Fortinet white logo
Fortinet white logo

CLI Reference

config system wccp

config system wccp

Configure WCCP.

config system wccp
    Description: Configure WCCP.
    edit <service-id>
        set router-id {ipv4-address}
        set cache-id {ipv4-address}
        set group-address {ipv4-address-multicast}
        set server-list {user}
        set router-list {user}
        set ports-defined [source|destination]
        set server-type [forward|proxy]
        set ports {user}
        set authentication [enable|disable]
        set password {password}
        set forward-method [GRE|L2|...]
        set cache-engine-method [GRE|L2]
        set service-type [auto|standard|...]
        set primary-hash {option1}, {option2}, ...
        set priority {integer}
        set protocol {integer}
        set assignment-weight {integer}
        set assignment-bucket-format [wccp-v2|cisco-implementation]
        set return-method [GRE|L2|...]
        set assignment-method [HASH|MASK|...]
        set assignment-srcaddr-mask {ipv4-netmask-any}
        set assignment-dstaddr-mask {ipv4-netmask-any}
    next
end

config system wccp

Parameter

Description

Type

Size

Default

service-id

Service ID.

string

Maximum length: 3

router-id

IP address known to all cache engines. If all cache engines connect to the same FortiProxy interface, use the default 0.0.0.0.

ipv4-address

Not Specified

0.0.0.0

cache-id

IP address known to all routers. If the addresses are the same, use the default 0.0.0.0.

ipv4-address

Not Specified

0.0.0.0

group-address

IP multicast address used by the cache routers. For the FortiProxy to ignore multicast WCCP traffic, use the default 0.0.0.0.

ipv4-address-multicast

Not Specified

0.0.0.0

server-list

IP addresses and netmasks for up to four cache servers.

user

Not Specified

router-list

IP addresses of one or more WCCP routers.

user

Not Specified

ports-defined

Match method.

option

-

Option

Description

source

Source port match.

destination

Destination port match.

server-type

Cache server type.

option

-

forward

Option

Description

forward

Forward server.

proxy

Proxy server.

ports

Service ports.

user

Not Specified

authentication

Enable/disable MD5 authentication.

option

-

disable

Option

Description

enable

Enable MD5 authentication.

disable

Disable MD5 authentication.

password

Password for MD5 authentication.

password

Not Specified

forward-method

Method used to forward traffic to the cache servers.

option

-

GRE

Option

Description

GRE

GRE encapsulation.

L2

L2 rewrite.

any

GRE or L2.

cache-engine-method

Method used to forward traffic to the routers or to return to the cache engine.

option

-

GRE

Option

Description

GRE

GRE encapsulation.

L2

L2 rewrite.

service-type

WCCP service type used by the cache server for logical interception and redirection of traffic.

option

-

auto

Option

Description

auto

auto

standard

Standard service.

dynamic

Dynamic service.

primary-hash

Hash method.

option

-

dst-ip

Option

Description

src-ip

Source IP hash.

dst-ip

Destination IP hash.

src-port

Source port hash.

dst-port

Destination port hash.

priority

Service priority.

integer

Minimum value: 0 Maximum value: 255

0

protocol

Service protocol.

integer

Minimum value: 0 Maximum value: 255

0

assignment-weight

Assignment of hash weight/ratio for the WCCP cache engine.

integer

Minimum value: 0 Maximum value: 255

0

assignment-bucket-format

Assignment bucket format for the WCCP cache engine.

option

-

cisco-implementation

Option

Description

wccp-v2

WCCP-v2 bucket format.

cisco-implementation

Cisco bucket format.

return-method

Method used to decline a redirected packet and return it to the FortiProxy unit.

option

-

GRE

Option

Description

GRE

GRE encapsulation.

L2

L2 rewrite.

any

GRE or L2.

assignment-method

Hash key assignment preference.

option

-

HASH

Option

Description

HASH

HASH assignment method.

