Fortinet white logo
Fortinet white logo

Configuring proxy settings on endpoints

Configuring proxy settings on endpoints

To connect to FortiSASE in Secure Web Gateway (SWG) agentless mode, each endpoint client must configure proxy settings within its network or browser settings to point to FortiSASE’s servers. You can configure this individually on the endpoint or, if you are using an enterprise management system, push it out to managed endpoints centrally.

You should provide users one of the following during the user onboarding process:

  • URL to the hosted proxy autoconfiguration (PAC) file
  • Proxy server addresses and port if users are to configure proxy settings manually.

From the System > SWG Configuration page, make note of the following information:

Field

Description

Global (Recommended)

Global FortiSASE server address for your instance.

Secure Web Gateway Server(s)

Lists address of each individual regional FortiSASE server for your instance.

Secure Web Gateway Port

Port that client should connect to in their proxy settings.

PAC File

Static copy of the PAC file, which you can customize and rehost on your server.

Hosted PAC File

Address of the PAC file hosted on the FortiSASE server.

Refer to SWG Configuration for more information.

Users are expected to have installed the FortiSASE certificate authority certificate on their devices. See Installing the FortiSASE CA certificate on endpoints.

Proxy settings on endpoint clients can differ between operating systems (OS) and browsers. While the following examples demonstrate the configuration for the selected OSes, refer to your OS or browser for complete instructions on configuring proxy settings.

Configuring proxy settings on endpoints

Configuring proxy settings on endpoints

To connect to FortiSASE in Secure Web Gateway (SWG) agentless mode, each endpoint client must configure proxy settings within its network or browser settings to point to FortiSASE’s servers. You can configure this individually on the endpoint or, if you are using an enterprise management system, push it out to managed endpoints centrally.

You should provide users one of the following during the user onboarding process:

  • URL to the hosted proxy autoconfiguration (PAC) file
  • Proxy server addresses and port if users are to configure proxy settings manually.

From the System > SWG Configuration page, make note of the following information:

Field

Description

Global (Recommended)

Global FortiSASE server address for your instance.

Secure Web Gateway Server(s)

Lists address of each individual regional FortiSASE server for your instance.

Secure Web Gateway Port

Port that client should connect to in their proxy settings.

PAC File

Static copy of the PAC file, which you can customize and rehost on your server.

Hosted PAC File

Address of the PAC file hosted on the FortiSASE server.

Refer to SWG Configuration for more information.

Users are expected to have installed the FortiSASE certificate authority certificate on their devices. See Installing the FortiSASE CA certificate on endpoints.

Proxy settings on endpoint clients can differ between operating systems (OS) and browsers. While the following examples demonstrate the configuration for the selected OSes, refer to your OS or browser for complete instructions on configuring proxy settings.