Hi everyone,
I have 4 Vdoms (Internet - local DC servers - Paretener - SSL VPN & IPsec), I have observed that one session is duplicated over every VDOM traffic that passes it. how I can terminate sessions from repeating through other vdoms?
-Example:
SSL users want to connect to the DC server and use the internet, the session will throw (SSL Vodm) then through ( DC srv vdom), and so on.... this causes multiple sessions consuming device resources. any idea to prevent the same sessions over multiple vdoms?
Thanks for all,
hi,
quickest/simplest way would be to have all resources access/connect to the same vdom, otherwise the traffic flow will respect the routing table and go through all of them and create a session in each one
Hi @ehabali ,
1) First of all, VDOM is a virtual device actually. So you must have a session in the session table if the traffic is passing through the VDOM. If you terminate the session in one VDOM, that means the traffic will be denied due to no session matched in the VDOM.
2) Next, what VDOMs the traffic is passing through is based on your routing table and firewall policy.
Thanks, @dingjerry_FTNT for your interest,
I know that it is logical that sessions are created in every vdom, but I was asking for any workaround to avoid session duplication as it is just passed to the next firewall such as Palo.
—To clarify what I think, I want SSL vdom when asking to access a server that is located under the Palo Alto DC firewall. I want the session to be created just on SSL Vdom, then pass through DC vdom to continue to Palo firewall, reach the actual server, and so on when traffic returns. Just created in one vdom. Is there any way to apply that?
Thanks, @funkylicious for your interest,
I know that it is logical that sessions are created in every vdom, but I was asking for any workaround to avoid session duplication.
is it session duplication if that is the correct path the traffic should take ?
it's like having multiple devices along the path and the sessions are created on each one.
User | Count |
---|---|
2539 | |
1352 | |
795 | |
642 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.