Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Kenundrum
Contributor III

Security Fabric VDOM Support?

So the security fabric functions are currently not supported on devices running with VDOMs enabled.

Has anyone heard any info on when this is going to be fixed?

You would think that a function that is designed to help multiple devices work together would be supported on devices that within the same chassis have multiple firewalls that need help working together! It doesn't seem like it is too much of a stretch to make it work- just set fabric settings per VDOM and treat every VDOM as a unique device (just like they are intended). I know it's not an API problem because the API is totally capable of handling multiple VDOMs. At this point the only thing the fabric function does with VDOMs is allow you to offload traffic to a FortiWeb/Mail/Sandbox device for further inspection. This is really annoying!

CISSP, NSE4

 

CISSP, NSE4
13 REPLIES 13
mike_dp
New Contributor

any updates for security fabric with vDoms?

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6

FortiAnalyzer, ForticlientEMS

Fortigate : 80E, 80F, 100E, 200F, 300E : 6.4.6 FortiAnalyzer, ForticlientEMS
Heyro
New Contributor

i'm running version 6.03 and was hoping they would add this feature. Most high end firewall end up being configured in vDom mode, so i still don't understand they're approach on the security fabric.

alantz
New Contributor

OMG, I can't believe this. I'm running 6.2.2 and have spend hours on this trying to figure out why I can't see telemetry in my fabric settings. I have a ticket submitted as well, but I guess now I know what the answer will be. Not having Compliance because I use vdom's is rediculious ! 

 

--Alan--

 

emnoc
Esteemed Contributor III

The notes clearing states this is disabled, not sure why the complaints. Instead of opening tickets open a NFR ( New Feature Request ). 

 

https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-security-fabric-54/1-fabric-introduc...

 

The fortiOS also spits out a warning about it also ;

 

Can not set Security Fabric when vdom mode is enabled.

object check operator error, -651, discard the setting

Command fail. Return code -651

 

So complaining over spilled milk is not going to accomplish much of anything. They might get it added but in a multi-tenant env, but  I highly doubt it would come very soon. Request a NFR thru your sales team.

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors