Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
otagg
New Contributor

Can VDOM in VM be security fabric root ?

We have a fortigate onprem at each office locations, and a pair of HA in VM in datacenter.

The VM forti is provided by our MSP. On the same forti VM, they have other customers in different VDOMs.

They've told us that because of this setup, their VM forti can not be used as security fabric root.

We're not sure that's true, and would really like to use the HA pair as root. Is that setup possible?

router login 192.168.l.l
1 REPLY 1
ozkanaltas
Valued Contributor III

I think they are right because security fabric root settings can be made on Global vdom. Because of that, if you configure security fabric root on global vdom these settings will affect all other traffic vdoms. 

 

I couldn't find any document about that. If I find anything about that I will update my answer. 

 

PS.

 

I found a document about security fabric in multi vdom environment.

 

This document shows that. if you want to connect your edge FortiGate to Root Fortigate, you need to use management vdom on root FortiGate. The MSP doesn't want to do this.

 

https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/721683/deploying-the-securit...

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors