VDOMs

This chapter describes new VDOM features added to FortiOS 5.4.

Cooperative Security Fabric (CSF) firewalls do not support multiple VDOMs (365260)

This problem should be fixed in a future release.

VDOM name search added to GUI navigation (305221)

When selecting a VDOM you can search by name instead of manually searching through the entire list.

Stackable VDOM licenses (269153)

VDOM licenses are now stackable, allowing you to buy additional licenses and stack them on top existing licenses to increase the number of VDOMs you can have.

Support execution of global CLI commands from within VDOMs (262848)

A new CLI command, sudo, allows the running of global commands from within the vdom context of the CLI.This means that the user no longer has to:

1. exit from the VDOM
2. enter global
3. run the command
4. return to the previous VDOM

The syntax for the command is:

sudo {global | vdom-name} {diagnose | execute | show | get}

These commands will only work if the user already has permissions to run the command. Unlike the sudo command in some other operating systems like Linux, this command does not allow the user to run programs with the privileges of another user.

GUI features can now be enabled and disabled per VDOM (263708 273799 266028)

When VDOMs are enabled, most of the items in the Features section of the menu are moved to a similar menu section within the VDOM menu and are now customizable on a per VDOM basis. Some items such as IPv6 and Certificates are still configured on a global basis.

From the GUI, you can enable or disable GUI features from System > Feature Select.

From the CLI, GUI items that are enabled or disabled per-VDOM are configured from the config system settings command. GUI items that are enabled globally are enabled or disabled from the config system global command.

Turning these features on or off does not enable or disable the feature but determines whether or not that option is displayed on the GUI.