FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 280919
Description This article explains how to take scheduled config back-up of FortiGate on the Backbox tool.
Scope FortiGate.

BackBox is a network automation and security orchestration platform that helps organizations automate network device backup, configuration management, and security compliance tasks, enhancing network reliability and security.

Refer to:


Follow the steps below to set up FortiGate integration on Backbox. 


On FortiGate: 


  1.  Enable SCP.

From CLI:


config system global

   set admin-scp enable



  1. Enable SSH access on the interface.
  • SCP uses SSH protocol to provide secure file transfer. The interface used for administration must allow SSH access.

From GUI:

  • Go to System -> Network -> Interface.
  • Select the Edit icon for the interface used for administrative access.
  • In the Administrative Access section, select the SSH check box.
  • Select 'OK'.


From CLI:

Allow SSH access on the interface from which Backbox is accessible.


config system interface

    edit <interface name>

    append allowaccess ssh



  1. Create an admin account for Backbox.

config user local

    edit admin

        set passwd test1234

        set status enable



On Backbox Device:


  • Go to the dashboard page of the backbox and navigate to Devices -> All devices -> Add device.
  • Provide a name for the FortiGate.
  • Provide the IP address of the FortiGate
  • If there is a device group and agent configured, select them and select 'Next'.

Step 1Step 1


  • On the second page, Select Fortinet as the Vendor and FortiGate as the product (For version just use v4.X and above).
  • Select the desired backup type: It uses SCP protocol to take backup.


Step 2Step 2


  • Leave authentication type as custom.
  • Add user credentials created on the FortiGate
  • Use port 22 as it is.


Step 3Step 3


  • To access from Backbox to the FortiGate, select enable access and then select the no. of backup retention wanted. 
  • In the end, select the add and run backup option, and the FortiGate config backup will be visible.


Step 4Step 4


 Under jobs, create a job for a scheduled backup.




Very helpful