Fortinet white logo
Fortinet white logo

FortiGate-7000E Handbook

Reverting to Multi VDOM mode

Reverting to Multi VDOM mode

If your FortiGate-7000E is operating in Split-Task VDOM mode, you can use the information in this section to revert back to Multi VDOM mode.

Note

You can revert to Multi VDOM mode by resetting your FortiGate-7000E to factory default settings by entering the execute factoryreset command. You will loose all configuration settings by entering this command, including network settings. However, the FortiGate-7000E will be in Multi VDOM mode.

You can revert to Multi VDOM mode from the CLI or the GUI. The CLI process is recommended because it involves fewer steps. Although moving all interfaces to the root VDOM, as described in the first step of the following procedures, can be much faster from the GUI.

Reverting to Multi VDOM mode from the CLI (recommended)

The following steps show how to use the CLI to switch from Split-Task VDOM mode to Multi VDOM mode.

  1. If required, use the following command to set the Security Fabric role to root by unsetting the upstream IP address:

    config global

    config system csf

    unset upstream-ip

    end

  2. If the Security Fabric group name is blank, use the following command to add a group name:

    config global

    config system csf

    set group-name <name>

    end

    The group name may be blank if the FortiGate-7000E had joined a Security Fabric as a downstream FortiGate.

  3. Enter the following command to switch to Multi VDOM mode:

    config global

    config system global

    set vdom-mode multi-vdom

    end

    You are logged out of the CLI.

  4. Log into the CLI.

    The FortiGate-7000E will be operating in Multi VDOM mode. The FG-traffic VDOM will still be available. However, it will be empty and you can choose to delete if you do not need it.

Reverting to Multi VDOM mode from the GUI

The following steps show how to use the GUI to switch from Split-Task VDOM mode to Multi VDOM mode.

  1. If required, set the Security Fabric role to root by going to Security Fabric > Settings and set the Security Fabric role to Serve as Fabric Root.and select Apply.

  2. Disable FortiGate Telemetry, go to Security Fabric > Settings and disable FortiGate Telemetry and select Apply.
  3. Go to System > Settings > System Operation Settings and select Multi VDOM and select OK.

    You are logged out of the GUI.

  4. Log into the GUI.

    The FortiGate-7000E will be operating in Multi VDOM mode. The FG-traffic VDOM will still be available. However, it will be empty and you can choose to delete if you do not need it.

    The Security Fabric will not be enabled and the Security Fabric > Settings > FortiGate Telemetry GUI page will be hidden.

  5. Enable the Security Fabric from the CLI. The following commands sets the Security Fabric configuration to default values:

    config system csf

    set mode enable

    uset upstream-ip

    unset group-name

    end

Reverting to Multi VDOM mode

Reverting to Multi VDOM mode

If your FortiGate-7000E is operating in Split-Task VDOM mode, you can use the information in this section to revert back to Multi VDOM mode.

Note

You can revert to Multi VDOM mode by resetting your FortiGate-7000E to factory default settings by entering the execute factoryreset command. You will loose all configuration settings by entering this command, including network settings. However, the FortiGate-7000E will be in Multi VDOM mode.

You can revert to Multi VDOM mode from the CLI or the GUI. The CLI process is recommended because it involves fewer steps. Although moving all interfaces to the root VDOM, as described in the first step of the following procedures, can be much faster from the GUI.

Reverting to Multi VDOM mode from the CLI (recommended)

The following steps show how to use the CLI to switch from Split-Task VDOM mode to Multi VDOM mode.

  1. If required, use the following command to set the Security Fabric role to root by unsetting the upstream IP address:

    config global

    config system csf

    unset upstream-ip

    end

  2. If the Security Fabric group name is blank, use the following command to add a group name:

    config global

    config system csf

    set group-name <name>

    end

    The group name may be blank if the FortiGate-7000E had joined a Security Fabric as a downstream FortiGate.

  3. Enter the following command to switch to Multi VDOM mode:

    config global

    config system global

    set vdom-mode multi-vdom

    end

    You are logged out of the CLI.

  4. Log into the CLI.

    The FortiGate-7000E will be operating in Multi VDOM mode. The FG-traffic VDOM will still be available. However, it will be empty and you can choose to delete if you do not need it.

Reverting to Multi VDOM mode from the GUI

The following steps show how to use the GUI to switch from Split-Task VDOM mode to Multi VDOM mode.

  1. If required, set the Security Fabric role to root by going to Security Fabric > Settings and set the Security Fabric role to Serve as Fabric Root.and select Apply.

  2. Disable FortiGate Telemetry, go to Security Fabric > Settings and disable FortiGate Telemetry and select Apply.
  3. Go to System > Settings > System Operation Settings and select Multi VDOM and select OK.

    You are logged out of the GUI.

  4. Log into the GUI.

    The FortiGate-7000E will be operating in Multi VDOM mode. The FG-traffic VDOM will still be available. However, it will be empty and you can choose to delete if you do not need it.

    The Security Fabric will not be enabled and the Security Fabric > Settings > FortiGate Telemetry GUI page will be hidden.

  5. Enable the Security Fabric from the CLI. The following commands sets the Security Fabric configuration to default values:

    config system csf

    set mode enable

    uset upstream-ip

    unset group-name

    end