Backup and Restore Fortigate Firewall configurations:

Raghavendra Seshumurthy

Backing up the configuration using the GUI:

  1. Click on admin in the upper right-hand corner of the screen and select Configuration > Backup.
  2. Direct the backup to your Local PC or to a USB Disk.

The USB Disk option will be grayed out if no USB drive is inserted in the USB port. You can also backup to the FortiManager using the CLI.

  1. If VDOMs are enabled, indicate whether the scope of the backup is for the entire FortiGate configuration (Global) or only a specific VDOM configuration (VDOM).
  2. If backing up a VDOM configuration, select the VDOM name from the list.
  3. Select Encryption.

Encryption must be enabled on the backup file to back up VPN certificates.

  1. Enter a password and enter it again to confirm it. You will need this password to restore the file.
  2. Select OK.
  3. The web browser will prompt you for a location to save the configuration file. The configuration file will have a .conf extension.

Backing up the configuration using the CLI:

Use one of the following commands:

execute backup config management-station <comment>

or:

execute backup config usb <backup_filename> [<backup_password>]

or for FTP, note that port number, username are optional depending on the FTP site:

execute backup config ftp <backup_filename> <ftp_server> [<port>] [<user_name>] [<password>]

or for TFTP:

execute backup config tftp <backup_filename> <tftp_servers> <password>

Use the same commands to backup a VDOM configuration by first entering the commands:

config vdom

edit <vdom_name>

Restoring the configurations:

To restore the FortiGate configuration – GUI:
  1. Click on admin in the upper right-hand corner of the screen and select Configuration > Restore.
  2. Identify the source of the configuration file to be restored : your Local PC or a USB Disk.

The USB Disk option will be grayed out if no USB drive is inserted in the USB port. You can restore from the FortiManager using the CLI.

  1. Enter the path and file name of the configuration file, or select Browse to locate the file.
  2. Enter a password if required.
  3. Select Restore.
To restore the FortiGate configuration – CLI:

execute restore config management-station normal 0

or:

execute restore config usb <filename> [<password>]

or for FTP, note that port number, username are optional depending on the FTP site:

execute restore config ftp <backup_filename> <ftp_server> [<port>] [<user_name>] [<password>]

or for TFTP:

execute restore config tftp <backup_filename> <tftp_server> <password>

The FortiGate will load the configuration file and restart. Once the restart has completed, verify that the configuration has been restored.

Advertisement

Published by Raghavendra Seshumurthy

My name is Raghavendra Seshumurthy. Presently I am working as a technolgy manager for Microland Organization. I have experience on security/cloud products: F5, Checkpoint, ASA, PA, AWS, Bluecoat, VPN, PITC, Zscaler, Azure, GCP, network, security, cloud. This blog is created just to share thoughts on new technologies and features in the network, security and cloud environment.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s