Created on 05-04-2020 01:41 AM Edited on 05-26-2022 09:02 AM By Anonymous
Description
This articles describes how to configure split-task VDOM mode With Fortinet Security Fabric.
Solution
Virtual Domains (VDOMs) are used to divide a FortiGate into two or more virtual units that function independently.
VDOMs can provide separate security policies and, in NAT mode, completely separate configurations for routing and VPN services for each connected network.
There are two VDOM modes:
- Split-task VDOM mode: One VDOM is used only for management, and the other is used to manage traffic. See Split-task VDOM mode.
- Multi VDOM mode: Multiple VDOMs can be created and managed as independent units. See Multi VDOM mode.
Split-task VDOM mode simplifies deployments that require only one management VDOM and one traffic VDOM.
The management VDOM is used to manage the FortiGate, and cannot be used to process traffic.
The traffic VDOM provides separate security policies, and is used to process all network traffic.
Split-task VDOM mode is not available on all FortiGate models.
The Fortinet Security Fabric supports split-task VDOM mode.
Enable split-task VDOM mode.
Split-task VDOM mode can be enabled in the GUI or CLI.
Enabling it does not require a reboot, but does log you out of the FortiGate.
From CLI.
# config system globalFrom GUI.
set vdom-mode split-vdom
end
1) Go to System -> Settings.
2) In the 'System Operation Settings' section, select checkbox 'Virtual Domains'.3) Select 'Split-Task VDOM' for the VDOM mode.
4) Select a dedicated management interface from the Interface list. This interface is used to access the management VDOM, and cannot be used in firewall policies.
5) Select 'OK'.Related link:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.