Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
bkarl
Staff
Staff

Created on ‎01-10-2023 08:07 AM Edited on ‎10-07-2025 07:51 AM By Community Manager

Article Id 242501

Technical Tip: How to backup the FortiGate configuration file using Linux Mint as TFTP server

Description This article describes how to back up FortiOS & YAML format configuration files using TFTP service as a TFTP server on Linux Mint 21.1 Vera.
Scope FortiGate version 7.2.3 or earlier.
Solution
  1. On Linux Mint, open a terminal tab and enter the following command:

sudo apt update

 

bkarl_0-1673364145122.png

 

  1. Install TFTP service:

sudo apt install tftpd-hpa

 

bkarl_1-1673364177145.png

 

  1. Verify that the TFTP services are already running:

sudo systemctl status tftpd-hpa

 

bkarl_2-1673364391579.png

 

  1. Once the last step is done, it will be possible to configure the TFTP file of the service.

Access the file and edit it:

 

sudo nano /etc/default/tftpd-hpa

 

Change the TFTP directory path and TFTP options only:

 

Before:

 

TFTP_DIRECTORY=”/var/lib/tftpboot”

TFTP_OPTIONS=”—secure”

 

After:

 

bkarl_3-1673364427448.png

 

It will then be possible to save the changes made before by pressing Ctrl + O, then S, then Ctrl + X (to exit).

 

  1. It is now necessary to create a new folder in order to match the path configured before.

sudo mkdir /tftp

sudo chown tftp:tftp /tftp   <----- This command changes the ownership of the folder.

 

bkarl_4-1673364527130.png

 

  1. Restart the service and check that it is running properly.

 

sudo systemctl restart tftpd-hpa

sudo systemctl status tftpd-hpa

 

Now go to FortiGate-VM 64 (in this case FortiOS 7.2.3 build 1262 is used).

 

As an example:

 

execute backup yaml-config tftp backup_test_yaml.conf 10.124.100.12

execute backup config tftp backup_test_FortiOS.conf 10.124.100.12

 

bkarl_5-1673364527133.png

 

YAML:

 

bkarl_6-1673364527135.png

 

FortiOS:

 

bkarl_7-1673364527137.png

 

Notes:

Consider that the TFTP Server should be reachable by FortiGate.

For more details, see Configuration backups - FortiGate 7.2.3 administration guide.
2920
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.