Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Add a VDOM to a device

To add a VDOM to a managed FortiGate device, right-click on the content pane for a particular device and select Add VDOM from the pop-up menu. There are two types of VDOM modes available: Split-Task VDOM and Multi VDOM.

The number of VDOMs you can add is dependent on the device model. For more information, see the Maximum Values Table in the Fortinet Document Library.

Split-Task VDOM Mode

The Split-Task VDOM mode creates two VDOMs automatically: FG-traffic and root. Additional VDOMs cannot be added.

FG-traffic is a regular VDOM and can contain policies, UTM profiles and it will handle the traffic like the no-VDOM mode. The root VDOM is only for management and it cannot have policies or profiles.

To add a Split-Task VDOM to a FortiGate device:
  1. Go to Device Manager > Device & Groups.
  2. In the tree menu, click the group. The devices in the group are displayed in the content pane.
  3. In the content pane, right-click a device and select Add VDOM.
  4. Click Split-Task VDOM.

Multi VDOM Mode

The Multi VDOM mode allows you to create multiple VDOMs as per your license.

To add a Multi VDOM to a FortiGate device:
  1. Go to Device Manager > Device & Groups.
  2. In the tree menu, click the group. The devices in the group are displayed in the content pane.
  3. In the content pane, right-click a device and select Add VDOM.
  4. Click Multi VDOM
  5. The Create New Virtual Domain window opens.

  6. Configure the following options, and click OK.

    Name

    Type a name for the new virtual domain.

    Description

    Optionally, enter a description of the VDOM.

    Enable

    Select to enable the VDOM.

    Operation Mode

    Select either NAT or Transparent.

    Interface Members

    Click to select each port one by one.

Kubernetes Service must be enabled on the server side for AWS, Azure, OCI and, GCP for Kubernetes to function for the particular cloud platform. Once the service is enabled, Kubernetes can be configured for the particular cloud platform in FortiManager.

Add a VDOM to a device

To add a VDOM to a managed FortiGate device, right-click on the content pane for a particular device and select Add VDOM from the pop-up menu. There are two types of VDOM modes available: Split-Task VDOM and Multi VDOM.

The number of VDOMs you can add is dependent on the device model. For more information, see the Maximum Values Table in the Fortinet Document Library.

Split-Task VDOM Mode

The Split-Task VDOM mode creates two VDOMs automatically: FG-traffic and root. Additional VDOMs cannot be added.

FG-traffic is a regular VDOM and can contain policies, UTM profiles and it will handle the traffic like the no-VDOM mode. The root VDOM is only for management and it cannot have policies or profiles.

To add a Split-Task VDOM to a FortiGate device:
  1. Go to Device Manager > Device & Groups.
  2. In the tree menu, click the group. The devices in the group are displayed in the content pane.
  3. In the content pane, right-click a device and select Add VDOM.
  4. Click Split-Task VDOM.

Multi VDOM Mode

The Multi VDOM mode allows you to create multiple VDOMs as per your license.

To add a Multi VDOM to a FortiGate device:
  1. Go to Device Manager > Device & Groups.
  2. In the tree menu, click the group. The devices in the group are displayed in the content pane.
  3. In the content pane, right-click a device and select Add VDOM.
  4. Click Multi VDOM
  5. The Create New Virtual Domain window opens.

  6. Configure the following options, and click OK.

    Name

    Type a name for the new virtual domain.

    Description

    Optionally, enter a description of the VDOM.

    Enable

    Select to enable the VDOM.

    Operation Mode

    Select either NAT or Transparent.

    Interface Members

    Click to select each port one by one.

Kubernetes Service must be enabled on the server side for AWS, Azure, OCI and, GCP for Kubernetes to function for the particular cloud platform. Once the service is enabled, Kubernetes can be configured for the particular cloud platform in FortiManager.