Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Modnet
New Contributor

Created on ‎11-07-2023 07:26 AM

FMG VPN Manager across ADOMs

I am currently setting up a new FMG.  I have 8 FGTs in total. Two of them are 100Es running 7.2 firmware and the rest are 100Fs running 7.4 firmware. I have created two separate ADOMS... one for 7.2 devices and the other for 7.4 devices. My goal is to use the VPN Manager to create a Full Mesh IPSEC topology across all 8 fortigates. Will I be able to do that while the two 100Es are in a separate ADOM? If not, what is recommended to get this accomplished?

Brian Modlin
Brian Modlin
Labels:
1727
0 Kudos
7 REPLIES 7
adambomb1219
SuperUser
SuperUser

Created on ‎11-07-2023 07:31 AM

Why not run them all on the same version?

1719
0 Kudos
Modnet
New Contributor
In response to adambomb1219

Created on ‎11-07-2023 07:34 AM

I wish I could but it seems that firmware upgrades stop at 7.2 for the 100Es.... 7.4 is not available.

Brian Modlin
Brian Modlin
1717
0 Kudos
asrour
Staff
Staff

Created on ‎11-14-2023 02:48 PM

Hi @Modnet 

unfortunately, that is not possible in VPN Manager, they must be in the same ADOM

else you will need to create tunnels in the device manager

 

Thanks,

Ahmad

A Srour
1640
0 Kudos
Modnet
New Contributor
In response to asrour

Created on ‎11-14-2023 02:52 PM Edited on ‎11-14-2023 02:54 PM

Ok thank you. If they are in the same 7.4 ADOM but some fortigates are running 7.2 and some are running 7.4 will it work? I need a full mesh topology.

Brian Modlin
Brian Modlin
1637
0 Kudos
asrour
Staff
Staff

Created on ‎11-14-2023 02:59 PM

- in theory you can, but moving 7.2 FGTs to 7.4 ADOM will not move the policies and you will not be able to import them.

- you will need to create policies for the vpn

- there is a solution that may work, by creating external gateways and connecting them, that will need Professional Services help

A Srour
1634
0 Kudos
Modnet
New Contributor
In response to asrour

Created on ‎11-14-2023 03:15 PM

Here is what I did. Please tell me if it will work.  I had a 7.2 ADOM with my 7.2 FGTs.  I imported the policies from the 7.2 FGTs and then upgraded the ADOM to 7.4.  Then I added the 7.4 FGTs and imported there policies.  My thought is I will be ok to push policies to both 7.2 and 7.4 FGTs, as long as I never make changes on the FGTs and make all changes from the FMG. Will this work, or should I downgrade my 100Fs to match my 100Es.  7.4 is not available for the 100Es. This is my dilemma.

Brian Modlin
Brian Modlin
1624
0 Kudos
asrour
Staff
Staff

Created on ‎11-17-2023 03:35 PM

This should work, only the policy import will not work

A Srour
1587
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.