Configuring inter-VDOM routing
By default, for two virtual domains to communicate it must be through externally connected physical interfaces. Inter-VDOM routing creates a link with two ends that act as virtual interfaces, internally connecting the two virtual domains. This feature is only available through the FortiGate CLI. For more information on inter-VDOM routing see the VDOM Admin chapters of the
FortiGate CLI Reference.
Before configuring inter-VDOM routing:
• you must have at least two virtual domains configured.
• the virtual domains must all be in NAT/route mode.
• each virtual domain to be linked must have at least one interface or subinterface assigned to it.
To create an inter-VDOM link:
1. In the Device Tree, select a virtual domain.
2. Select the Configuration tab.
3. On the Device Summary page, select the blue arrow to expand Configure Inter-VDOM Routing.
If there is no blue arrow, there is only one virtual domain. You must create at least one more virtual domain before continuing.
VDOM | Name of the virtual domain to link the current virtual domain with. |
VDOM Link Name | The name of the link that will inter-connect the current to the selected virtual domain. |
IP Addressing | |
| Testing | IP address and netmask of the current virtual domain, the starting point of the link between the two virtual domains. |
| peer vdom | IP address and netmask of the non-current virtual domain, the end point being linked. For example if the VDOM selected is vdom2, that is the peer vdom. |
Traffic log | Select to log the traffic on this interface. |
4. Select the check box next to the VDOM to be linked to the current VDOM (the one selected in step
1).
5. Enter a name for the inter-VDOM link. Both virtual interfaces will use this name. For example, if the link is “my_vlink”, the virtual interfaces created will be “my_vlink0” and “my_vlink1”.
6. Enter the IP address and netmask for the virtual interface of this link on the current VDOM and the peer VDOM. For example, if the current VDOM is vdom1, root could be the peer VDOM.
Once the inter-VDOM link is created, these IP addresses cannot be changed without deleting the link.
7. Select Traffic Log to log the traffic on this inter-VDOM link.
8. Select Apply to save your settings.
You can repeat these steps to create other inter-VDOM links if you have more than two VDOMs.
To remove an inter-VDOM link, clear the check box next to it and select Apply. Both ends of the link will be removed.