Fortinet white logo
Fortinet white logo

Handbook

Backing up and restoring the configuration

Backing up and restoring configuration

You use the backup procedure to save a copy of your system configuration. A full backup is a zip file.

The backup feature has a few basic uses:

  • Saving the configuration as CLI commands that a co-worker or Fortinet support can use to help you resolve issues with misconfiguration.
  • Restoring the system to a known functional configuration.
  • Creating a template configuration you can edit and then load into another system using the restore procedure.

A complete configuration backup is a zip file that includes the complete configuration files, plus any files you have imported, including error page files, script files, and ISP address book files.

In the event that FortiADC experiences hardware failure, being able to restore the entire backup configuration minimizes the time to reconfigure the system.

All backup files follow the same file-naming convention: hostname_date_time. For example, a backup file named "FortiADC-VM_20171214_0830.txt" means that the backup is made of a system whose hostname is "FortiADC-VM", the backup is made at 08:30 on December 14, 2017. It must be noted that the date and time in the backup file name reflects the date and time in your FortiADC's system settings when the backup is performed.

Note: Configuration backups do not include data such as logs and reports.

Back up files can include sensitive information, such as HTTPS certificate private keys. We strongly recommend that you password-encrypt your backup files and store them in a secure location.
Before you begin:
  • If you are restoring a configuration, you must know its management interface configuration in order to access the web UI after the restore procedure is completed. Open the configuration file and make note of the IP address and network requirements for the management interface (port1). You must also know the administrator username and password.
  • You must have Global Administrator access. Ensure that your admin account settings has Global Admin set to Yes. For more information, see Creating administrator users.
To backup or restore your system configuration:
  1. From navigation bar, click System > Settings.
  2. Click the Backup & Restore tab.
  3. Select the desired action and storage location, as described in Backup and restore configuration.
  4. Follow the instructions in the following paragraphs to back up or restore your configuration, or schedule auto backups.

Backup and restore configuration

Actions Guidelines
Mode

Select one of the options:

  • Back Up—Use this option to back up the current configuration. Note: The backup is saved to a text file.
  • Restore—Use this option to restore a previous configuration. The restore file must be a text file.
  • Auto Backup—Use this option to let FortiADC automatically back up its configuration as scheduled.
Storage

Select one of the storage locations:

  • Local PC/Server—The local PC or server. (Note: When scheduling auto backups, this refers to the SFTP server.)
  • ADC—Your FortiADC device.
Entire Configuration

Enable this option to include error page files, script files, and ISP address book files in the backup file.

Note: The backup is saved to a tar file. ADC

Run a manual backup

You can back up your FortiADC system configuration at any time from the System>Settings>Backup & Restore page using the following procedures.

  1. Select Back Up.
  2. Select a storage location for the backup file, Local PC/Server or ADC.
  3. Specify a name.
  4. Add a password if you want.
  5. The maximum total backup file size differs by model. For more information, see Maximum total backup file size by hardware model.
  6. Click Back Up.

Note: If you've chosen to back up your configuration to the local PC or server, the backup file will appear in the lower-left corner of the GUI. The configuration backup file can be found on the PC or server where all downloaded files are stored. When backing up to a local PC or server, you have the option to use a password to protect the backup file. The option is disabled by default. To use this option, you must enable it first, and then create a password for the configuration backup you are going to do. Be sure to remember the password because it is required when you restore the configuration backup file.

If you've chosen to back up to FortiADC device, the backup file will show up in the table on the Backup & Restore page, where you can either download or upload the backup file using the Download or Upload icon to the far-right column of the same row.

Restore a backup configuration

Use the following procedures to restore a backup of a previous configuration.

  1. Select Restore.
  2. Select the storage location where the backup file resides.
  3. To restore from the Local PC/Server, click Choose File, then upload the desired file.
  4. To restore from FortiADC, select the backup from the table, and click the corresponding Restore icon, on the far right.

Note: The time required to restore a backup file varies, depending on the size of the file and the speed of your network connection. Your web UI session is terminated when the system restarts. To continue using the web UI, refresh the web page and log in again.

If the restored system has a different management interface configuration than the previous configuration, you must access the web UI using the new management interface IP address.

