Description

This article describes configuration file save mode for configuration changes.

Scope

FortiGate.

Solution

Configuration file save mode is a temporary mode where the commands entered do not automatically become part of the FortiGate unit's saved configuration. This enables to make changes with the knowledge that can reverted to the saved configuration if there are problems.

Note: Back up the configuration before experimenting with this feature. Otherwise, working configuration data may be lost.

The commands related to configuration file save mode are:

# config  system  global
# set cfg-save ?
automatic    Automatically save config.
manual       Manually save config.
revert       Manually save config and revert the config when timeout.

# execute cfg ?
reload    Reboot to reload the configs.
save      Save configs.

The default setting for cfg-save is automatic mode where configuration changes become part of the saved unit configuration as soon as it is executed by entering either next or end. When configuring revert mode, an additional global parameter is required, which is the timeout in seconds: 'set cfg-revert-timeout' (default = 600 sec). The revert mode allows the operator to restore the system to its previous configuration state in case any issues occur, such as a lost connection to the FortiGate.

In manual mode, commands take effect but do not become part of the saved configuration unless the 'execute cfg save/reload' command is executed.
When the FortiGate unit restarts, it loads the saved configuration. Configuration changes that were not saved are lost. This makes it possible to test commands before saving them and revert to a working configuration if required.