Hi,
I'm working on the fortimanager and just wondered whats the difference between the restore vs retrieve and when would you use each one?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Restore is generally only used when describing the loading of the FortiManager configuration. Retrieve is for getting an updated copy of the FortiGate configuration from the FortiGate.
Although Restore isn't mention here, the description of FortiManager Operations might help: https://docs.fortinet.com...uide/645328/operations
Thanks. so the retrieve will pull the full running configuration that is live on the box except policies which you can import.
When you look at the configuration revision history if i want to go back to the running-config that was on the box a week ago if i select that date and click retrieve it doesn't seem to import the configuration from that date it does show the config differences however, is this expected behavior? it just seems to pull up the live config from the box? so does this mean i cannot go back? for example if we made some routing changes and pushed them down to the box and this caused us some issues i would like to go back to the previous revision history to revert this change.
Thanks
I think i have answered my own question here.
Retrieve - can change back to last time installed config and also update device config status to sync,
but it will change package status to unknown, you can fix this by doing an import. Regardless if you select an older revision it will only pull back the latest live running-config from the fortigate. You would use this say if you can made a load of routing changes on the fortimanager so the status is modified but not yet pushed them down to the fortigate, this will put the config status back in sync.
Revert - revert to any previous revision from revision history page, this is where if config had been pushed to the fortigate and caused for example routing issues i can revert back to a known good revision to rollback the change.
Correct me if i'm wrong on the above :)
Retrieve is a quick way to sync up device-level settings. It is normally not required provided you have left Auto-Update enabled.
Revert (or Retrieve) -- just be aware that IF reverting to an older revision includes changes to policies & objects, an Import is needed.
Revert > Import > Install -- yes, this would one means of rolling back a FortiGate configuration to a known-good configuration
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.