backup
Back up the FortiGate configuration files, logs, or IPS user-defined signatures file to a TFTP or FTP server, USB disk, or a management station. Management stations can either be a FortiManager unit, or FortiGuard Analysis and Management Service.
When virtual domain configuration is enabled (in global, vdom-admin
is enabled), the content of the backup file depends on the administrator account that created it.
A backup of the system configuration from the super admin account contains the global settings and the settings for all of the VDOMs. Only the super admin can restore the configuration from this file.
When you back up the system configuration from a regular administrator account, the backup file contains the global settings and the settings for the VDOM to which the administrator belongs. Only a regular administrator account can restore the configuration from this file.
Syntax
Backup the configuration to the flash disk
execute backup config flash Backup config file to flash. {comment} Make a comment for this config backup.
Backup the configuration to an FTP server
execute backup config ftp Backup config file to ftp server. {string} Make a file name (path) on the FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {Enter}|{user} FTP username may be needed. {passwd} FTP password. {Enter}|{passwd} Optional password to protect the backup content.
Backup the configuration to FortiManager (in backup mode)
execute backup config management-station Backup config file to management station. {comment} Make a comment for this config backup.
Backup the configuration to a TFTP server
execute backup config tftp Backup config file to TFTP server. {string} Make a file name (path) on the TFTP server. {ip} IP address of TFTP server. {Enter}|{passwd} Optional password to protect the backup content.
Backup the configuration to an external USB disk
execute backup config usb Backup config file to USB disk. {string} Make a file name on the USB disk. {Enter}|{passwd} Optional password to protect the backup content.
Specify a password for USB backups
The password is used to encrypt the backup and must be used to restore or view the configuration file.
execute backup config usb-mode Backup config file for USB mode. {Enter}|{passwd} Optional password to protect the backup file.
Backup the configuration including FortiClient information to an FTP server
execute backup config-with-forticlient-info ftp Backup config (with FortiClient info) file to FTP server. {string} Make a file name (path) on the FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {Enter}|{user} FTP username may be needed. {passwd} FTP password. {Enter}|{passwd} Optional password to protect the backup content.
Backup the configuration including FortiClient information to an external USB disk
execute backup config-with-forticlient-info usb Backup config (with FortiClient info) file to USB disk. {string} Make a file name on the USB disk. {Enter}|{passwd} Optional password to protect the backup content.
Specify a password for USB backups that include FortiClient information
execute backup config-with-forticlient-info usb-mode Backup config (with FortiClient info) file for USB mode. {Enter}|{passwd} Optional password to protect the backup file.
Backup all log files to an FTP server
execute backup disk alllogs ftp Backup all log files to FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {Enter}|{user} FTP username may be needed. {passwd} FTP password.
Backup all log files to a TFTP server
execute backup disk alllogs tftp Backup all log file(s) to TFTP server. {ip} IP address of TFTP server.
Backup all log files to an external USB disk
execute backup disk alllogs usb Backup all log files to USB.
Backup IPS archive files to an FTP server
execute backup disk ipsarchives ftp Backup IPS archive file(s) to FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {Enter}|{user} FTP username may be needed. {passwd} FTP password.
Backup IPS archive files to a TFTP server
execute backup disk ipsarchives tftp Backup IPS archive file(s) to TFTP server. {ip} IP address of TFTP server.
Backup IPS archive files to an external USB disk
execute backup disk ipsarchives usb Backup IPS archive file(s) to USB.
Backup specific log files to an FTP server
execute backup disk log ftp Backup specific log file(s) to FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {user} ftp username {passwd} FTP password. {string} , traffic, event, virus, webfilter, ips, emailfilter, anomaly, voip, dlp, app-ctrl, waf, gtp, dns, ssh
Backup specific log files to a TFTP server
execute backup disk log tftp Backup specific log file(s) to TFTP server. {ip} IP address of TFTP server. {string} , traffic, event, virus, webfilter, ips, emailfilter, anomaly, voip, dlp, app-ctrl, waf, gtp, dns, ssh
Backup specific log files to an external USB disk
execute backup disk log usb Backup specific log file(s) to USB. {string} , traffic, event, virus, webfilter, ips, emailfilter, anomaly, voip, dlp, app-ctrl, waf, gtp, dns, ssh
Backup the full configuration file to an FTP server
execute backup full-config ftp Backup full config file to FTP server. {string} Make a file name (path) on the FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {Enter}|{user} FTP username may be needed. {passwd} FTP password. {Enter}|{passwd} Optional password to protect the backup content.
Backup the full configuration file to a TFTP server
execute backup full-config tftp Backup full config file to TFTP server. {string} Make a file name (path) on the TFTP server. {ip} IP address of TFTP server. {Enter}|{passwd} Optional password to protect the backup content.
Backup the full configuration file to an FTP server
execute backup full-config usb Backup full config file to USB disk. {string} Make a file name on the USB disk. {Enter}|{passwd} Optional password to protect the backup content.
Specify a password for full configuraton USB backups
execute backup full-config usb-mode Backup full config file for USB mode. {Enter}|{passwd} Optional password to protect the backup file.
Backup user defined IPS signatures to an FTP server
execute backup ipsuserdefsig ftp Backup user defined IPS signatures to FTP server. {string} Make a file name (path) on the FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {Enter}|{user} FTP username may be needed. {passwd} FTP password.
Backup user defined IPS signatures to a TFTP server
execute backup ipsuserdefsig tftp Backup user defined IPS signatures to TFTP server. {string} Make a file name (path) on the TFTP server. {ip} IP address of TFTP server.
Backup all memory logs to an FTP server
execute backup memory alllogs ftp Backup all log files to FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {Enter}|{user} FTP username may be needed. {passwd} FTP password.
Backup all memory logs to a TFTP server
execute backup memory alllogs tftp Backup all log file(s) to TFTP server. {ip} IP address of TFTP server.
Backup specific memory log files to an FTP server
execute backup memory log ftp Backup specific log file(s) to FTP server. {ftp server}[:ftp port] FTP server IP or FQDN, can be attached with port. {user} ftp username {passwd} FTP password. {string} , traffic, event, virus, webfilter, ips, emailfilter, anomaly, voip, dlp, app-ctrl, waf, gtp, dns, ssh
Backup specific memory log files to a TFTP server
execute backup memory log tftp Backup specific log file(s) to TFTP server. {ip} IP address of TFTP server. {string} , traffic, event, virus, webfilter, ips, emailfilter, anomaly, voip, dlp, app-ctrl, waf, gtp, dns, ssh
Example
This example shows how to backup the FortiGate unit system configuration to a file named fgt.cfg
on a TFTP server at IP address 192.168.1.23.
execute backup config tftp fgt.cfg 192.168.1.23