Technical Tip: Backup of configuration file from CLI using FTP
| Description | This article describes how to interpret the command line sequence to perform back-up of the FortiGate device configuration file from the CLI using the FTP protocol. |
| Scope | FortiGate. |
| Solution | The command to perform the back-up of the configuration is as below:
execute backup config ftp <filename> <ftp server>[:ftp port] <username> <password>
If there is any connectivity issue or typo in the interpretation of the CLI command, the error 'Send config file to FTP server via VDOM root failed can be seen.
Collect the sniffer output with the FTP server IP and port as a filter. Clarify where the issue is:
Proper interpretation of the command will give us successful connectivity and the below output:
FW# execute backup config ftp test.conf 10.10.10.10:21 admin password Connect to ftp server 10.10.10.10:21 … Please wait… Send config file to ftp server OK.
A situation may arise where entering the command will lead to the console instead of successfully connecting to the FTP server:
This usually arises when the password has symbols that are not interpreted correctly. A good practice is to put it under quotes for the firewall to take the password successfully:
The command to perform the encrypted backup-up configuration is as below:
execute backup config ftp filename server-address ftp-username ftp-password config-password <config-password> Password to protect the back-up file
The configuration is backed up on the FTP server-specified directory with the name test.conf. The same command could be used for automation using the script.
Note: When using this command within an Automation Stitch on FortiGate that has VDOMs enabled, the script must first enter the global context before running the backup command. To do this, add the following lines at the beginning of the script:
config global execute backup config ftp test.conf 10.10.10.10 admin password
Related articles: Technical Tip: How to Backup & Restore config file from FTP server |
