{"id":264,"date":"2022-03-11T04:24:51","date_gmt":"2022-03-11T09:24:51","guid":{"rendered":"https:\/\/opentextbc.ca\/fortigatefirewall\/chapter\/vdom\/"},"modified":"2023-08-29T16:27:25","modified_gmt":"2023-08-29T20:27:25","slug":"vdom","status":"publish","type":"chapter","link":"https:\/\/opentextbc.ca\/fortigatefirewall\/chapter\/vdom\/","title":{"raw":"8.1 VDOM","rendered":"8.1 VDOM"},"content":{"raw":"<div class=\"textbox textbox--learning-objectives\"><header class=\"textbox__header\">\n<p class=\"textbox__title\">Learning Objectives<\/p>\n\n<\/header>\n<div class=\"textbox__content\">\n<ul>\n \t<li>Create a VDOM<\/li>\n \t<li>Configure a security policy in VDOMs<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"textbox shaded\">\n\n<strong>Scenario<\/strong>: This example illustrates how to use VDOMs to host two FortiOS instances on a single FortiGate unit.\n\nVirtual Domains (VDOMs) can be used to divide a single FortiGate unit into two or more virtual instances of FortiOS that function as independent FortiGate units. This example simulates an ISP that provides Company A and Company B with distinct internet services. Each company has its own VDOM, IP address, and internal network.\n\n<\/div>\n\n[caption id=\"attachment_246\" align=\"aligncenter\" width=\"400\"]<img class=\"wp-image-246\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2022\/04\/1-7.jpg\" alt=\"VDOM main scenario\" width=\"400\" height=\"492\"> Figure 8.1: Main scenario[\/caption]\n<h2>Enable VDOMs<\/h2>\n<div align=\"left\">\n<table class=\"aligncenter\" style=\"width: 100%;\"><caption>Table 8.1: Devices configuration<\/caption>\n<tbody>\n<tr style=\"height: 18px;\">\n<th style=\"width: 137.375px; height: 18px;\" scope=\"col\">Device<\/th>\n<th style=\"width: 330.864px; height: 18px;\" scope=\"col\">IP address<\/th>\n<th style=\"width: 149.42px; height: 18px;\" scope=\"col\">Access<\/th>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 137.375px; height: 18px;\">WebTerm-VDOMA<\/td>\n<td style=\"width: 330.864px; height: 18px;\">DHCP Client<\/td>\n<td style=\"width: 149.42px; height: 18px;\">HTTPS<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 137.375px; height: 18px;\">WebTerm-VDOMB<\/td>\n<td style=\"width: 330.864px; height: 18px;\">DHCP Client<\/td>\n<td style=\"width: 149.42px; height: 18px;\">HTTPS<\/td>\n<\/tr>\n<tr style=\"height: 141px;\">\n<td style=\"width: 137.375px; height: 141px;\">FortiGate<\/td>\n<td style=\"width: 330.864px; height: 141px;\">Port 2: DCHP Client \u2013 VDOM B\n\nPort 3: DHCP Client \u2013 VDOM A\n\nPort 4: DHCP SERVER - VDOM A\n\nPort 5: DHCP SERVER - VDOM B<\/td>\n<td style=\"width: 149.42px; height: 141px;\">Port 2 - Management Access<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 137.375px; height: 18px;\">Ethernet Switch<\/td>\n<td style=\"width: 330.864px; height: 18px;\">-<\/td>\n<td style=\"width: 149.42px; height: 18px;\">-<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 137.375px; height: 18px;\">NAT<\/td>\n<td style=\"width: 330.864px; height: 18px;\">-<\/td>\n<td style=\"width: 149.42px; height: 18px;\">-<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<ol>\n \t<li>In order to enable Virtual Domains, the following CLI command is required:\n<div class=\"textbox shaded\"><em>config system global<\/em>\n<em>set vdom-mode multi-vdom<\/em>\n<em>end<\/em><\/div><\/li>\n \t<li>Log out FortiGate and log in again. You should be able to see the Figure 8.2 result.\n\n[caption id=\"attachment_247\" align=\"aligncenter\" width=\"350\"]<img class=\"wp-image-247\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/newone.jpg\" alt=\"Default VDOMs\" width=\"350\" height=\"312\"> Figure 8.2: Default VDOMs[\/caption]<\/li>\n \t<li>Go to <strong>Global &gt; System &gt; VDOM<\/strong>. Create two VDOMS, <strong>VDOM-A<\/strong> and <strong>VDOM-B<\/strong>. Leave both VDOMs as Enabled, with Operation Mode set to <strong>NAT<\/strong> and NGFW mode to<strong> profile-based.<\/strong>\n\n[caption id=\"attachment_249\" align=\"aligncenter\" width=\"450\"]<img class=\"wp-image-248\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/3-4-1.jpg\" alt=\"VDOM-A configuration\" width=\"450\" height=\"315\"> Figure 8.3: VDOM-A configuration[\/caption]\n\n[caption id=\"attachment_249\" align=\"aligncenter\" width=\"981\"]<img class=\"wp-image-249 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/4-5-1.jpg\" alt=\"VDOM-B configuration\" width=\"981\" height=\"424\"> Figure 8.4: VDOM-B configuration[\/caption]<\/li>\n \t<li>Go to <strong>Global &gt; Network &gt; Interfaces<\/strong>. Edit Port2 and add it to VDOM-B. Set Addressing Mode to <strong>DHCP<\/strong>.