Fortinet black logo

CLI Reference

system icapserver

system icapserver

Use this command to configure FortiWeb to submit all files that match your upload restriction rules to ICAP server.

ICAP server evaluates whether the file poses a threat and returns the result to FortiWeb. If ICAP determines that the file is malicious, FortiWeb performs the following tasks:

  • Generates an attack log message that contains the result.
  • Takes the action specified by the file security policy. During this time, it does not re-submit the file to ICAP server.

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config system icapserver

set server "<server_ipv4>"

set cache-timeout <timeout_int>

set port <port_int>

set elog {enable | disable}

set service-name <name_str>

set ssl {enable | disable}

end

Variable Description Default

server "<server_ipv4>"

Enter the IP address or domain name of the ICAP server to send files to.

No default.

port <port_int>

Enter the port on which the ICAP server is listening.

When ssl {enable | disable} is enable, the default port is 11344, while when ssl {enable | disable} is disable, the default port is 1344.

1344 or 11344

cache-timeout <timeout_int>

After it receives the ICAP results, FortiWeb takes the action specified by the file security policy. During this time, it does not re-submit the file to ICAP server. The valid range is 1-168 hours.

72

elog {enable | disable}

Enter so that FortiWeb will report event logs when it successfully submits files to FortiSandbox.

disable

service-name <name_str>

The name of the ICAP service, which appears in the URL configured in the ICAP client. For example, icap://<ip_address>/<name>.

No default

ssl {enable | disable}

Enable to encrypt the transmission. The port varies depending on whether this option is enabled or not.

disable

Example

This example creates a connection to an ICAP server at 192.0.2.2 that retrieves statistics and sends a weekly report to admin@example.com.

config system icapserver

set server "192.0.2.2"

set ssl enable

set cache-timeout 5

end

Related topics

system icapserver

Use this command to configure FortiWeb to submit all files that match your upload restriction rules to ICAP server.

ICAP server evaluates whether the file poses a threat and returns the result to FortiWeb. If ICAP determines that the file is malicious, FortiWeb performs the following tasks:

  • Generates an attack log message that contains the result.
  • Takes the action specified by the file security policy. During this time, it does not re-submit the file to ICAP server.

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config system icapserver

set server "<server_ipv4>"

set cache-timeout <timeout_int>

set port <port_int>

set elog {enable | disable}

set service-name <name_str>

set ssl {enable | disable}

end

Variable Description Default

server "<server_ipv4>"

Enter the IP address or domain name of the ICAP server to send files to.

No default.

port <port_int>

Enter the port on which the ICAP server is listening.

When ssl {enable | disable} is enable, the default port is 11344, while when ssl {enable | disable} is disable, the default port is 1344.

1344 or 11344

cache-timeout <timeout_int>

After it receives the ICAP results, FortiWeb takes the action specified by the file security policy. During this time, it does not re-submit the file to ICAP server. The valid range is 1-168 hours.

72

elog {enable | disable}

Enter so that FortiWeb will report event logs when it successfully submits files to FortiSandbox.

disable

service-name <name_str>

The name of the ICAP service, which appears in the URL configured in the ICAP client. For example, icap://<ip_address>/<name>.

No default

ssl {enable | disable}

Enable to encrypt the transmission. The port varies depending on whether this option is enabled or not.

disable

Example

This example creates a connection to an ICAP server at 192.0.2.2 that retrieves statistics and sends a weekly report to admin@example.com.

config system icapserver

set server "192.0.2.2"

set ssl enable

set cache-timeout 5

end

Related topics