- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Route based VPN/VTI Tunnel support in Multi VDOM
hi,
i've been searching/googling for VDOM support for route-based VPN/VTI Tunnel but to no avail.
is this route-based VPN/VTI tunnel interface supported in multiple VDOM? i.e. VDOM A is for our internal VPN/VTI to AWS, then VDOM B is for other customer/department.
appreciate if someone can provide a fortinet link. thanks!
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you read the VDOM Overview in the docs you can see the very first paragraphs states:
"Virtual Domains (VDOMs) are used to divide a FortiGate into two or more virtual units that function independently. VDOMs can provide separate security policies and, in NAT mode, completely separate configurations for routing and VPN services for each connected network."
https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/109991/virtual-domains
Graham
- « Previous
-
- 1
- 2
- Next »
Created on ‎02-12-2023 05:15 PM Edited on ‎02-12-2023 05:22 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You probably don't have to configure "set vdom vdom_name" anywhere when you configure IPsecs. Only place you would see is the virtual interface/VTI under interface config after the fact when you configure the phase1-interface like below:
config system interface
edit "VPNPh1Name"
set vdom "vdom-name"
set ip 10.x.x.121 255.255.255.255
set allowaccess ping
set type tunnel
set remote-ip 10.x.x.122 255.255.255.255
set snmp-index 150
set interface "outgoing-interface"
next
end
Again, it's automatically set when you configure the IPsec in the vdom.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you read the VDOM Overview in the docs you can see the very first paragraphs states:
"Virtual Domains (VDOMs) are used to divide a FortiGate into two or more virtual units that function independently. VDOMs can provide separate security policies and, in NAT mode, completely separate configurations for routing and VPN services for each connected network."
https://docs.fortinet.com/document/fortigate/7.2.4/administration-guide/109991/virtual-domains
Graham
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
perfect, this is what i'm looking for.
appreciate the link.

- « Previous
-
- 1
- 2
- Next »