Professional Documents
Culture Documents
106-VDOM Lab
106-VDOM Lab
Management Interface
FW1 # config system interface
FW1 (interface) # edit port7
FW1 (port7) # set mode static
FW1 (port7) # set ip 192.168.100.200/24
FW1 (port7) # set allowaccess https http ping ssh
FW1 (port7) # end
Enable VDOM:
Certain FortiGate models has no GUI to enabling virtual domains option in the System
Information widget. Enter the following command in the CLI Console to enable VDOM. Enter y
when you are asked if you want to continue.
Enable VDOM
FW1 (global) # config system global
FW1 (global) # set vdom-mode multi-vdom
FW1 (global) # end
Go to System > VDOM and create two VDOMs: VDOM HR and VDOM Sale. In my case, the
NGFW Mode is set to Profiled-based for VDOMs.
To assign an interface for the Root internal network, go to Network > Interfaces and edit the
interface in my case Port4. Set Virtual Domain to root and Role to LAN. Set Addressing Mode to
Manual, assign an IP/Network Mask to the interface in my case,192.168.11.254/255.255.255.0).
Configure HR Policy:
To create a new policy, go to Policy & Objects > Firewall Policy and select Create New. Set the
Incoming Interface to HR-LAN port5 and set the Outgoing Interface to HR-WAN Port2.
Navigate to Dashboard>Network > Routing it will only show Root VDOM Routes and
Management.