Description
This article explains the purpose of Management VDOM in the case of license/contract information. The management VDOM is set to root by default.
Solution
When in the case of multiple VDOM configurations in FortiGate, the traffic for the request that is made by FortiGate to the FortiGuard servers for license and contract information will be forwarded by Management VDOM.
There has to be internet connectivity on the Management VDOM so that there would be reachability to the FortiGuard servers (on the internet).
The current setting of the Management VDOM can be seen using:
config global
show full system global | grep management-vdom
set management-vdom "root" <----- Currently root VDOM is the mgmt VDOM.
To change Management VDOM via CLI:
FGT # config global
FGT (global) # config system global
FGT (global) set management-vdom <vdom_name>
FGT (global) end
FGT (global) end
On v7.2.3+ is added a new feature that allows Fortiguard services and updates to be used with a non-management VDOM:Technical Tip: How to use non management VDOM for Fortiguard services and updates
