FortiGate Version 3.0 MR4 Administration Guide
62 01-30004-0203-20070102
Virtual domains Using virtual domains
By default, your FortiGate unit supports a maximum of 10 VDOMs in any
combination of NAT/Route and Transparent modes. For FortiGate models
numbered 3000 and higher, you can purchase a license key to increase the
maximum number of VDOMs to 25, 50, 100 or 250. For more information see
“License” on page 172.
If virtual domain configuration is enabled and you log in as the default super
admin, you can go to System > Status and look at Virtual Domain in the License
Information section to see the maximum number of virtual domains supported on
your FortiGate unit.
By default, each FortiGate unit has a VDOM named root. This VDOM includes all
of the FortiGate physical interfaces, VLAN subinterfaces, zones, firewall policies,
routing settings, and VPN settings.
Management systems such as SNMP, logging, alert email, FDN-based updates
and NTP-based time setting use addresses and routing in the management
VDOM to communicate with the network. They can connect only to network
resources that communicate with the management virtual domain. The
management VDOM is set to root by default, but can be changed. For more
information see “Changing the Management VDOM” on page 67
Once you add a VDOM you can configure it by adding VLAN subinterfaces,
zones, firewall policies, routing settings, and VPN settings. You can also move
physical interfaces from the root VDOM to other VDOMs and move VLAN
subinterfaces from one VDOM to another. For more information on VLANs, see
“VLAN overview” on page 96.
For more information on VDOMs, see the FortiGate VLANs and VDOMs Guide.
VDOM configuration settings
The following configuration settings are exclusively part of a virtual domain and
are not shared between virtual domains. A regular administrator for the VDOM
sees only these settings. The default super admin can also access these settings,
but must first select which VDOM to configure.
• System settings
• Zones
• DHCP services
• Operation mode (NAT/Route or Transparent)
• Management IP (Transparent mode)
• Router configuration
• Firewall settings
• Policies
• Addresses
• Service groups and custom services
• Schedules
• Virtual IPs
• IP pools
• VPN configuration
• IPSec
•PPTP
•SSL
To Next Page
Loading...
Need help?
General