Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    6.4.0
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    web-proxy profile

    Configure web proxy profiles.

      config web-proxy profile
      Description: Configure web proxy profiles.
      edit <name>
          set header-client-ip [pass|add|...]
          set header-via-request [pass|add|...]
          set header-via-response [pass|add|...]
          set header-x-forwarded-for [pass|add|...]
          set header-front-end-https [pass|add|...]
          set header-x-authenticated-user [pass|add|...]
          set header-x-authenticated-groups [pass|add|...]
          set strip-encoding [enable|disable]
          set log-header-change [enable|disable]
          config headers
              Description: Configure HTTP forwarded requests headers.
              edit <id>
                  set name {string}
                  set dstaddr <name1>, <name2>, ...
                  set dstaddr6 <name1>, <name2>, ...
                  set action [add-to-request|add-to-response|...]
                  set content {string}
                  set base64-encoding [disable|enable]
                  set add-option [append|new-on-not-found|...]
                  set protocol {option1}, {option2}, ...
              next
          end
      next
  end

    config web-proxy profile

    Parameter Name Description Type Size
    header-client-ip Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-via-request Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-via-response Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-x-forwarded-for Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-front-end-https Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-x-authenticated-user Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-x-authenticated-groups Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    strip-encoding Enable/disable stripping unsupported encoding from the request header.
    enable: Enable stripping of unsupported encoding from the request header.
    disable: Disable stripping of unsupported encoding from the request header.
    		 option -
    log-header-change Enable/disable logging HTTP header changes.
    enable: Enable Enable/disable logging HTTP header changes.
    disable: Disable Enable/disable logging HTTP header changes.
    		 option -

    config headers

    Parameter Name Description Type Size
    name HTTP forwarded header name. string Maximum length: 79
    dstaddr <name> Destination address and address group names.
    Address name.    		 string Maximum length: 79
    dstaddr6 <name> Destination address and address group names (IPv6).
    Address name.    		 string Maximum length: 79
    action Action when the HTTP header is forwarded.
    add-to-request: Add the HTTP header to request.
    add-to-response: Add the HTTP header to response.
    remove-from-request: Remove the HTTP header from request.
    remove-from-response: Remove the HTTP header from response.
    		 option -
    content HTTP header content. string Maximum length: 255
    base64-encoding Enable/disable use of base64 encoding of HTTP content.
    disable: Disable use of base64 encoding of HTTP content.
    enable: Enable use of base64 encoding of HTTP content.
    		 option -
    add-option Configure options to append content to existing HTTP header or add new HTTP header.
    append: Append content to existing HTTP header or create new header if HTTP header is not found.
    new-on-not-found: Create new header only if existing HTTP header is not found.
    new: Create new header regardless if existing HTTP header is found or not.
    		 option -
    protocol Configure protocol(s) to take add-option action on (HTTP, HTTPS, or both).
    https: Perform add-option action on HTTPS.
    http: Perform add-option action on HTTP.
    		 option -
    Previous
    Next

    web-proxy profile

    Configure web proxy profiles.

      config web-proxy profile
      Description: Configure web proxy profiles.
      edit <name>
          set header-client-ip [pass|add|...]
          set header-via-request [pass|add|...]
          set header-via-response [pass|add|...]
          set header-x-forwarded-for [pass|add|...]
          set header-front-end-https [pass|add|...]
          set header-x-authenticated-user [pass|add|...]
          set header-x-authenticated-groups [pass|add|...]
          set strip-encoding [enable|disable]
          set log-header-change [enable|disable]
          config headers
              Description: Configure HTTP forwarded requests headers.
              edit <id>
                  set name {string}
                  set dstaddr <name1>, <name2>, ...
                  set dstaddr6 <name1>, <name2>, ...
                  set action [add-to-request|add-to-response|...]
                  set content {string}
                  set base64-encoding [disable|enable]
                  set add-option [append|new-on-not-found|...]
                  set protocol {option1}, {option2}, ...
              next
          end
      next
  end

    config web-proxy profile

    Parameter Name Description Type Size
    header-client-ip Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-via-request Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-via-response Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-x-forwarded-for Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-front-end-https Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-x-authenticated-user Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    header-x-authenticated-groups Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header.
    pass: Forward the same HTTP header.
    add: Add the HTTP header.
    remove: Remove the HTTP header.
    		 option -
    strip-encoding Enable/disable stripping unsupported encoding from the request header.
    enable: Enable stripping of unsupported encoding from the request header.
    disable: Disable stripping of unsupported encoding from the request header.
    		 option -
    log-header-change Enable/disable logging HTTP header changes.
    enable: Enable Enable/disable logging HTTP header changes.
    disable: Disable Enable/disable logging HTTP header changes.
    		 option -

    config headers

    Parameter Name Description Type Size
    name HTTP forwarded header name. string Maximum length: 79
    dstaddr <name> Destination address and address group names.
    Address name.    		 string Maximum length: 79
    dstaddr6 <name> Destination address and address group names (IPv6).
    Address name.    		 string Maximum length: 79
    action Action when the HTTP header is forwarded.
    add-to-request: Add the HTTP header to request.
    add-to-response: Add the HTTP header to response.
    remove-from-request: Remove the HTTP header from request.
    remove-from-response: Remove the HTTP header from response.
    		 option -
    content HTTP header content. string Maximum length: 255
    base64-encoding Enable/disable use of base64 encoding of HTTP content.
    disable: Disable use of base64 encoding of HTTP content.
    enable: Enable use of base64 encoding of HTTP content.
    		 option -
    add-option Configure options to append content to existing HTTP header or add new HTTP header.
    append: Append content to existing HTTP header or create new header if HTTP header is not found.
    new-on-not-found: Create new header only if existing HTTP header is not found.
    new: Create new header regardless if existing HTTP header is found or not.
    		 option -
    protocol Configure protocol(s) to take add-option action on (HTTP, HTTPS, or both).
    https: Perform add-option action on HTTPS.
    http: Perform add-option action on HTTP.
    		 option -
    Previous
    Next