FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Demir21
Staff
Staff
Description This article describes another way on how to get the backup configuration file on FortiGate using HTTPS RestAPI calls from a Python script.
Scope FortiGate
Solution

1) Create a REST API Admin in FortiGate under System -> Administrators -> Create New -> REST API Admin in  order to have access on it via API.

 

2) Save the API key that is generated immediately after selecting on 'Save' button as in the screenshot below:

 

Demir21_0-1640948430514.png

 

 


3) Create an empty file in Linux using the command: nano /home/backup.py.

 

4) Add the following python script in the file and save it:

import requests

 

api_url = 'https:/10.191.20.122/api/v2/monitor/system/config/backup?scope=global&access_token=Nbcyjfgb....'

 

requests.packages.urllib3.disable_warnings()

data = requests.get(api_url, verify=False)

with open('/home/api_configbackup.conf' ,'wb') as f:

         for line in data:

               f.write(line)

 

Where 10.191.20.122 is the IP of the FortiGate.

 

Scope is global for the global configuration of the FortiGate.

 

Access_token is the value of the token we previously generated. 

 /home/api_configbackup.conf is the place in the Linux machine where you want to save the backup file.

 

5) Execute the python script created with the command python3 /home/backup.py

 

The file api_configbackup will be created in the specified directory with the configurations of the Fortigate included.