Fortinet – Backup Config

Step 1: Enable SCP

config system global
   set admin-scp enable
end

Step 2: Enable SSH access on the interface

config system interface
edit <interface name>
   append allowaccess ssh
end

Step 3: Confirm FortiGate SSH Port.

show full-configuration | grep admin-ssh-port

Step 4: To Backup FortiGate configuration use the SCP client.

scp [email protected]<FortiGate_IP>:sys_config <location>

—-

#!/bin/bash

# I DECLARE FORTINET FOR BACKUP
IP_FORTI_JKT="192.168.65.65"
IP_FORTI_BDG="192.168.111.1"
IP_FORTI_BALI=""
SSH_PORT="25966"
USERS="agink_users"
PASS="agink_password"
PATH_JKT="/home/backup/conf/fortinet/jkt"
PATH_BDG="/home/backup/conf/fortinet/bdg"
PATH_BALI="/home/backup/conf/fortinet/bali"

timestamp=$(date +"%y%m%d_%H%M")

# I DECLARE NAME OF THE UNITS FORTINET
FTG_JKT="FORTI_JKT_"$timestamp
FTG_BDG="FORTI_BDG_"$timestamp
FTG_BALI="FORTI_BALI_"$timestamp

#Backup Jakarta 
sshpass -p $PASS scp -P $SSH_PORT [email protected]$IP_FORTI_JKT:sys_config $PATH_JKT/$FTG_JKT.conf

#Backup Bandung 
sshpass -p $PASS scp -P $SSH_PORT [email protected]$IP_FORTI_BDG:sys_config $PATH_BDG/$FTG_BDG.conf

#Backup Bali 
#sshpass -p $PASS scp -P $SSH_PORT [email protected]$IP_FORTI_BALI:sys_config $PATH_BALI/$FTG_BALI.conf

# End of Backup