Assign VDOMs to different ADOMs

LarW63 · ‎12-19-2017

Hi,

I'm fairly new to Fortimanager so please excuse this question if it's somewhat basic.

I have a Fortigate firewall that has been configured with two VDOMs; root and test. In Fortimanager, I'd like to control the root VDOM in one ADOM and control the test VDOM in different ADOM. However, when I add the Fortigate under Device Manager, it puts both VDOMs in the same ADOM.

How do I assign each VDOM separately?

Thanks for your time,

Larry

hklb · ‎12-21-2017

hi,

here is the procedure :

- import your firewall in a ADOM

- On "all ADOMs" page, edit an empty ADOM

- Select the VDOM you want to add to this ADOM

- do this for all the VDOM you want to move

A+

Lucas

View solution in original post

hklb · ‎12-20-2017

Hi

Change ADOM mode to "Advanced" :

config system global set adom-mode advanced end

A+

LarW63 · ‎12-20-2017

Thank you. I have set my FM to Advanced mode and restarted it on spec.

Now, when I try to re-add my FG Device from my previous post, I fail to see how I split up the VDOMs into separate ADOMs.

Any further guidance on this aspect?

Lar

hklb · ‎12-21-2017

hi,

here is the procedure :

- import your firewall in a ADOM

- On "all ADOMs" page, edit an empty ADOM

- Select the VDOM you want to add to this ADOM

- do this for all the VDOM you want to move

A+

Lucas

LarW63 · ‎12-21-2017

Thank you Lucas.

It's not very intuitive, but I now have it working exactly as you directed.

Larry

chall_FTNT · ‎12-22-2017

LarW63 wrote:
It's not very intuitive, but I now have it working exactly as you directed.

We are considering how to document this more clearly in our online guide -- likely a section entitled "Assigning VDOMs to an ADOM".

Right now, we have: Assigning devices to an ADOM

ADOM device modes

Chris Hall
Fortinet Technical Support

ujnetsec · ‎09-18-2018

I have tried the steps above, but once i add a firewall it only shows me the "root" VDOM i cant see the rest of the VDOM

chall_FTNT · ‎09-18-2018

Does the FortiGate have VDOMs enabled? If so, can you show us the output on the FMG of "diag dvm device list" & point out which FortiGate you are referring to?

Chris Hall
Fortinet Technical Support

ujnetsec · ‎09-18-2018

Hi Guys i have managed to add the Device with its VDOMs assigned to each ADOM, now my issue is importing the policies:

6.00741 (extended) 6.0 MR0 (131) |- STATUS: dev-db: not modified; conf: in sync; cond: OK; dm: re trieved; conn: up HA cluster member: FGT1KD (master) HA cluster member: FGT1KD (slave 0) |- vdom:[3]root flags:0 adom:root pkg:[never-installed] |- vdom:[101]DFC-PRODUCT flags:0 adom:root pkg:[never-installed] |- vdom:[102]DFC-Reg flags:0 adom:root pkg:[never-installed] |- vdom:[103]DFC-STAFFWI flags:0 adom:root pkg:[never-installed] |- vdom:[104]DFC-STUDENT flags:0 adom:root pkg:[never-installed]

When i try to Import the policies the "import policy option is disabled.

chall_FTNT · ‎09-18-2018

Check whether the root ADOM is version 6.0 or not. The FortiOS version must match the ADOM version to allow import.

Chris Hall
Fortinet Technical Support

Assign VDOMs to different ADOMs

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website