Description
This article describes how the configuration file of a FortiGate can be retrieved by a FortiManager through the GUI or the CLI.
Retrieving the configuration file using CLI can be used to gather more debug information if the retrieval process fails in the GUI.
Scope
FortiManager.
Solution
Via GUI:
From: Device Manager -> Device & Group, as shown below:
- Select the managed FortiGate for which it is necessary to retrieve the configuration.
- Scroll down until the section: Configuration and Installation is visible;
- Click the button to the right of the Total Revision number called: Revision history.
- In the section that appears on the right, there is the Retrieve config button.
Via CLI:
Use the following debug to retrieve the OID of the device in question:
diagnose dvm device list
Once the OID value is known, the following command can be executed to retrieve the configuration file of the device in question:
diagnose test deploymanager reloadconf <device OID> <----- OID value from the previous step.
Sample Configuration:
diagnose dvm device list
--- There are currently 2 devices/vdoms managed ---
TYPE OID SN HA IP NAME ADOM IPS FIRMWARE
fmg/faz enabled 158 FGVM0X00000XXXX - 10.5.60.3 FGVM010000****** root 6.00741 (regular) 5.0 MR4 (7605)
|- STATUS: db: not modified; conf: out of sync; cond: unknown; dm: autoupdated; conn: down
|- vdom:[3]root flags:1 adom:root pkg:[imported]FGVM010000******
diagnose test deploymanager reloadconf 158
Note:
- This operation is possible if the FGFM tunnel between the FortiGate and the FortiManager is up; otherwise, it will be necessary to perform troubleshooting as explained in Troubleshooting Tip: How to troubleshoot connectivity issues
- The following is an explanation of when it is useful to perform the Retrieve: FortiManager device settings and sync status
Related articles:
Technical Tip: How to fix synchronization issue in FortiManager
Technical Tip: How to do bulk retrieve config in FortiManager using a script
