Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
Sabk_FTNT
Staff
Staff

Created on ‎04-05-2013 09:59 AM Edited on ‎01-27-2025 01:19 AM By Moderator

Article Id 195935

Technical Tip: How to revert to the previous FortiGate configuration using FortiManager

Description

 

This article explains how to revert a FortiGate to a stored revision, including reverting to the previous configuration of policies using FortiManager.

 

Scope

 

FortiManager, FortiGate.

 

Solution

 

The FortiManager stores revision history for each managed FortiGate. The revision history database is updated on configuration changes and policy package installation. This database can be used to revert a FortiGate unit to a previous configuration and previous version of policy packages.

 

  1. Access the Revision History from Device Manager -> Device & Groups -> Managed FortiGate -> Select the FortiGate -> Dashboard: Summary -> Under Configuration and Installation widget -> Select the icon besides Total Revision:

1.png

 

This shows all the available revisions (the current active revision is with a green check mark, in this case, #22):
 
2.png

 

  1. Select any revision (for example #20) then select More then select Revert:

3.png

 

 
  1. The selected revision is loaded in a device-level database and is shown as 'Revision Revert' and a green check mark appears beside the revision number.

4.png

 


At this stage, the policy package has NOT been updated. If an 'Install' is done at this stage, system-level config will correspond to the reverted config (ID #20), but the policy packages will still correspond to ID #22.
 
  1. To update the policy packages with policies and objects as they are in the reverted revision, it is necessary to Import Configuration under Device Manager -> Device & Groups -> Managed FortiGate, select a FortiGate (or VDOM), and select Import Configuration. Refer to: Importing policies and objects.

5.png

 

Note:

Policy packages are imported from the FortiManager device level database, not from the FortiGate unit: Sequence of operations for installation to managed devices.


  1. Install - After policy packages for all VDOMs have been imported, the reverted configuration can be installed to the FortiGate under Device Manager -> Device & Groups -> Managed FortiGate -> Install Wizard -> Install Policy Package & Device Settings. Make sure to correctly select the policy package as imported from the reverted configuration in step 4.
 
6.png

 


Note:
Make sure to check the Install Preview to check what config FortiManager is pushing to the FortiGate. Repeat the process for each VDOM.


Diagram:

 

Related articles:

Labels:
41650
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.