Skip to main content
ZAHIDHASEEB
ZAHIDHASEEB
Visitor III
March 16, 2022
Question

Send config file to sftp server via vdom root failed.

  • March 16, 2022
  • 4 replies
  • 23055 views

I am not able to run the backup command so that the fortinet backup can upload to a sftp server. Please note, I am able to ping and connect/login to sftp server successfully when I use winscp or other tool to connect with sftp server

 

200F-HA1 # execute backup config sftp FortinetBKP%date%.cfg 10.10.40.8:822 fortinet fortinet1
Please wait...
Connect to sftp server 10.10.40.8:822 ...
Please wait...
Connect to sftp server 10.10.40.8:822 ...
Send config file to sftp server via vdom root failed.
Command fail. Return code -1

4 replies

sharmaj
Staff
sharmaj
Staff
March 16, 2022

Hello

 

This needs more investigation.

 

Please run this command: diag sniffer packet any " host 10.10.40.8 and port 822" for like 10 seconds while you try again and share the output

 

    ZAHIDHASEEB
    ZAHIDHASEEBAuthor
    Visitor III
    March 16, 2022

    I replaced the ftp server internal name with external name and get successful result  . Below is the example command.

    execute backup config sftp FortinetBKP-%%date%%.cfg sftp.domainname.com:822 fortinet fortinet1

     

    However when I use the command with time, it gets failed

    execute backup config sftp FortinetBKP-%%time%%.cfg sftp.domainname.com:822 fortinet fortinet1. Actually if we schedule backup on hourly basis then the same backup file gets overwrite. I don't want to overwrite the backup file instead make a new file

    AlexC-FTNT
    Staff
    AlexC-FTNT
    Staff
    March 16, 2022

    You can find some solutions discussed here:
    https://community.fortinet.com/t5/Fortinet-Forum/Automated-config-backup-with-date/m-p/73003?m=195023
    https://community.fortinet.com/t5/Fortinet-Forum/Auto-script-override/td-p/67388

    FortiGate is not responsible for storing/managing these configurations. You can use FortiManager for a more complete management solution.

      ZAHIDHASEEB
      ZAHIDHASEEBAuthor
      Visitor III
      March 17, 2022

      1- timestamp is not printing when I run the command from CLI (below result is for reference) and no backup generate when the script run from trigger

      ZAHIDHASEEB_0-1647506645246.png

       

       

      AlexC-FTNT
      Staff
      AlexC-FTNT
      Staff
      March 17, 2022

      I know that %%date%% can be used, but I can't find any reference about %%time%% variable. Can you reference any document where this is presented as a "feature"?

      The question is not about what works and not - it is about what is supposed to work and what not.

        ayoyemikujero
        ayoyemikujero
        New Member
        February 14, 2025

        I had same issue but it turns out when using SFTP the path very important. Use tools like WINSCP and copy path of the folder/directory to clipboard and then put the correct path in your script.

         

        execute backup full-config sftp /share/CACHEDEV1_DATA/FortinetBKP/%%date%%.cfg 10.10.40.8:822 fortinet fortinet1

         

        This worked for me and I hope it works for you too.

         

        Enjoy!

        Terms & ConditionsAccessibility statement