Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Find management IP of a Transparent VDOM

I have just took over a fortigate with multiple vdom. But i cant find the management IP of the transparent VDOM. 

Contributor III

In the gui, it is located under the global section, VDOM -> VDOM. In there is the list of all VDOMs. Select the one you want and click edit. That will take you to the VDOM edit page and it will list the management IP.


in the CLI, you would do

config vdom

edit [yourVDOMname]

config system settings



the set manageip line would be management IP.




didnt see it in the GUI but found it in CLI . thanks ! 


another question 

even though i found the management IP.


my newly create subnet( cannot access GUI error: page cannot display, but old subnet( can.


Is there any settings in fortigate can limit access ? dont see any policy blocking management access 




that would be in 2 places. First, each interface can be set to allow/disallow management access on various protocols. In the interface configuration page, there are various checkboxes allowing management access via HTTP, HTTPS, SSH, etc... make sure the appropriate ones are checked.

Second there is a list of trusted hosts per user (this is most likely your issue). Each admin user can be set up to only allow logins from set ip ranges. You need to go to the administrators page and select the user trying to connect. There should be a section in the administrator setup labeled "Restrict this Administrator Login from Trusted Hosts Only" with a checkbox and then a list of ip ranges. You may want to add the ip range to the allowed hosts.

Also- if it's a brand new ip range, it's possible that the range has not been added to the routing table and the firewall simply can't get a route back to respond to the requests.

It would help to know what model and firmware you are running since there are some slight differences between devices.






1. https was enables as other subnet can access the GUI 

2. it cannot be restrict by user account as i cannot see the login page at all 


any other possibility ? 



Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors