Hi,
I'm a bit stuck and I hope you can help me out.
We have more or less this setup (see image in attachment - setup.jpg)
but the internet is patched on the 'distributed FSWs' because the ISP is a single interface (so when there is a failover in the fortigate HA cluster, there is no impact).
The fortiswitches (distribution and access layer) are uplinked through a FortiLink interface and the management of all the switch ports is done in the Fortigate.
Now, we would like to implement VDOMs, but using the same client switches (and thus the same Fortilink)
I have created a new vdom called test, but I don't understand how I can create a new vlan in vdom test and assign this vlan to one of the ports on the fortiswitches.
The existing fortilink is available in the root vdom, where I can manage all the switches and assign a vlan to a port on one of the switches.
I noticed that I can create a new vlan on the existing Fortilink in the global settings. This vlan is available in the test vdom (so I can use it and create some policies) but I cannot assign the vlan to a physical port on one of the switches in the root vdom.
So here I'm stuck...
Can you help me out on this ?
Thanks
Gijs
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
an old'ish post but i was struggling with this last night.
you have to configures things in cli but be aware there are restrictions in what you can do with ports and vlans in a multi-vdom scenario, like no mclag for example. The basics of a simple port exported to another vdom seems to work, but start trying to combine lag's with different vdoms and i just could get it to work, at least not with the time i had. That's a major problem if you trunk to third-party switches.
And to top it all, whilst the exported ports appeared in the gui within their respective vdoms in 6.4.4, they disappeared in 6.4.5 which means the vlans configured to the non root vdoms are 'invisible' in the FG gui.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1660 | |
1077 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.