\n\n[caption id=\"attachment_250\" align=\"aligncenter\" width=\"1141\"]<img class=\"wp-image-250 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/56.jpg\" alt=\"Port 2 Configuration\" width=\"1141\" height=\"593\"> Figure 8.5: Port2 configuration[\/caption]\n\n<div class=\"textbox\">If the port is under root and you can\u2019t modify it to VDOM-B, you should first delete the references related to the port.<\/div><\/li>\n \t<li>Go to <strong>Global &gt; Network &gt; Interfaces<\/strong>. Edit Port4 and add it to VDOM-A. Set Addressing Mode to Manual and assign an IP\/Network mask to the interface (192.168.91.1\/255.255.255.0) and finally Enable DHCP Server.\n\n[caption id=\"attachment_251\" align=\"aligncenter\" width=\"1250\"]<img class=\"wp-image-251 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/54.jpg\" alt=\"Port4 Configuration\" width=\"1250\" height=\"812\"> Figure 8.6: Port4 configuration[\/caption]<\/li>\n \t<li>Go to <strong>Global &gt; Network &gt; Interfaces<\/strong>. Edit Port3 and add it to VDOM-A and set Addressing Mode to DHCP.\n\n[caption id=\"attachment_252\" align=\"aligncenter\" width=\"1164\"]<img class=\"wp-image-252 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/57.jpg\" alt=\"Port3 Configuration\" width=\"1164\" height=\"562\"> Figure 8.7: Port3 configuration[\/caption]<\/li>\n \t<li>Go to <strong>Global &gt; Network &gt; Interfaces<\/strong>. Edit Port5 and add it to VDOM-B. Set Addressing Mode to Manual and assign an IP\/Network Mask to the interface (192.168.92.1\/255.255.255.0) and set Administrative Access to <strong>HTTPS, PING<\/strong>, and <strong>SSH<\/strong>. Enable DHCP Server.\n\n[caption id=\"attachment_253\" align=\"aligncenter\" width=\"1249\"]<img class=\"wp-image-253 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/58.jpg\" alt=\"Port5 Configuration\" width=\"1249\" height=\"858\"> Figure 8.8: Port5 configuration[\/caption]<\/li>\n<\/ol>\n<h2>Creating Administrators for Each VDOM<\/h2>\n<ol>\n \t<li>Go to <strong>Global &gt; System &gt; Administrators<\/strong>. Create an administrator for VDOM-A, called vdom-a. Set Type to <strong>Local User<\/strong>, enter and confirm a password, set Administrator Profile to <strong>prof_admin<\/strong>, and set Virtual Domain to<strong> VDOM-A<\/strong>. Make sure to remove the root VDOM from the Virtual Domain list.\n\n[caption id=\"attachment_254\" align=\"aligncenter\" width=\"1256\"]<img class=\"wp-image-254 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/59.jpg\" alt=\"Administrators for VDOM-A\" width=\"1256\" height=\"660\"> Figure 8.9: Administrators for VDOM-A[\/caption]<\/li>\n \t<li>Go to <strong>Global &gt; System &gt; Administrators<\/strong>. Create an administrator for <strong>VDOM-B<\/strong>, called vdom-b. Set Type to<strong> Local User<\/strong>, enter and confirm a password, set Administrator Profile to <strong>prof_admin<\/strong>, and set Virtual Domain to <strong>VDOM-B<\/strong>. Make sure to remove the root VDOM from the Virtual Domain list.\n\n[caption id=\"attachment_255\" align=\"aligncenter\" width=\"1246\"]<img class=\"wp-image-255 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1.jpg\" alt=\"Administrators for VDOM-B\" width=\"1246\" height=\"682\"> Figure 8.10: Administrators for VDOM-B[\/caption]<\/li>\n<\/ol>\n<h2>Security Policy Setting for VDOM-A<\/h2>\n<ol>\n \t<li><strong>Virtual Domains &gt; VDOM-A &gt; Network &gt; Static Routes<\/strong>. Click Create New to create a default route for the VDOM. Set Destination IP\/Mask to 0.0.0.0\/0.0.0.0, set Device to port3, and set Gateway to the IP of the gateway router.\n\n[caption id=\"attachment_256\" align=\"aligncenter\" width=\"1142\"]<img class=\"wp-image-256 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/63.jpg\" alt=\"Static route in VDOM-A\" width=\"1142\" height=\"390\"> Figure 8.11: Static route in VDOM-A[\/caption]<\/li>\n \t<li>Go to<strong> Policy &amp; Objects &gt; Firewall Policy<\/strong>. Create a policy to allow internet access. Set Incoming Interface to port4 and Outgoing Interface to port2. Ensure NAT is turned ON. Set Source Address to all, Destination Address to all, and Service to ALL.\n\n[caption id=\"attachment_257\" align=\"aligncenter\" width=\"1237\"]<img class=\"wp-image-257 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/64.jpg\" alt=\"Firewall Policy in VDOM-A\" width=\"1237\" height=\"792\"> Figure 8.12: Firewall Policy in VDOM-A[\/caption]<\/li>\n \t<li>Now, you should be able to reach the internet from WebTerm VDOM-A.\n\n[caption id=\"attachment_258\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-258\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/65.jpg\" alt=\"Verify configuration in VDOM-A\" width=\"500\" height=\"227\"> Figure 8.13: Verify configuration in VDOM-A[\/caption]<\/li>\n<\/ol>\n<h2>Security Policy Setting for VDOM-B<\/h2>\n<ol>\n \t<li><strong>Virtual Domains &gt; VDOM-B &gt; Network &gt; Static Routes<\/strong>. Click Create New to create a default route for the VDOM. Set Destination IP\/Mask to 0.0.0.0\/0.0.0.0, set Device to port2, and set Gateway to the IP of the gateway router.\n\n[caption id=\"attachment_259\" align=\"aligncenter\" width=\"1131\"]<img class=\"wp-image-259 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/66.jpg\" alt=\"Static route in VDOM-B\" width=\"1131\" height=\"393\"> Figure 8.14: Static route in VDOM-B[\/caption]<\/li>\n \t<li>Go to <strong>Policy &amp; Objects &gt; Policy &gt; IPv4<\/strong>. Create a policy to allow internet access. Set Incoming Interface to port5 and Outgoing Interface to port2. Ensure NAT is turned ON. Set Source Address to all, Destination Address to all, and Service to ALL.\n\n[caption id=\"attachment_260\" align=\"aligncenter\" width=\"1053\"]<img class=\"wp-image-260 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/67.jpg\" alt=\"Firewall Policy in VDOM-B\" width=\"1053\" height=\"683\"> Figure 8.15: Firewall Policy in VDOM-B[\/caption]<\/li>\n \t<li>Create a Traffic shaping under <strong>Policy &amp; Objects<\/strong> as follows:\n\n[caption id=\"attachment_261\" align=\"aligncenter\" width=\"1034\"]<img class=\"wp-image-261 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/68.jpg\" alt=\"Create a Traffic Shaper in VDOM-B\" width=\"1034\" height=\"479\"> Figure 8.16: Create a traffic shaper in VDOM-B[\/caption]<\/li>\n \t<li>Create a Traffic Shaping Policy with the following configuration:\n<ul>\n \t<li>Name: <strong>VDOMB<\/strong><\/li>\n \t<li>Source: <strong>All<\/strong><\/li>\n \t<li>Destination: <strong>All<\/strong><\/li>\n \t<li>Service: <strong>All<\/strong><\/li>\n \t<li>Outgoing Interface: <strong>Port2<\/strong><\/li>\n \t<li>Shared Shaper: <strong>VDOMB<\/strong><\/li>\n \t<li>Reverse Shaper: <strong>VDOMB<\/strong><\/li>\n<\/ul>\n[caption id=\"attachment_262\" align=\"aligncenter\" width=\"924\"]<img class=\"wp-image-262 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/69.jpg\" alt=\"Traffic Shaping Policy in VDOM-B\" width=\"924\" height=\"676\"> Figure 8.17: Traffic Shaping Policy in VDOM-B[\/caption]<\/li>\n \t<li>Now open the browser in WebTerm VDOM-B and go to <a href=\"https:\/\/fast.com\">Fast.com<\/a> and verify your configuration.\n\n[caption id=\"attachment_263\" align=\"aligncenter\" width=\"350\"]<img class=\"wp-image-263\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/70.jpg\" alt=\"Verify configuration in VDOM-B\" width=\"350\" height=\"263\"> Figure 8.18: Verify configuration in VDOM-B[\/caption]<\/li>\n<\/ol>","rendered":"<div class=\"textbox textbox--learning-objectives\">\n<header class=\"textbox__header\">\n<p class=\"textbox__title\">Learning Objectives<\/p>\n<\/header>\n<div class=\"textbox__content\">\n<ul>\n<li>Create a VDOM<\/li>\n<li>Configure a security policy in VDOMs<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"textbox shaded\">\n<p><strong>Scenario<\/strong>: This example illustrates how to use VDOMs to host two FortiOS instances on a single FortiGate unit.<\/p>\n<p>Virtual Domains (VDOMs) can be used to divide a single FortiGate unit into two or more virtual instances of FortiOS that function as independent FortiGate units. This example simulates an ISP that provides Company A and Company B with distinct internet services. Each company has its own VDOM, IP address, and internal network.<\/p>\n<\/div>\n<figure id=\"attachment_246\" aria-describedby=\"caption-attachment-246\" style=\"width: 400px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-246\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2022\/04\/1-7.jpg\" alt=\"VDOM main scenario\" width=\"400\" height=\"492\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-7.jpg 499w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-7-244x300.jpg 244w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-7-65x80.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-7-225x277.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-7-350x431.jpg 350w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><figcaption id=\"caption-attachment-246\" class=\"wp-caption-text\">Figure 8.1: Main scenario<\/figcaption><\/figure>\n<h2>Enable VDOMs<\/h2>\n<div style=\"text-align: left;\">\n<table class=\"aligncenter\" style=\"width: 100%;\">\n<caption>Table 8.1: Devices configuration<\/caption>\n<tbody>\n<tr style=\"height: 18px;\">\n<th style=\"width: 137.375px; height: 18px;\" scope=\"col\">Device<\/th>\n<th style=\"width: 330.864px; height: 18px;\" scope=\"col\">IP address<\/th>\n<th style=\"width: 149.42px; height: 18px;\" scope=\"col\">Access<\/th>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 137.375px; height: 18px;\">WebTerm-VDOMA<\/td>\n<td style=\"width: 330.864px; height: 18px;\">DHCP Client<\/td>\n<td style=\"width: 149.42px; height: 18px;\">HTTPS<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 137.375px; height: 18px;\">WebTerm-VDOMB<\/td>\n<td style=\"width: 330.864px; height: 18px;\">DHCP Client<\/td>\n<td style=\"width: 149.42px; height: 18px;\">HTTPS<\/td>\n<\/tr>\n<tr style=\"height: 141px;\">\n<td style=\"width: 137.375px; height: 141px;\">FortiGate<\/td>\n<td style=\"width: 330.864px; height: 141px;\">Port 2: DCHP Client \u2013 VDOM B<\/p>\n<p>Port 3: DHCP Client \u2013 VDOM A<\/p>\n<p>Port 4: DHCP SERVER &#8211; VDOM A<\/p>\n<p>Port 5: DHCP SERVER &#8211; VDOM B<\/td>\n<td style=\"width: 149.42px; height: 141px;\">Port 2 &#8211; Management Access<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 137.375px; height: 18px;\">Ethernet Switch<\/td>\n<td style=\"width: 330.864px; height: 18px;\">&#8211;<\/td>\n<td style=\"width: 149.42px; height: 18px;\">&#8211;<\/td>\n<\/tr>\n<tr style=\"height: 18px;\">\n<td style=\"width: 137.375px; height: 18px;\">NAT<\/td>\n<td style=\"width: 330.864px; height: 18px;\">&#8211;<\/td>\n<td style=\"width: 149.42px; height: 18px;\">&#8211;<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<ol>\n<li>In order to enable Virtual Domains, the following CLI command is required:\n<div class=\"textbox shaded\"><em>config system global<\/em><br \/>\n<em>set vdom-mode multi-vdom<\/em><br \/>\n<em>end<\/em><\/div>\n<\/li>\n<li>Log out FortiGate and log in again. You should be able to see the Figure 8.2 result.<br \/>\n<figure id=\"attachment_247\" aria-describedby=\"caption-attachment-247\" style=\"width: 350px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-247\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/newone.jpg\" alt=\"Default VDOMs\" width=\"350\" height=\"312\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/newone.jpg 492w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/newone-300x268.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/newone-65x58.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/newone-225x201.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/newone-350x312.jpg 350w\" sizes=\"auto, (max-width: 350px) 100vw, 350px\" \/><figcaption id=\"caption-attachment-247\" class=\"wp-caption-text\">Figure 8.2: Default VDOMs<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Global &gt; System &gt; VDOM<\/strong>. Create two VDOMS, <strong>VDOM-A<\/strong> and <strong>VDOM-B<\/strong>. Leave both VDOMs as Enabled, with Operation Mode set to <strong>NAT<\/strong> and NGFW mode to<strong> profile-based.<\/strong><br \/>\n<figure id=\"attachment_249\" aria-describedby=\"caption-attachment-249\" style=\"width: 450px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-248\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/3-4-1.jpg\" alt=\"VDOM-A configuration\" width=\"450\" height=\"315\" \/><figcaption id=\"caption-attachment-249\" class=\"wp-caption-text\">Figure 8.3: VDOM-A configuration<\/figcaption><\/figure>\n<figure id=\"attachment_249\" aria-describedby=\"caption-attachment-249\" style=\"width: 981px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-249 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/4-5-1.jpg\" alt=\"VDOM-B configuration\" width=\"981\" height=\"424\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-5-1.jpg 981w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-5-1-300x130.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-5-1-768x332.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-5-1-65x28.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-5-1-225x97.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/4-5-1-350x151.jpg 350w\" sizes=\"auto, (max-width: 981px) 100vw, 981px\" \/><figcaption id=\"caption-attachment-249\" class=\"wp-caption-text\">Figure 8.4: VDOM-B configuration<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Global &gt; Network &gt; Interfaces<\/strong>. Edit Port2 and add it to VDOM-B. Set Addressing Mode to <strong>DHCP<\/strong>.<br \/>\n<figure id=\"attachment_250\" aria-describedby=\"caption-attachment-250\" style=\"width: 1141px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-250 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/56.jpg\" alt=\"Port 2 Configuration\" width=\"1141\" height=\"593\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/56.jpg 1141w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/56-300x156.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/56-1024x532.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/56-768x399.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/56-65x34.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/56-225x117.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/56-350x182.jpg 350w\" sizes=\"auto, (max-width: 1141px) 100vw, 1141px\" \/><figcaption id=\"caption-attachment-250\" class=\"wp-caption-text\">Figure 8.5: Port2 configuration<\/figcaption><\/figure>\n<div class=\"textbox\">If the port is under root and you can\u2019t modify it to VDOM-B, you should first delete the references related to the port.<\/div>\n<\/li>\n<li>Go to <strong>Global &gt; Network &gt; Interfaces<\/strong>. Edit Port4 and add it to VDOM-A. Set Addressing Mode to Manual and assign an IP\/Network mask to the interface (192.168.91.1\/255.255.255.0) and finally Enable DHCP Server.<br \/>\n<figure id=\"attachment_251\" aria-describedby=\"caption-attachment-251\" style=\"width: 1250px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-251 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/54.jpg\" alt=\"Port4 Configuration\" width=\"1250\" height=\"812\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/54.jpg 1250w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/54-300x195.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/54-1024x665.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/54-768x499.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/54-65x42.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/54-225x146.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/54-350x227.jpg 350w\" sizes=\"auto, (max-width: 1250px) 100vw, 1250px\" \/><figcaption id=\"caption-attachment-251\" class=\"wp-caption-text\">Figure 8.6: Port4 configuration<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Global &gt; Network &gt; Interfaces<\/strong>. Edit Port3 and add it to VDOM-A and set Addressing Mode to DHCP.<br \/>\n<figure id=\"attachment_252\" aria-describedby=\"caption-attachment-252\" style=\"width: 1164px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-252 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/57.jpg\" alt=\"Port3 Configuration\" width=\"1164\" height=\"562\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/57.jpg 1164w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/57-300x145.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/57-1024x494.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/57-768x371.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/57-65x31.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/57-225x109.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/57-350x169.jpg 350w\" sizes=\"auto, (max-width: 1164px) 100vw, 1164px\" \/><figcaption id=\"caption-attachment-252\" class=\"wp-caption-text\">Figure 8.7: Port3 configuration<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Global &gt; Network &gt; Interfaces<\/strong>. Edit Port5 and add it to VDOM-B. Set Addressing Mode to Manual and assign an IP\/Network Mask to the interface (192.168.92.1\/255.255.255.0) and set Administrative Access to <strong>HTTPS, PING<\/strong>, and <strong>SSH<\/strong>. Enable DHCP Server.<br \/>\n<figure id=\"attachment_253\" aria-describedby=\"caption-attachment-253\" style=\"width: 1249px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-253 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/58.jpg\" alt=\"Port5 Configuration\" width=\"1249\" height=\"858\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/58.jpg 1249w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/58-300x206.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/58-1024x703.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/58-768x528.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/58-65x45.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/58-225x155.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/58-350x240.jpg 350w\" sizes=\"auto, (max-width: 1249px) 100vw, 1249px\" \/><figcaption id=\"caption-attachment-253\" class=\"wp-caption-text\">Figure 8.8: Port5 configuration<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n<h2>Creating Administrators for Each VDOM<\/h2>\n<ol>\n<li>Go to <strong>Global &gt; System &gt; Administrators<\/strong>. Create an administrator for VDOM-A, called vdom-a. Set Type to <strong>Local User<\/strong>, enter and confirm a password, set Administrator Profile to <strong>prof_admin<\/strong>, and set Virtual Domain to<strong> VDOM-A<\/strong>. Make sure to remove the root VDOM from the Virtual Domain list.<br \/>\n<figure id=\"attachment_254\" aria-describedby=\"caption-attachment-254\" style=\"width: 1256px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-254 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/59.jpg\" alt=\"Administrators for VDOM-A\" width=\"1256\" height=\"660\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/59.jpg 1256w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/59-300x158.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/59-1024x538.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/59-768x404.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/59-65x34.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/59-225x118.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/59-350x184.jpg 350w\" sizes=\"auto, (max-width: 1256px) 100vw, 1256px\" \/><figcaption id=\"caption-attachment-254\" class=\"wp-caption-text\">Figure 8.9: Administrators for VDOM-A<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Global &gt; System &gt; Administrators<\/strong>. Create an administrator for <strong>VDOM-B<\/strong>, called vdom-b. Set Type to<strong> Local User<\/strong>, enter and confirm a password, set Administrator Profile to <strong>prof_admin<\/strong>, and set Virtual Domain to <strong>VDOM-B<\/strong>. Make sure to remove the root VDOM from the Virtual Domain list.<br \/>\n<figure id=\"attachment_255\" aria-describedby=\"caption-attachment-255\" style=\"width: 1246px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-255 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1.jpg\" alt=\"Administrators for VDOM-B\" width=\"1246\" height=\"682\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1.jpg 1246w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1-300x164.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1-1024x560.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1-768x420.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1-65x36.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1-225x123.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/61-1-350x192.jpg 350w\" sizes=\"auto, (max-width: 1246px) 100vw, 1246px\" \/><figcaption id=\"caption-attachment-255\" class=\"wp-caption-text\">Figure 8.10: Administrators for VDOM-B<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n<h2>Security Policy Setting for VDOM-A<\/h2>\n<ol>\n<li><strong>Virtual Domains &gt; VDOM-A &gt; Network &gt; Static Routes<\/strong>. Click Create New to create a default route for the VDOM. Set Destination IP\/Mask to 0.0.0.0\/0.0.0.0, set Device to port3, and set Gateway to the IP of the gateway router.<br \/>\n<figure id=\"attachment_256\" aria-describedby=\"caption-attachment-256\" style=\"width: 1142px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-256 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/63.jpg\" alt=\"Static route in VDOM-A\" width=\"1142\" height=\"390\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/63.jpg 1142w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/63-300x102.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/63-1024x350.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/63-768x262.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/63-65x22.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/63-225x77.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/63-350x120.jpg 350w\" sizes=\"auto, (max-width: 1142px) 100vw, 1142px\" \/><figcaption id=\"caption-attachment-256\" class=\"wp-caption-text\">Figure 8.11: Static route in VDOM-A<\/figcaption><\/figure>\n<\/li>\n<li>Go to<strong> Policy &amp; Objects &gt; Firewall Policy<\/strong>. Create a policy to allow internet access. Set Incoming Interface to port4 and Outgoing Interface to port2. Ensure NAT is turned ON. Set Source Address to all, Destination Address to all, and Service to ALL.<br \/>\n<figure id=\"attachment_257\" aria-describedby=\"caption-attachment-257\" style=\"width: 1237px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-257 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/64.jpg\" alt=\"Firewall Policy in VDOM-A\" width=\"1237\" height=\"792\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/64.jpg 1237w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/64-300x192.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/64-1024x656.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/64-768x492.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/64-65x42.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/64-225x144.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/64-350x224.jpg 350w\" sizes=\"auto, (max-width: 1237px) 100vw, 1237px\" \/><figcaption id=\"caption-attachment-257\" class=\"wp-caption-text\">Figure 8.12: Firewall Policy in VDOM-A<\/figcaption><\/figure>\n<\/li>\n<li>Now, you should be able to reach the internet from WebTerm VDOM-A.<br \/>\n<figure id=\"attachment_258\" aria-describedby=\"caption-attachment-258\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-258\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/65.jpg\" alt=\"Verify configuration in VDOM-A\" width=\"500\" height=\"227\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/65.jpg 1266w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/65-300x136.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/65-1024x466.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/65-768x349.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/65-65x30.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/65-225x102.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/65-350x159.jpg 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-258\" class=\"wp-caption-text\">Figure 8.13: Verify configuration in VDOM-A<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n<h2>Security Policy Setting for VDOM-B<\/h2>\n<ol>\n<li><strong>Virtual Domains &gt; VDOM-B &gt; Network &gt; Static Routes<\/strong>. Click Create New to create a default route for the VDOM. Set Destination IP\/Mask to 0.0.0.0\/0.0.0.0, set Device to port2, and set Gateway to the IP of the gateway router.<br \/>\n<figure id=\"attachment_259\" aria-describedby=\"caption-attachment-259\" style=\"width: 1131px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-259 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/66.jpg\" alt=\"Static route in VDOM-B\" width=\"1131\" height=\"393\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/66.jpg 1131w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/66-300x104.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/66-1024x356.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/66-768x267.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/66-65x23.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/66-225x78.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/66-350x122.jpg 350w\" sizes=\"auto, (max-width: 1131px) 100vw, 1131px\" \/><figcaption id=\"caption-attachment-259\" class=\"wp-caption-text\">Figure 8.14: Static route in VDOM-B<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Policy &amp; Objects &gt; Policy &gt; IPv4<\/strong>. Create a policy to allow internet access. Set Incoming Interface to port5 and Outgoing Interface to port2. Ensure NAT is turned ON. Set Source Address to all, Destination Address to all, and Service to ALL.<br \/>\n<figure id=\"attachment_260\" aria-describedby=\"caption-attachment-260\" style=\"width: 1053px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-260 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/67.jpg\" alt=\"Firewall Policy in VDOM-B\" width=\"1053\" height=\"683\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/67.jpg 1053w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/67-300x195.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/67-1024x664.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/67-768x498.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/67-65x42.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/67-225x146.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/67-350x227.jpg 350w\" sizes=\"auto, (max-width: 1053px) 100vw, 1053px\" \/><figcaption id=\"caption-attachment-260\" class=\"wp-caption-text\">Figure 8.15: Firewall Policy in VDOM-B<\/figcaption><\/figure>\n<\/li>\n<li>Create a Traffic shaping under <strong>Policy &amp; Objects<\/strong> as follows:<br \/>\n<figure id=\"attachment_261\" aria-describedby=\"caption-attachment-261\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-261 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/68.jpg\" alt=\"Create a Traffic Shaper in VDOM-B\" width=\"1034\" height=\"479\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/68.jpg 1034w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/68-300x139.