MASK

MASK assignment method.

any

HASH or MASK.

assignment-srcaddr-mask

Assignment source address mask.

ipv4-netmask-any

Not Specified

0.0.23.65

assignment-dstaddr-mask

Assignment destination address mask.

ipv4-netmask-any

Not Specified

0.0.0.0

config system wccp

config system wccp

Configure WCCP.

config system wccp
    Description: Configure WCCP.
    edit <service-id>
        set router-id {ipv4-address}
        set cache-id {ipv4-address}
        set group-address {ipv4-address-multicast}
        set server-list {user}
        set router-list {user}
        set ports-defined [source|destination]
        set server-type [forward|proxy]
        set ports {user}
        set authentication [enable|disable]
        set password {password}
        set forward-method [GRE|L2|...]
        set cache-engine-method [GRE|L2]
        set service-type [auto|standard|...]
        set primary-hash {option1}, {option2}, ...
        set priority {integer}
        set protocol {integer}
        set assignment-weight {integer}
        set assignment-bucket-format [wccp-v2|cisco-implementation]
        set return-method [GRE|L2|...]
        set assignment-method [HASH|MASK|...]
        set assignment-srcaddr-mask {ipv4-netmask-any}
        set assignment-dstaddr-mask {ipv4-netmask-any}
    next
end

config system wccp

Parameter

Description

Type

Size

Default

service-id

Service ID.

string

Maximum length: 3

router-id

IP address known to all cache engines. If all cache engines connect to the same FortiProxy interface, use the default 0.0.0.0.

ipv4-address

Not Specified

0.0.0.0

cache-id

IP address known to all routers. If the addresses are the same, use the default 0.0.0.0.

ipv4-address

Not Specified

0.0.0.0

group-address

IP multicast address used by the cache routers. For the FortiProxy to ignore multicast WCCP traffic, use the default 0.0.0.0.

ipv4-address-multicast

Not Specified

0.0.0.0

server-list

IP addresses and netmasks for up to four cache servers.

user

Not Specified

router-list

IP addresses of one or more WCCP routers.

user

Not Specified

ports-defined

Match method.

option

-

Option

Description

source

Source port match.

destination

Destination port match.

server-type

Cache server type.

option

-

forward

Option

Description

forward

Forward server.

proxy

Proxy server.

ports

Service ports.

user

Not Specified

authentication

Enable/disable MD5 authentication.

option

-

disable

Option

Description

enable

Enable MD5 authentication.

disable

Disable MD5 authentication.

password

Password for MD5 authentication.

password

Not Specified

forward-method

Method used to forward traffic to the cache servers.

option

-

GRE

Option

Description

GRE

GRE encapsulation.

L2

L2 rewrite.

any

GRE or L2.

cache-engine-method

Method used to forward traffic to the routers or to return to the cache engine.

option

-

GRE

Option

Description

GRE

GRE encapsulation.

L2

L2 rewrite.

service-type

WCCP service type used by the cache server for logical interception and redirection of traffic.

option

-

auto

Option

Description

auto

auto

standard

Standard service.

dynamic

Dynamic service.

primary-hash

Hash method.

option

-

dst-ip

Option

Description

src-ip

Source IP hash.

dst-ip

Destination IP hash.

src-port

Source port hash.

dst-port

Destination port hash.

priority

Service priority.

integer

Minimum value: 0 Maximum value: 255

0

protocol

Service protocol.

integer

Minimum value: 0 Maximum value: 255

0

assignment-weight

Assignment of hash weight/ratio for the WCCP cache engine.

integer

Minimum value: 0 Maximum value: 255

0

assignment-bucket-format

Assignment bucket format for the WCCP cache engine.

option

-

cisco-implementation

Option

Description

wccp-v2

WCCP-v2 bucket format.

cisco-implementation

Cisco bucket format.

return-method

Method used to decline a redirected packet and return it to the FortiProxy unit.

option

-

GRE

Option

Description

GRE

GRE encapsulation.

L2

L2 rewrite.

any

GRE or L2.

assignment-method

Hash key assignment preference.

option

-

HASH

Option

Description

HASH

HASH assignment method.

MASK

MASK assignment method.

any

HASH or MASK.

assignment-srcaddr-mask

Assignment source address mask.

ipv4-netmask-any

Not Specified

0.0.23.65

assignment-dstaddr-mask

Assignment destination address mask.

ipv4-netmask-any

Not Specified

0.0.0.0