Adding VDOMs and setting up virtual clustering
- Enable VDOMs by going to System > Settings > System Operation Settings and enabling Virtual Domains. Or enter the following CLI command.
config system global
set vdom-admin enable
end
- Add VDOMs as required. Go to Global > System > VDOM and select Create New. Or enter the following CLI command to add the Engineering VDOM.
config global
edit Engineering
end
- Configure virtual clustering and VDOM partitioning on the primary FortiGate. The following command enables virtual cluster 2, adds the Engineering VDOM to virtual cluster 2, and sets the virtual cluster 2 device priority of the primary FortiGate to 50.
config global
config system ha
set vcluster2 enable
config secondary-vcluster
set vdom Engineering
set priority 50
end
end
You can also configure virtual clustering and VDOM partitioning from the GUI by going to Global > System > HA.
- Set the virtual cluster 2 priority of the backup FortiGate to a relatively high value (in this example, 200) so that this FortiGate processes traffic for the VDOMs in virtual cluster 2. The FGCP synchronizes all other HA settings from the primary FortiGate.
You can only configure the virtual cluster 2 priority of the backup FortiGate from the CLI. Use
execute ha manage
to access the backup FortiGate CLI.config global
config system ha
config secondary-vcluster
set priority 200
end
end
The root VDOM can only be associated with virtual cluster 1. The VDOM that is assigned as the management VDOM can also only be associated with virtual cluster 1. |