Fortinet black logo

Cookbook

Adding VDOMs and setting up virtual clustering

Copy Link
Copy Doc ID a4a06ec3-12a7-11e9-b86b-00505692583a:708360
Download PDF

Adding VDOMs and setting up virtual clustering

  1. Enable VDOMs by going to System > Settings > System Operation Settings and enabling Virtual Domains. Or enter the following CLI command.

    config system global

    set vdom-admin enable

    end

  2. Add VDOMs as required. Go to Global > System > VDOM and select Create New. Or enter the following CLI command to add the Engineering VDOM.

    config global

    edit Engineering

    end

  3. Configure virtual clustering and VDOM partitioning on the primary FortiGate. The following command enables virtual cluster 2, adds the Engineering VDOM to virtual cluster 2, and sets the virtual cluster 2 device priority of the primary FortiGate to 50.

    config global

    config system ha

    set vcluster2 enable

    config secondary-vcluster

    set vdom Engineering

    set priority 50

    end

    You can also configure virtual clustering and VDOM partitioning from the GUI by going to Global > System > HA.

  4. Set the virtual cluster 2 priority of the Backup-1 FortiGate to a relatively high value (in this example, 200) so that this FortiGate processes traffic for the VDOMs in virtual cluster 2. The FGCP synchronizes all other HA settings from the primary FortiGate.

    You can only configure the virtual cluster 2 priority of the backup FortiGate from the CLI. Use execute ha manage to access the backup FortiGate CLI.

    config global

    config system ha

    config secondary-vcluster

    set priority 200

    end

  5. Set the virtual cluster 2 priority of the Backup-2 FortiGate to 100 so that if the primary FortiGate fails, Backup-2 will become the primary FortiGate but will have the lowest virtual cluster 2 priority. The FGCP synchronizes all other HA settings from the primary FortiGate.

    You can only configure the virtual cluster 2 priority of the Backup-2 FortiGate from the CLI. Use execute ha manage to access the backup FortiGate CLI.

    config global

    config system ha

    config secondary-vcluster

    set priority 100

    end

  6. Set the virtual cluster 2 priority of the Backup-3 FortiGate to 150 so that if the backup FortiGate fails, Backup-3 will have the highest virtual cluster 2 device priority. The FGCP synchronizes all other HA settings from the primary FortiGate.

    You can only configure the virtual cluster 2 priority of the backup FortiGate from the CLI. Use execute ha manage to access the backup FortiGate CLI.

    config global

    config system ha

    config secondary-vcluster

    set priority 150

    end

Adding VDOMs and setting up virtual clustering

  1. Enable VDOMs by going to System > Settings > System Operation Settings and enabling Virtual Domains. Or enter the following CLI command.

    config system global

    set vdom-admin enable

    end

  2. Add VDOMs as required. Go to Global > System > VDOM and select Create New. Or enter the following CLI command to add the Engineering VDOM.

    config global

    edit Engineering

    end

  3. Configure virtual clustering and VDOM partitioning on the primary FortiGate. The following command enables virtual cluster 2, adds the Engineering VDOM to virtual cluster 2, and sets the virtual cluster 2 device priority of the primary FortiGate to 50.

    config global

    config system ha

    set vcluster2 enable

    config secondary-vcluster

    set vdom Engineering

    set priority 50

    end

    You can also configure virtual clustering and VDOM partitioning from the GUI by going to Global > System > HA.

  4. Set the virtual cluster 2 priority of the Backup-1 FortiGate to a relatively high value (in this example, 200) so that this FortiGate processes traffic for the VDOMs in virtual cluster 2. The FGCP synchronizes all other HA settings from the primary FortiGate.

    You can only configure the virtual cluster 2 priority of the backup FortiGate from the CLI. Use execute ha manage to access the backup FortiGate CLI.

    config global

    config system ha

    config secondary-vcluster

    set priority 200

    end

  5. Set the virtual cluster 2 priority of the Backup-2 FortiGate to 100 so that if the primary FortiGate fails, Backup-2 will become the primary FortiGate but will have the lowest virtual cluster 2 priority. The FGCP synchronizes all other HA settings from the primary FortiGate.

    You can only configure the virtual cluster 2 priority of the Backup-2 FortiGate from the CLI. Use execute ha manage to access the backup FortiGate CLI.

    config global

    config system ha

    config secondary-vcluster

    set priority 100

    end

  6. Set the virtual cluster 2 priority of the Backup-3 FortiGate to 150 so that if the backup FortiGate fails, Backup-3 will have the highest virtual cluster 2 device priority. The FGCP synchronizes all other HA settings from the primary FortiGate.

    You can only configure the virtual cluster 2 priority of the backup FortiGate from the CLI. Use execute ha manage to access the backup FortiGate CLI.

    config global

    config system ha

    config secondary-vcluster

    set priority 150

    end