FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sprasanta
Staff
Staff
Article Id 194670

Description


This article describes how to download the FortiGate configuration file from the GUI.

 

Scope

 

FortiGate.

Solution


Go to Admin -> Configuration -> Backup select 'Local PC' in 'Backup to' and select'OK'.

 

 

 

The configuration file will be saved with the .conf extension:

Syntax: <hostname + firmware version + build number + date+ time>.conf.

 

In VDOM mode, select the 'Global' option and click 'OK' to save the full configuration backup.

 

1.png

 

To back up an individual VDOM, select 'VDOM' and choose the desired VDOM from the dropdown menu. In the example below, the 'root' VDOM is selected. Select 'OK' to save the configuration backup.

 

2.png

 

Example

 

photon-kvm38_7-4_2702_202501300257.conf

 

Starting from v7.2.0:
  • The 'Password masking' feature is available, which will replace passwords in the configuration backup file.
 
Password masking.png
 
  • Backups can be saved in either the FortiOS format or YAML format. Generally, the FortiOS format is recommended for configuration backups.

 

image (10).png

 

Related document:

Support backing up configurations with password masking 7.2.1 

 

Debug logs (Optional):

There are two steps involved in obtaining the debug logs and the TAC report.

 
  1. From the GUI: Go to System -> Advanced  -> Debug  Logs and select 'Download Debug Logs' (up to version 6.2.2). Go to System -> Settings -> Debug Logs and select the 'Download' button (from v6.2.3 onward). 
                                                     

7.2debugs.PNG

 

Go to System -> Settings -> FortiCare Debug Report and select the 'Download' button (from v7.4.0 onward).

 

7.4debugs.PNG

 
  1. From the CLI management interface via SSH or console connection:

In the command line, run the following command and let the script run until it completes. 
This will take a few seconds. 
 
    execute tac report
 
Note: 
The 'super_admin' permission is required to download the debug log file and run the 'execute tac report' command. 

Related article: