
Automated backup of Fortigate configuration
Very good, I wanted to share this little tip for all those who don't know him, The truth is that it is something very simple and does not cost anything, The Goal, that our Fortigate firewall is backed up in an automated way with the schedule we want.
What I said, It's really simple, but if someone does not know it or does not use it in their organization, then it can be of help. From the shell we can back up the configuration to a USB device connected to the FW, to an FTP server or a TFTP server. In this example that I leave you I do the backup using FTP:
execute backup config ftp '/PATH/DESTINO/Config.cfg' DIRECCION_IP_SERVIDOR_FTP USUARIO_FTP CONTRASEÑA_FTP
GOOD, that's what we do the backup with, It is ok, But it's manual, so we can, For example, schedule it to run every week, or depending on what we need, we will create an automation in the Fortigate.
To do this,, Let's go to the menu “Security Fabric” > “Automation” and click on “Create New”.
Click on “Add Trigger” to create the trigger for this task,
Click on “Create”,
And we look for a 'Schedule' type Trigger, we select it,
We configure the programming that interests us & “OK”,
And now we can create an action, Click on “Add Action”,
Click on “Create”,
We look for action of the 'CLI Script' type,
We indicate a name and in the Script we paste the text we used earlier to create the annual FTP backup, This time we will modify it a bit so that it uses the date variable to rename the backup file with a more logical name.
execute backup config ftp '/PATH/DESTINO/Config-%%date%%.cfg' DIRECCION_IP_SERVIDOR_FTP USUARIO_FTP CONTRASEÑA_FTP
In Administrator profile we must check “super_admin”, and save the changes.
List, We give “OK”,
And we will already have our scheduled task that will run a backup of our Fortigate configuration on a network server, centrally and maintaining a history in case we needed it.
Well, with this and a cake you know, No? Have a great week, behaving well, being good and those little things, A hug!