Fortinet black logo

Cookbook

Adding VDOMs and setting up virtual clustering

Copy Link
Copy Doc ID a4a06ec3-12a7-11e9-b86b-00505692583a:68020
Download PDF

Adding VDOMs and setting up virtual clustering

  1. Enable VDOMs by going to System > Settings > System Operation Settings and enabling Virtual Domains. Or enter the following CLI command.

    config system global

    set vdom-admin enable

    end

  2. Add VDOMs as required. Go to Global > System > VDOM and select Create New. Or enter the following CLI command to add the Engineering VDOM.

    config global

    edit Engineering

    end

  3. Configure virtual clustering and VDOM partitioning on the primary FortiGate. The following command enables virtual cluster 2, adds the Engineering VDOM to virtual cluster 2, and sets the virtual cluster 2 device priority of the primary FortiGate to 50.

    config global

    config system ha

    set vcluster2 enable

    config secondary-vcluster

    set vdom Engineering

    set priority 50

    end

    end

    You can also configure virtual clustering and VDOM partitioning from the GUI by going to Global > System > HA.

  4. Set the virtual cluster 2 priority of the backup FortiGate to a relatively high value (in this example, 200) so that this FortiGate processes traffic for the VDOMs in virtual cluster 2. The FGCP synchronizes all other HA settings from the primary FortiGate.

    You can only configure the virtual cluster 2 priority of the backup FortiGate from the CLI. Use execute ha manage to access the backup FortiGate CLI.

    config global

    config system ha

    config secondary-vcluster

    set priority 200

    end

    end

Note

The root VDOM can only be associated with virtual cluster 1.

The VDOM that is assigned as the management VDOM can also only be associated with virtual cluster 1.

Adding VDOMs and setting up virtual clustering

  1. Enable VDOMs by going to System > Settings > System Operation Settings and enabling Virtual Domains. Or enter the following CLI command.

    config system global

    set vdom-admin enable

    end

  2. Add VDOMs as required. Go to Global > System > VDOM and select Create New. Or enter the following CLI command to add the Engineering VDOM.

    config global

    edit Engineering

    end

  3. Configure virtual clustering and VDOM partitioning on the primary FortiGate. The following command enables virtual cluster 2, adds the Engineering VDOM to virtual cluster 2, and sets the virtual cluster 2 device priority of the primary FortiGate to 50.

    config global

    config system ha

    set vcluster2 enable

    config secondary-vcluster

    set vdom Engineering

    set priority 50

    end

    end

    You can also configure virtual clustering and VDOM partitioning from the GUI by going to Global > System > HA.

  4. Set the virtual cluster 2 priority of the backup FortiGate to a relatively high value (in this example, 200) so that this FortiGate processes traffic for the VDOMs in virtual cluster 2. The FGCP synchronizes all other HA settings from the primary FortiGate.

    You can only configure the virtual cluster 2 priority of the backup FortiGate from the CLI. Use execute ha manage to access the backup FortiGate CLI.

    config global

    config system ha

    config secondary-vcluster

    set priority 200

    end

    end

Note

The root VDOM can only be associated with virtual cluster 1.

The VDOM that is assigned as the management VDOM can also only be associated with virtual cluster 1.