Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
LC-AT
New Contributor

Fortigate Automation backup

Hello,

newbie using Fortigate.

I created an automation sticth to upload a config backup to an SFTP server. I used the following CLI command

 

execute backup config sftp /path/firewall_backup.cfg SFTP_IP SFTP_user SFTP-password

 

If i run the above "CLI" command manually, file is created using the name I specify (in the example, firewall_backup.cfg)

 

if I run the same command via an automation stitch, filename is prefixed with the fortigate serial number (i.e. it becomes FG123456789_firewall_backup.cfg)

 

Of course such prefix doesn't disturb me, but I would like to understand WHY this prefix... Checked on documentation but since I'm a newbie on fortigate was unable to find the right point.

Can someone help me understanding this  behaviour?

Thanks in advance

1 Solution
kcheng

Hi LC-AT,

 

Thanks for your prompt response. I've tested the relevant on a Windows-based Open-SSH server, I do not see the same behavior. If this is an issue for you, I would suggest you to open a support ticket with us via https://support.fortinet.com. With a ticket opened, we can have more resources to perform the testing to look into your issue.

Cheers,
Kayzie Cheng

View solution in original post

5 REPLIES 5
Anonymous
Not applicable

Hello LC-AT, 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

   Fortinet Community Team 

kcheng
Staff
Staff

Hi LC-AT,

 

Good day to you. Can you let us know what is the firmware and what is the SFTP server that you are currently using? Would it be possible for you to send us the command that you configured in the automation stitch to further investigate? You may remove the SFTP IP and login credential accordingly. 

 

Cheers,
Kayzie Cheng
LC-AT
New Contributor

Hi KCheng,

thanks for investigating, these are the info

Current version

FortiOS v7.0.5 build0304 (GA)
 
SFTP server is the one provided by OpenSSH package on a Linux (debian based) distribution.
 
The automation action is this one

 

   edit "backup-cfg"
        set action-type cli-script
        set script "execute backup config sftp /fortigate/firewall01.cfg 10.x.y.z sftp-forti password_omitted"
        set execute-security-fabric enable
        set accprofile "super_admin"
    next

 

 
on SFTP directory I get this
LCAT_0-1651823231983.png

 

Tried also removing "set execute-security-fabric enable" but no difference.

Thanks
 

@kcheng wrote:

Hi LC-AT,

 

Good day to you. Can you let us know what is the firmware and what is the SFTP server that you are currently using? Would it be possible for you to send us the command that you configured in the automation stitch to further investigate? You may remove the SFTP IP and login credential accordingly. 

 



kcheng

Hi LC-AT,

 

Thanks for your prompt response. I've tested the relevant on a Windows-based Open-SSH server, I do not see the same behavior. If this is an issue for you, I would suggest you to open a support ticket with us via https://support.fortinet.com. With a ticket opened, we can have more resources to perform the testing to look into your issue.

Cheers,
Kayzie Cheng
LC-AT
New Contributor

Hello,

as I told on original post, this is not an issue for me.. I'm just curious about that.. Probably logging SFTP commands could lead us to the answer..

For now the important thing is the backup!

Thanks for help