Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
zmk
New Contributor

Created on ‎01-25-2022 04:39 PM

Fortigate 30D - FTP Backup

Hello,

i would to to implement automated fortigates backups.

I have to use two solutions. FTP and SCP. But i have issue with FTP

 

I used comnad:

execute backup full-config ftp name.config ip user passwd

 

zmk_0-1643156594869.png

 

At my main router where i have a VM with FTP in the same subnet. (Source:10.1.1.2)

But in other locations connected by ipsec i have a problems (10.1.12.0). Connection between 10.1.12.0 <-> 10.1.1.234 its working. But only if i chose my internal interface. From global cli doesnt work. I dont use a vdoms at this FG.

 

zmk_1-1643157069042.png

 

My interface configuration:

 

zmk_3-1643157210810.png

 

After Executed backup from CLI i got that:

 

zmk_4-1643157342673.png

I run PCAP and i could see a source WAN address. How can i change it to address from WAN to internal interface 10.1.12.253 ?

zmk_5-1643157471769.png

 

Thanks for any help

 

 

Labels:
2174
0 Kudos
3 REPLIES 3
Julien87
Contributor II

Created on ‎01-26-2022 12:36 AM

Hi Zmk,

 

I don't think there is the output interface setting.
However, you can use a local lan address as a Virtual IP address (example 10.1.12.250 if free) to the backup FTP server address.   

The virtual IP would be :   external IP 10.1.12.250 map to 10.1.1.234 for the port 21 (ftp)


So the for backup command would be:   execute backup full-configuration ftp fg.conf 10.1.12.250 fg test123

 

i have try this configuration in lab , it's ok for me after this change.

 

Best regards

Julien
Julien
2117
0 Kudos
zmk
New Contributor

Created on ‎01-26-2022 06:37 AM

Julien, thanks for your repley

I tried that, and any results:

 

zmk_0-1643207540965.png

 

Trafic destination was changed from IPSEC tunnel to local lan

zmk_1-1643207825036.png

 

SCP is working properly, i just use other protocol. SCP is more secure

Best Regards and thanks for answer

2114
0 Kudos
Julien87
Contributor II

Created on ‎01-26-2022 07:43 AM

Okay, you're welcome

have a nice day

 

 

Julien
Julien
2109
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.