2 VDOMS UTILIZING SAME WAN PORT

Forum|Forum|9 years ago
December 24, 2016
1 reply
15385 views

I currently have 2 vdoms setup. I have not been able to configure both vdoms with the same wan port. Is this possible? The reason I am trying to approach it this way as opposed to having separate external interfaces for each vdom is because i want to setup wan failover to cover both vdoms.

Best answer by emnoc

A meshed vdom is what you want. Be advise fwpolicies resources are doubled for every meshed-vdom

http://socpuppet.blogspot.com/2014/09/a-stacked-vdom-concept-with-fortigate.html

http://socpuppet.blogspot.com/2014/09/a-meshed-vdom-transparent-using-inter.html

I really wished FTNT would come up a with solution that allows you to share a interface similar to the cisco ASA & across multi-contexts.

Carl_Wallmark

New Member

Hi,

You can use the same physically interface, by using VLANs on the interface,

VLAN1(wan1) = VDOM1

VLAN2(wan1) = VDOM2

etc...

If you need the same logical interface, all you can do is create a VDOM-link between the two vdoms and create firewall rules for that.

VDOM1 -> WAN1

VDOM2 -> VDOM-link to VDOM1 -> WAN1

MikePruett

New Member

Yeah, it gets a little messy. In situations like that I tend to go the three VDOM route making a pseudo pyramid.

Have VDOM1 be the NAT vdom for the WAN port and have the two other vdoms underneath it that link up to the main one.

emnocAnswer

New Member

A meshed vdom is what you want. Be advise fwpolicies resources are doubled for every meshed-vdom

http://socpuppet.blogspot.com/2014/09/a-stacked-vdom-concept-with-fortigate.html

http://socpuppet.blogspot.com/2014/09/a-meshed-vdom-transparent-using-inter.html

I really wished FTNT would come up a with solution that allows you to share a interface similar to the cisco ASA & across multi-contexts.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded