Configuration Example, Fortinet
FortiGate – backup via auto-script
One of the features I would like to see in a FortiGate is the ability to automatically create backups and copy them to offline storage. Of course, this can be accomplished by adding FortiManager to the solution, but why would I need FortiManager if I only have one FortiGate (cluster). Another option would be using scripts, like Python or PowerShell, with scheduled tasks on servers to pull a backup from the FortiGate firewalls.
A very basic option would be the usage of system auto-script in FortiOS 5.4 and higher. Use this command to create CLI command scripts that can be saved and run. This gives you the possibility to auto-script the execute backup full-config commando. A disadvantage of this command is that you only have the option to use (T)FTP. There is no option to use a secure protocol like SFTP.
An example of an auto-script:
The example executes the backup command and sends the backup via TFTP to the TFTP server. The script runs every 24 hours (86400 seconds). It repeats infinite and starts automatically.
The script can also be configured via the GUI (Global >> System >> Advanced >> Configuration Scripts). More information about the feature can be found here.
René Jorissen
Latest posts by René Jorissen (see all)
- MacOS Big Sur and SSLKEYFILELOG - November 23, 2021
- ClearPass, Azure AD, SSO and Object ID - August 12, 2021
- ClearPass – custom MPSK - July 20, 2021
Cool
[…] 6. FortiGate – backup via auto-script | Booches.nl […]
[…] 6. FortiGate – backup via auto-script | Booches.nl […]
●●●Backup config Fortigate failed for automatic backup●●
Evrything work fine manually when i run.from.cli this following command
execute backup ftp /Backup/backup config @iptftpserver user password
●●●but when i tried the auto-script methode it not work●●●
config system auto-script
edit “backup”
set interval 86400
set repeat 0
set start auto
set script “execute backup ftp /Backup/backup config @iptftpserver user password”