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/68-1024x474.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/68-768x356.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/68-65x30.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/68-225x104.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/68-350x162.jpg 350w\" sizes=\"auto, (max-width: 1034px) 100vw, 1034px\" \/><figcaption id=\"caption-attachment-261\" class=\"wp-caption-text\">Figure 8.16: Create a traffic shaper in VDOM-B<\/figcaption><\/figure>\n<\/li>\n<li>Create a Traffic Shaping Policy with the following configuration:\n<ul>\n<li>Name: <strong>VDOMB<\/strong><\/li>\n<li>Source: <strong>All<\/strong><\/li>\n<li>Destination: <strong>All<\/strong><\/li>\n<li>Service: <strong>All<\/strong><\/li>\n<li>Outgoing Interface: <strong>Port2<\/strong><\/li>\n<li>Shared Shaper: <strong>VDOMB<\/strong><\/li>\n<li>Reverse Shaper: <strong>VDOMB<\/strong><\/li>\n<\/ul>\n<figure id=\"attachment_262\" aria-describedby=\"caption-attachment-262\" style=\"width: 924px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-262 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/69.jpg\" alt=\"Traffic Shaping Policy in VDOM-B\" width=\"924\" height=\"676\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/69.jpg 924w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/69-300x219.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/69-768x562.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/69-65x48.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/69-225x165.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/69-350x256.jpg 350w\" sizes=\"auto, (max-width: 924px) 100vw, 924px\" \/><figcaption id=\"caption-attachment-262\" class=\"wp-caption-text\">Figure 8.17: Traffic Shaping Policy in VDOM-B<\/figcaption><\/figure>\n<\/li>\n<li>Now open the browser in WebTerm VDOM-B and go to <a href=\"https:\/\/fast.com\">Fast.com<\/a> and verify your configuration.<br \/>\n<figure id=\"attachment_263\" aria-describedby=\"caption-attachment-263\" style=\"width: 350px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-263\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/70.jpg\" alt=\"Verify configuration in VDOM-B\" width=\"350\" height=\"263\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/70.jpg 1280w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/70-300x225.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/70-1024x769.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/70-768x577.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/70-65x49.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/70-225x169.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/70-350x263.jpg 350w\" sizes=\"auto, (max-width: 350px) 100vw, 350px\" \/><figcaption id=\"caption-attachment-263\" class=\"wp-caption-text\">Figure 8.18: Verify configuration in VDOM-B<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n","protected":false},"author":124,"menu_order":5,"template":"","meta":{"pb_show_title":"on","pb_short_title":"","pb_subtitle":"","pb_authors":[],"pb_section_license":""},"chapter-type":[],"contributor":[],"license":[],"class_list":["post-264","chapter","type-chapter","status-publish","hentry"],"part":245,"_links":{"self":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/264","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters"}],"about":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/types\/chapter"}],"author":[{"embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/users\/124"}],"version-history":[{"count":1,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/264\/revisions"}],"predecessor-version":[{"id":265,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/264\/revisions\/265"}],"part":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/parts\/245"}],"metadata":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/264\/metadata\/"}],"wp:attachment":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/media?parent=264"}],"wp:term":[{"taxonomy":"chapter-type","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapter-type?post=264"},{"taxonomy":"contributor","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/contributor?post=264"},{"taxonomy":"license","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/license?post=264"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}