Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ManpreetSingh
Staff
Staff

Created on ‎10-25-2023 10:47 PM Edited on ‎03-12-2024 10:33 PM By Community Manager

Article Id 280919

Technical Tip: FortiGate scheduled config back-up using Backbox network automation tool

Description This article explains how to take scheduled config back-up of FortiGate on the Backbox tool.
Scope FortiGate.
Solution

BackBox is a network automation and security orchestration platform that helps organizations automate network device backup, configuration management, and security compliance tasks, enhancing network reliability and security.

Refer to:

https://www.fortinet.com/content/dam/fortinet/assets/alliances/2019/sb-fortinet-alliances-backbox.pd...

 

Follow the steps below to set up FortiGate integration on Backbox. 

 

On FortiGate: 

 

  1.  Enable SCP.

From CLI:

 

config system global

   set admin-scp enable

end

 

  1. Enable SSH access on the interface.
  • SCP uses SSH protocol to provide secure file transfer. The interface used for administration must allow SSH access.

From GUI:

  • Go to System -> Network -> Interface.
  • Select the Edit icon for the interface used for administrative access.
  • In the Administrative Access section, select the SSH check box.
  • Select 'OK'.

 

From CLI:

Allow SSH access on the interface from which Backbox is accessible.

 

config system interface

    edit <interface name>

    append allowaccess ssh

end

 

  1. Create an admin account for Backbox.

config user local

    edit admin

        set passwd test1234

        set status enable

     end

 

On Backbox Device:

 

  • Go to the dashboard page of the backbox and navigate to Devices -> All devices -> Add device.
  • Provide a name for the FortiGate.
  • Provide the IP address of the FortiGate
  • If there is a device group and agent configured, select them and select 'Next'.
 

Step 1Step 1

 

  • On the second page, Select Fortinet as the Vendor and FortiGate as the product (For version just use v4.X and above).
  • Select the desired backup type: It uses SCP protocol to take backup.

 

Step 2Step 2

 

  • Leave authentication type as custom.
  • Add user credentials created on the FortiGate
  • Use port 22 as it is.

 

Step 3Step 3

 

  • To access from Backbox to the FortiGate, select enable access and then select the no. of backup retention wanted. 
  • In the end, select the add and run backup option, and the FortiGate config backup will be visible.

 

Step 4Step 4

 

 Under jobs, create a job for a scheduled backup.

 

jobs.PNG
610
Submit Article Idea
Comments
hpenmetsa
Staff
Staff
‎03-11-2024 10:00 PM

Very helpful

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.