This article describes how to use a script to make FortiGate(s) upload its configuration to FortiManager. The script can be run for multiple FortiGates at the same time to achieve bulk retrieval.
Bulk retrieves for all FortiGates might only be needed if there is a major disconnection of all FortiGates from FortiMangaer and changes are made locally to firewalls that need to be synced back to FortiManager.
Depending on the number of FortiGates, this process might cause high bandwidth consumption.
Create a script in FortiManager -> Device Manager -> Scripts -> Create New.
Type: CLI Script.
Run script on: Remote ForitGate Directly (via CLI):
diagnose fdsm cfg-upload 'comment' <----- Any comment can be set, it will be used to identify the retrieve in the revision history.
Select OK to save.
For FortiGates with VDOMs enabled, the script should be modified to this:
diagnose fdsm cfg-upload 'comment'
Running the script on all FortiGates:
Select the FortiGates and select the right arrow:
The script will start running:
Go to Device Manager and the configuration status of FortiGates should show synchronized. If any FortiGate is not showing synchronized, 'right-click' on the device and select 'Refresh Device'.
In the Total Revisions for each FortiGate, there will be a 'Retrieve' entry with the 'comment' in the comments section.
Script Status/logs can also be checked from: System Settings -> Task Monitor:
Bulk retrieval can also be done by selecting the notification icon on the top, but it only works if the devices are either in a 'conflict' or 'out-of-sync' state.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.