FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
akileshc
Staff
Staff

Description
This articles describes how to configure split-task VDOM mode With Fortinet Security Fabric.

Solution
Virtual Domains (VDOMs) are used to divide a FortiGate into two or more virtual units that function independently.
VDOMs can provide separate security policies and, in NAT mode, completely separate configurations for routing and VPN services for each connected network.

There are two VDOM modes:
- Split-task VDOM mode: One VDOM is used only for management, and the other is used to manage traffic. See Split-task VDOM mode.
- Multi VDOM mode: Multiple VDOMs can be created and managed as independent units. See Multi VDOM mode.

Split-task VDOM mode simplifies deployments that require only one management VDOM and one traffic VDOM.
The management VDOM is used to manage the FortiGate, and cannot be used to process traffic.
The traffic VDOM provides separate security policies, and is used to process all network traffic.

Split-task VDOM mode is not available on all FortiGate models.
The Fortinet Security Fabric supports split-task VDOM mode.

Enable split-task VDOM mode.

Split-task VDOM mode can be enabled in the GUI or CLI.
Enabling it does not require a reboot, but does log you out of the FortiGate.



 
 
From CLI.  
# config system global
    set vdom-mode split-vdom
end
From GUI.

1) Go to System -> Settings.
2) In the 'System Operation Settings' section, select checkbox 'Virtual Domains'.
 
 
 
 
3) Select 'Split-Task VDOM' for the VDOM mode.
4) Select a dedicated management interface from the Interface list. This interface is used to access the management VDOM, and cannot be used in firewall policies.
5) Select 'OK'.
 
Related link:
 
 


Contributors