Purpose The FortiManager software stores revision history for each managed FortiGate unit. The revision history database is updated on configuration changes and policy package installation. This database can be used to revert a FortiGate unit to a previous configuration and previous version of policy packages.
This KB article explains how to revert a FortiGate unit back to a stored revision, including reverting to the previous configuration of policies.
Screenshots are taken from FortiManager 4.3 but the terminology and steps are still valid up to and including FortiManager 6.0.
At least 2 FortiGate configurations, stored in revision history.
1. Access the Revision History database from device dashboard:
2. Click on Revert icon that correspond to the revision you want to revert to:
3. The selected revision is loaded in a device level database, and is shown as "reverted":
At this stage, the policy package has NOT been updated. If an "Install" is done, the global level parameters will correspond to the reverted config (ID 7), but the policy packages will still correspond to ID 9.
4. To update the policy packages with policies and objects as they are in the reverted revision, it's necessary to import the policy packages for each VDOM:
Note, that policy packages are imported from the FortiManager device level database, not from the FortiGate unit.
On import, new policy packages are created.
5. Install - After policy packages for all VDOMs have been imported, the reverted configuration can be installed to the FortiGate unit:
Make sure you correctly select policy package as imported from the reverted configuration at step 4:
Repeat for each VDOM.
Check Preview to make sure changes are as expected:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.