Troubleshooting Tip: Unable to backup FortiGate config to external FTP server: 'Send config file to ftp server via vdom root failed. Command fail. Return code 5'

Nivedha · ‎05-26-2024

Description

This article describes how to troubleshoot if it is not possible to backup config to the FTP server

Scope

FortiGate

Solution

To backup config to the FTP server, use this link:

Technical Tip: Backup of configuration file from CLI using FTP

The issue will be based on this setup:

FortiGate 10.14.2.159 ---- FTP server 10.14.2.116

To backup the config to FTP we run the following command:

execute backup config ftp <filename> <ftp server>[:ftp port] <username> <password>

Follow this kb article if the error code is 5 for error code 12:

Send config file to ftp server via vdom root failed.
Command fail. Return code 5

FTP code 5 - 05 FTP_OPEN_IOSTREAM_FAILED Failed to open the INPUT stream.

Mostly when the error is code5, the user is unable to open a TCP connection to the server.
To verify this we will do the packet capture on FortiGate and it is possible to see that the server does not respond to syn packets

diag sniffer packet any 'host <FTP IP>' 4 0 l

FTP server syn.PNG

This issue now lies on the server side and It is necessary to check the server end to allow the connection through.

Note:

Enable Inbound connection rules if the server is hosted on a Windows OS.

Troubleshooting Tip: Unable to backup FortiGate config to external FTP server: 'Send config file to ftp server via vdom root failed. Command fail. Return code 5'

You are leaving our website