Fortinet white logo
Fortinet white logo

CLI Reference

config wanopt settings

config wanopt settings

Configure WAN optimization settings.

config wanopt settings
    Description: Configure WAN optimization settings.
    set host-id {string}
    set tunnel-ssl-algorithm [high|medium|...]
    set auto-detect-algorithm [simple|diff-req-resp]
    set tunnel-optimization [memory-usage|balanced|...]
end

config wanopt settings

Parameter

Description

Type

Size

Default

host-id

Local host ID (must also be entered in the remote FortiProxy's peer list).

string

Maximum length: 35

default-id

tunnel-ssl-algorithm

Relative strength of encryption algorithms accepted during tunnel negotiation.

option

-

high

Option

Description

high

High encryption. Allow only AES and ChaCha.

medium

Medium encryption. Allow AES, ChaCha, 3DES, and RC4.

low

Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.

auto-detect-algorithm

Auto detection algorithms used in tunnel negotiations.

option

-

simple

Option

Description

simple

Use the same TCP option value in SYN/SYNACK packets. Backward compatible.

diff-req-resp

Use different TCP option values in SYN/SYNACK packets to avoid false positive detection.

tunnel-optimization

WANOpt tunnel optimization option.

option

-

balanced

Option

Description

memory-usage

Optimize tunnel for low system memory usage.

balanced

Optimize tunnel to balance between system memory usage and throughput.

throughput

Optimize tunnel for throughput.

config wanopt settings

config wanopt settings

Configure WAN optimization settings.

config wanopt settings
    Description: Configure WAN optimization settings.
    set host-id {string}
    set tunnel-ssl-algorithm [high|medium|...]
    set auto-detect-algorithm [simple|diff-req-resp]
    set tunnel-optimization [memory-usage|balanced|...]
end

config wanopt settings

Parameter

Description

Type

Size

Default

host-id

Local host ID (must also be entered in the remote FortiProxy's peer list).

string

Maximum length: 35

default-id

tunnel-ssl-algorithm

Relative strength of encryption algorithms accepted during tunnel negotiation.

option

-

high

Option

Description

high

High encryption. Allow only AES and ChaCha.

medium

Medium encryption. Allow AES, ChaCha, 3DES, and RC4.

low

Low encryption. Allow AES, ChaCha, 3DES, RC4, and DES.

auto-detect-algorithm

Auto detection algorithms used in tunnel negotiations.

option

-

simple

Option

Description

simple

Use the same TCP option value in SYN/SYNACK packets. Backward compatible.

diff-req-resp

Use different TCP option values in SYN/SYNACK packets to avoid false positive detection.

tunnel-optimization

WANOpt tunnel optimization option.

option

-

balanced

Option

Description

memory-usage

Optimize tunnel for low system memory usage.

balanced

Optimize tunnel to balance between system memory usage and throughput.

throughput

Optimize tunnel for throughput.