
  end

config wanopt settings

Parameter Name Description Type Size
host-id Local host ID (must also be entered in the remote FortiGate's peer list). string Maximum length: 35
tunnel-ssl-algorithm Relative strength of encryption algorithms accepted during tunnel negotiation.
high: High encryption. Allow only AES and ChaCha.
medium: Medium encryption. Allow AES, ChaCha, 3DES, and RC4.
low: Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.
option -
auto-detect-algorithm Auto detection algorithms used in tunnel negotiations.
simple: Use the same TCP option value in SYN/SYNACK packets. Backward compatible.
diff-req-resp: Use different TCP option values in SYN/SYNACK packets to avoid false positive detection.
option -

Configure WAN optimization settings.

  config wanopt settings
      Description: Configure WAN optimization settings.
      set host-id {string}
      set tunnel-ssl-algorithm [high|medium|...]
      set auto-detect-algorithm [simple|diff-req-resp]
  end

config wanopt settings

Parameter Name Description Type Size
host-id Local host ID (must also be entered in the remote FortiGate's peer list). string Maximum length: 35
tunnel-ssl-algorithm Relative strength of encryption algorithms accepted during tunnel negotiation.
high: High encryption. Allow only AES and ChaCha.
medium: Medium encryption. Allow AES, ChaCha, 3DES, and RC4.
low: Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.
option -
auto-detect-algorithm Auto detection algorithms used in tunnel negotiations.
simple: Use the same TCP option value in SYN/SYNACK packets. Backward compatible.
diff-req-resp: Use different TCP option values in SYN/SYNACK packets to avoid false positive detection.
option -