We're using VDOMs in our FortiGate Firewalls.
FortiGate is running HA and using Dedicated Management interface for Active and Standby Node.
Dedicated Management subnets have no internet access.
The root VDOM, we didn’t configure anything and leave with default settings . So there is no interface to go internet from root VDOM.
We’ve another 4 VDOMs other than root VDOM and those 4 VDOMs can go internet. We are running VLAN interface within each VDOMs and those VLANs can go internet.
Currently, FortiGate is showing the alert “Unable to connect to FortiGuard Server”.
We configured per VDOM DNS setting and from each VDOM , we can ping update.fortiguard.net.
But from root VDOM or management interface, it cannot reach to update.fortiguard.net as there is no internet access.
With our current deployment, how can we configure FortiGate to reach FortiGuard Service as we need to do license registration. Can we configure one of the interfaces from non-root VDOM to access FortiGuard Services because only non-root VDOM has internet access in our current deployment.
What is recommended , normal deployment for FortiGuard Service for a deployment like us?
Pease help suggest, thank you so much.