Hello,
i would to to implement automated fortigates backups.
I have to use two solutions. FTP and SCP. But i have issue with FTP
I used comnad:
execute backup full-config ftp name.config ip user passwd
At my main router where i have a VM with FTP in the same subnet. (Source:10.1.1.2)
But in other locations connected by ipsec i have a problems (10.1.12.0). Connection between 10.1.12.0 <-> 10.1.1.234 its working. But only if i chose my internal interface. From global cli doesnt work. I dont use a vdoms at this FG.
My interface configuration:
After Executed backup from CLI i got that:
I run PCAP and i could see a source WAN address. How can i change it to address from WAN to internal interface 10.1.12.253 ?
Thanks for any help
Hi Zmk,
I don't think there is the output interface setting.
However, you can use a local lan address as a Virtual IP address (example 10.1.12.250 if free) to the backup FTP server address.
The virtual IP would be : external IP 10.1.12.250 map to 10.1.1.234 for the port 21 (ftp)
So the for backup command would be: execute backup full-configuration ftp fg.conf 10.1.12.250 fg test123
i have try this configuration in lab , it's ok for me after this change.
Best regards
Julien, thanks for your repley
I tried that, and any results:
Trafic destination was changed from IPSEC tunnel to local lan
SCP is working properly, i just use other protocol. SCP is more secure
Best Regards and thanks for answer
Okay, you're welcome
have a nice day