Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
johnlloyd_13
Contributor II

Created on ‎02-10-2023 07:48 PM

Route based VPN/VTI Tunnel support in Multi VDOM

hi,

i've been searching/googling for VDOM support for route-based VPN/VTI Tunnel but to no avail.

is this route-based VPN/VTI tunnel interface supported in multiple VDOM? i.e. VDOM A is for our internal VPN/VTI to AWS, then VDOM B is for other customer/department.

appreciate if someone can provide a fortinet link. thanks!

Labels:
3414
0 Kudos
1 Solution
gfleming
Staff
Staff
In response to johnlloyd_13

Created on ‎02-12-2023 09:26 PM

If you read the VDOM Overview in the docs you can see the very first paragraphs states:

 

"Virtual Domains (VDOMs) are used to divide a FortiGate into two or more virtual units that function independently. VDOMs can provide separate security policies and, in NAT mode, completely separate configurations for routing and VPN services for each connected network."

 

https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/109991/virtual-domains

Cheers,
Graham

View solution in original post

3339
0 Kudos
12 REPLIES 12
Toshi_Esumi
SuperUser
SuperUser
In response to johnlloyd_13

Created on ‎02-12-2023 05:15 PM Edited on ‎02-12-2023 05:22 PM

You probably don't have to configure "set vdom vdom_name" anywhere when you configure IPsecs. Only place you would see is the virtual interface/VTI under interface config after the fact when you configure the phase1-interface like below:


config system interface
  edit "VPNPh1Name"
    set vdom "vdom-name"
    set ip 10.x.x.121 255.255.255.255  
    set allowaccess ping
    set type tunnel
    set remote-ip 10.x.x.122 255.255.255.255
    set snmp-index 150
    set interface "outgoing-interface"
  next
end

 

Again, it's automatically set when you configure the IPsec in the vdom.

640
gfleming
Staff
Staff
In response to johnlloyd_13

Created on ‎02-12-2023 09:26 PM

If you read the VDOM Overview in the docs you can see the very first paragraphs states:

 

"Virtual Domains (VDOMs) are used to divide a FortiGate into two or more virtual units that function independently. VDOMs can provide separate security policies and, in NAT mode, completely separate configurations for routing and VPN services for each connected network."

 

https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/109991/virtual-domains

Cheers,
Graham
3340
0 Kudos
johnlloyd_13
Contributor II
In response to gfleming

Created on ‎02-12-2023 09:57 PM

perfect, this is what i'm looking for.

appreciate the link.

623
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.