| Description | This article describes how to interpret the command line sequence to perform back-up of the FortiGate device configuration file from the CLI using the FTP protocol. |
| Scope | FortiGate. |
| Solution |
The command to perform the back-up of the configuration is as below:
# execute backup config ftp <filename> <ftp server>[:ftp port] <username> <password>
<filename>: intended filename on FTP server. Example: test.conf
<ftp server>[:ftp port]: FTP server IP address and port number. Example: 10.10.10.10:21
<username> : Admin username of the FTP server.
<password> : Password of the admin user.
If there is any connectivity issue or typo in the interpretation of the CLI command, the error: 'Send config file to FTP server via VDOM root failed can be seen.
Collect the sniffer output with FTP server IP and port as a filter. Clarify where the issue is:
Proper interpretation of the command will give us successful connectivity and the below output:
FW# execute backup config ftp test.conf 10.10.10.10:21 admin password Connect to ftp server 10.10.10.10:21 … Please wait… Send config file to ftp server OK.
A situation may arise where entering the command will lead to the console instead of successfully connecting to the FTP server:
This usually arises when the password has symbols which are not interpreted correctly. A good practice is to put it under quotes for the firewall to take the password successfully:
The command to perform the encrypted backup-up configuration is as below:
execute backup config ftp filename server-address ftp-username ftp-password config-password <config-password> Password to protect the back-up file
The configuration is backed up on the FTP server-specified directory with the name test.conf. The same command could be used for the automation using the script. |
