Transparent proxy

In a transparent proxy deployment, the user's client software, such as a browser, is unaware that it is communicating with a proxy.

Users request internet content as usual, without any special client configuration, and the proxy serves their requests. FortiGate also allows user to configure in transparent proxy mode.

To redirect HTTPS traffic, SSL inspection is required.

To configure transparent proxy in the GUI:
  1. Configure a regular firewall policy with HTTP redirect:

    1. Go to Policy & Objects > Firewall Policy.

    2. Click Create New.

    3. Name the policy appropriately, set the Incoming Interface to port2, and set the Outgoing Interface to port1.

    4. Also set Source and Destination to all, Schedule to always, Service to ALL, and Action to ACCEPT.

    5. Set Inspection Mode to Proxy-based and SSL Inspection to deep-inspection.

    6. Configure the remaining settings as needed.

    7. Click OK.

  2. Configure a transparent proxy policy:

    1. Go to Policy & Objects > Proxy Policy.

    2. Click Create New.

    3. Set Proxy Type to Transparent Web, set the Incoming Interface to port2, and set the Outgoing Interface to port1.

    4. Also set Source and Destination to all, Scheduleto always, Service to webproxy, and Action to ACCEPT.