Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Automated Full-config backups

We would like to be able to scheduled automated full-config backups to be offloaded to an FTP server. I know the fortimanager has backup capabilities of configs for its registered devices but we do not really need a full central management system (though it would be nice).

I'm wondering if anyone has used other solutions/workarounds to make this happen. I believe FortiMail or FortiWeb devices have a scheduled backup that can be run, but not FortiGate.


Thank you,




FG 200B/30D/60D/80D/100D/200D/300D

FE 200D

---- FG 200B/30D/60D/80D/100D/200D/300D FE 200D
3 Solutions
Honored Contributor

See emnoc's post about scp or search link at the top of this page.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

View solution in original post

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
New Contributor III



We use putty run from the tftp server.

It's not the best security, also it is TFTP and all plain-text, but we have a task scheduled that does a backup every day of each vdom and also a full backup.

It's something like this :

the task runs a .bat file calling putty and login info :

C:\Putty.exe -ssh <Fortigate IP> -l <UserLoginName> -pw <UserPassword> -m C:\BackupGlobal.txt

And the txt files are similar to :

config global exe backup config tftp <Filename> <ServerIP> end exit

- -

Does what we need, you could probably build from there.



View solution in original post

New Contributor

with new FortiOS5.4 you can now have a scheduled auto config backup !

config system auto-script

edit "backup" set interval (secs) set repeat () set start auto set script "execute backup config tftp config.txt x.x.x.x" next end 



View solution in original post

Esteemed Contributor III

Not possible. I prefer the  scp and usinga script to set the date/hostname.






PCNSE NSE StrongSwan

Having difficulty finding specific information about the meaning of various "Return Code" values for a specific CLI Backup FTP error.


While executing a CLI backup command I have seen the command return the following error


Send config file to ftp server via vdom root failed.


with different accompanying return codes depending on the situation


Return Code 1

Return Code 5

Return Code 10


Does anyone know where I might find details of what these Return Codes mean relative to the error code, or if you can offer some idea of what they mean from personal experience.


Thanks in advance.



New Contributor

use a linux server, then config a script to schedule backup as below:


#!/bin/bash #linux/UNIX SERVERS="your_fortigate_ip_address" # SSH User name USR="your_fortigate_username" PWD="your_fortigate_password" timestamp=$(date +"%y-%m-%d") # connect each host for host in $SERVERS do sshpass -p $PWD scp -oStrictHostKeyChecking=no $USR@$host:sys_config /home/backup-fortigate-config/"$timestamp"_"$host".conf done echo 'Backup Completed!' exit

make sure you have config crontab for this script to backup in schedule, like every 2 days or 1 week...

New Contributor

As a note to those thinking of using SCP and a read-only user.  


I had this working and then when the time came to restore, the restore went fine except I could not login with an admin account!

If the SCP backup is taken with a read-only account, it does not get the config for your super user account(s). Yes I double checked that my read-only account has access to EVERYTHING. I did call support and they confirmed. I personally feel this is a huge flaw but.......

I have confirmed that if I connect and take the backup using SCP and using credentials for a super user that all user information is included. 

Thankfully I had a full backup that existed for this router and I was able to copy the necessary user info to the backup file and then restore.

New Contributor

Followed this tutorial

And got the same error,


Send config file to ftp server via vdom root failed. Command fail. Return code 5

Someone fixed it ?


Hello lscunha , JRoberts ,


FGT (root) # execute backup full-config ftp /srv/ftp/ch4.conf username password

Please wait...

Connect to ftp server ... Send config file to ftp server via vdom root failed. Command fail. Return code 5



Received the same error. 


I followed to install vsftpd on Ubuntu Server.


Ran a tcpdump on the server: sudo tcpdump -i any port 21 -vvvv


Observed error message: 550 permission denied 


Have to edit: vsftpd.conf file to change settings: write_enable=NO,  to  write_enable=YES and it worked.


It seems to be permission issue on the FTP server.  Can you please run TCPDUMP on the server and post here?


After changing settings, I was able to send the file:


FGT (root) # execute backup full-config ftp /srv/ftp/ch4.conf username password Please wait...

Connect to ftp server ... Send config file to ftp server OK.


Hope that helps.  :) 







Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors