Fortinet black logo

New Features

Split-Task VDOM Mode

Copy Link
Copy Doc ID 761d83e3-4a7b-11e9-94bf-00505692583a:963030
Download PDF

Split-Task VDOM Mode

Split-task VDOM mode simplifies deployments that require only one management VDOM and one traffic VDOM. The management VDOM is used to manage the FortiGate, and cannot be used to process traffic. The traffic VDOM provides separate security policies, and is used to process all network traffic.

Split-task VDOM mode is not available on all FortiGate models. The Fortinet Security Fabric supports split-task VDOM mode.

Enable split-task VDOM mode

Split-task VDOM mode can be enabled in the GUI or CLI. Enabling it does not require a reboot, but does log you out of the FortiGate.

Caution

When split-task VDOM mode is enabled, all current management configuration is assigned to the root VDOM, and all non-management settings, such as firewall policies and security profiles, are deleted.

To enable split-task VDOM mode with the CLI:

config system global

set vdom-mode split-vdom

end

To enable split-task VDOM mode in the GUI:
  1. On the FortiGate, go to System > Settings.
  2. In the System Operation Settings section, enable Virtual Domains.

  3. Select Split-Task VDOM for the VDOM mode.
  4. Select a Dedicated Management Interface from the Interface list. This interface is used to access the management VDOM, and cannot be used in firewall policies.
  5. Click OK.

Split-Task VDOM Mode

Split-task VDOM mode simplifies deployments that require only one management VDOM and one traffic VDOM. The management VDOM is used to manage the FortiGate, and cannot be used to process traffic. The traffic VDOM provides separate security policies, and is used to process all network traffic.

Split-task VDOM mode is not available on all FortiGate models. The Fortinet Security Fabric supports split-task VDOM mode.

Enable split-task VDOM mode

Split-task VDOM mode can be enabled in the GUI or CLI. Enabling it does not require a reboot, but does log you out of the FortiGate.

Caution

When split-task VDOM mode is enabled, all current management configuration is assigned to the root VDOM, and all non-management settings, such as firewall policies and security profiles, are deleted.

To enable split-task VDOM mode with the CLI:

config system global

set vdom-mode split-vdom

end

To enable split-task VDOM mode in the GUI:
  1. On the FortiGate, go to System > Settings.
  2. In the System Operation Settings section, enable Virtual Domains.

  3. Select Split-Task VDOM for the VDOM mode.
  4. Select a Dedicated Management Interface from the Interface list. This interface is used to access the management VDOM, and cannot be used in firewall policies.
  5. Click OK.