Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mike74
New Contributor II

What does a disabled VDOM mean in Practice

Hi all,

 

Experimenting with vdoms i disabled a vdom and expect the same behavior as if i pull the plug out of the virtual device. All interfaces are disabled, no service is responding on any interface belonging to that particular vdom. But in reality it seems as if the services are not affected by that administrative step. The only information to find in the www is the well known paragraph which is not changed much over a decade:

 

Disabled status VDOMs are considered “offline”. The configuration remains, but you cannot use the VDOM, and only the super_admin administrator can view it. You cannot delete a disabled VDOM without first enabling it, and removing references to it like usual— there is no Delete icon for disabled status VDOMs.  What does this exactly mean for the device and the provided services? Only the configuration is frozen and cannot be administered or deleted, per vdom defined administrators cannot login, but the services are still online? What is the motivation for disabling vdoms by design?

I interpreted it as a way to disable all belonging interfaces as once and tell the device not to waste cpu cycles for this vdom but keep the configuration for later use.

 

Thanks for any suggestions

Michael

1 REPLY 1
emnoc
Esteemed Contributor III

It means"exactly" what you stated, it's offline, fwpolicy/proxy/inspection cease to function.

It would be exactly like you stated "shutdown  or a fw with no power".

 

Ken

 

PCNSE 

NSE 

StrongSwan