Fortinet black logo

CLI Reference

Home FortiGate / FortiOS 6.4.4 CLI Reference

config wanopt settings

6.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.0.0
5.6.0
5.4.0
5.2.0
5.0.0
Copy Link
Copy Doc ID 4b733773-4196-11eb-b9ad-00505692583a:416620
Download PDF

config wanopt settings

Configure WAN optimization settings.

config wanopt settings

Description: Configure WAN optimization settings.

set host-id {string}

set tunnel-ssl-algorithm [high|medium|...]

set auto-detect-algorithm [simple|diff-req-resp]

end

config wanopt settings

Parameter name

Description

Type

Size

host-id

Local host ID (must also be entered in the remote FortiGate's peer list).

string

Maximum length: 35

tunnel-ssl-algorithm

Relative strength of encryption algorithms accepted during tunnel negotiation.

option

-

Option

Description

high

High encryption. Allow only AES and ChaCha.

medium

Medium encryption. Allow AES, ChaCha, 3DES, and RC4.

low

Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.

auto-detect-algorithm

Auto detection algorithms used in tunnel negotiations.

option

-

Option

Description

simple

Use the same TCP option value in SYN/SYNACK packets. Backward compatible.

diff-req-resp

Use different TCP option values in SYN/SYNACK packets to avoid false positive detection.
Previous
Next

config wanopt settings

Configure WAN optimization settings.

config wanopt settings

Description: Configure WAN optimization settings.

set host-id {string}

set tunnel-ssl-algorithm [high|medium|...]

set auto-detect-algorithm [simple|diff-req-resp]

end

config wanopt settings

Parameter name

Description

Type

Size

host-id

Local host ID (must also be entered in the remote FortiGate's peer list).

string

Maximum length: 35

tunnel-ssl-algorithm

Relative strength of encryption algorithms accepted during tunnel negotiation.

option

-

Option

Description

high

High encryption. Allow only AES and ChaCha.

medium

Medium encryption. Allow AES, ChaCha, 3DES, and RC4.

low

Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.

auto-detect-algorithm

Auto detection algorithms used in tunnel negotiations.

option

-

Option

Description

simple

Use the same TCP option value in SYN/SYNACK packets. Backward compatible.

diff-req-resp

Use different TCP option values in SYN/SYNACK packets to avoid false positive detection.
Previous
Next