Fortinet FortiGate 4000 Switch User Manual


 
154 Fortinet Inc.
Virtual domains in Transparent mode Network configuration
Figure 44: FortiGate unit with two virtual domains
Virtual domain properties
A virtual domain has the following exclusive properties:
VLAN name,
•VLAN ID,
VLAN interface assignment,
VLAN zone assignment (optional),
Firewall policy.
Virtual domains share the following global properties with other processes on the
FortiGate unit:
System settings,
Firewall policy objects (addresses, services, schedule, content profiles, and so on),
User information,
NIDS settings,
Antivirus, Web filter, Mail filter settings,
Log & report settings.
In addition to the global properties, virtual domains share a common administrative
model. Administrators have access to all of the virtual domains on the FortiGate unit.
Only their administrative access level varies.
Configuring a virtual domain
Configure a virtual domain by adding the virtual domain to the FortiGate configuration.
Then add matching pairs of VLAN subinterfaces to the virtual domain.
Adding a virtual domain
Adding VLAN subinterfaces to a virtual domain
Adding zones to virtual domains
VLAN1
VLAN1
VLAN2
VLAN2
VLAN3
VLAN3
Virtual Domain 1
Virtual Domain 2
content filtering
antivirus
NIDS
content filtering
antivirus
NIDS
Internal
External
VLAN1
VLAN3
VLAN2
VLAN Switch
or router
VLAN Switch or router
VLAN trunk
VLAN1
VLAN2
VLAN3
VLAN trunk
FortiGate unit
VLAN1
VLAN3
VLAN2
Internet