Schedule auto backups

FortiADC's auto backup feature allows you to conveniently set up configuration backup schedules so that it can perform the backups for you automatically according to the schedule. Backup files can be saved on yourFortiADC or a local device via SFTP. It must be noted that you can only store up to 10 backup files on FortiADC at any given time and that the size of all backup files combined must not exceed the limit allowed on your hardware model, as stipulated in the table below.

The Auto Backup configuration page also comes with an Overwrite Config check box, which (if enabled) will let the system automatically delete backup files when the number or the size of saved backup files exceeds either limit. Removal of backup files is done in a FIFO (first-in, first-out) fashion, starting with the oldest backup. If Overwrite Config is not enabled, the system will generate error log messages when the backup files exceed the limits.

Schedule auto backups onto FortiADC:

  1. Select Auto Backup.
  2. Select ADC as the storage location where the backup files will be saved.
  3. Enable the scheduled backup radio button.
  4. Specify the scheduled backup frequency, and set the schedule accordingly.
  5. Select the Overwrite Config radio button (recommended).
  6. Click Save.

Schedule auto backups onto an SFTP sever:

To schedule auto backups onto an SFTP server, you must have a user account on the server and provide the information required about the server, such as its IP address, port number, backup location, and your account user name and password.

  1. Select Auto Backup.
  2. Select Local PC/Server (SFTP server) as the storage location where the backup files will be saved.
  3. Select the Scheduled Backup radio button.
  4. Specify the scheduled backup frequency, and set the schedule accordingly.
  5. Enter the IP address of the SFTP server.
  6. Enter the port of the SFTP server.
  7. Specify the backup file path on the SFTP server, in Folder.
  8. Enter your username for the SFTP server.
  9. Enter your password for the SFTP server.
  10. Click Save.

Schedule auto backups from the Console

Use the following commands to set up auto backup from the Console:

config system auto-backup

set storage {sftp| disk}

set address <ip>

set port <port>

set username <name>

set password <password>

set folder <local directory>

set overwrite {enable|disable}

set schedule-backup-day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday |

Saturday}

set schedule-update-frequency {daily|weekly|every}

set schedule-update-time <hh:mm>

set backup-status {enable|disable}

end

Maximum total backup file size by hardware model

Hardware model Maximum total backup file size
FortiADC 60F 50 MB
FortiADC 100F 50 MB
FortiADC200D 50 MB
FortiADC 200F 50 MB
FortiADC 300D 100 MB
FortiADC 400D 100 MB
FortiADC 700D 100 MB
FortiADC 1000F 100 MB
FortiADC 1500D 100 MB
FortiADC 2000D 100 MB
FortiADC 2000F 200 MB
FortiADC 4000D 200 MB
FortiADC 4000F 200 MB
All FortiADC VMs 100 MB

Backing up and restoring the configuration

Backing up and restoring configuration

You use the backup procedure to save a copy of your system configuration. A full backup is a zip file.

The backup feature has a few basic uses:

  • Saving the configuration as CLI commands that a co-worker or Fortinet support can use to help you resolve issues with misconfiguration.
  • Restoring the system to a known functional configuration.
  • Creating a template configuration you can edit and then load into another system using the restore procedure.

A complete configuration backup is a zip file that includes the complete configuration files, plus any files you have imported, including error page files, script files, and ISP address book files.

In the event that FortiADC experiences hardware failure, being able to restore the entire backup configuration minimizes the time to reconfigure the system.

All backup files follow the same file-naming convention: hostname_date_time. For example, a backup file named "FortiADC-VM_20171214_0830.txt" means that the backup is made of a system whose hostname is "FortiADC-VM", the backup is made at 08:30 on December 14, 2017. It must be noted that the date and time in the backup file name reflects the date and time in your FortiADC's system settings when the backup is performed.

Note: Configuration backups do not include data such as logs and reports.

Back up files can include sensitive information, such as HTTPS certificate private keys. We strongly recommend that you password-encrypt your backup files and store them in a secure location.
Before you begin:
  • If you are restoring a configuration, you must know its management interface configuration in order to access the web UI after the restore procedure is completed. Open the configuration file and make note of the IP address and network requirements for the management interface (port1). You must also know the administrator username and password.
  • You must have Global Administrator access. Ensure that your admin account settings has Global Admin set to Yes. For more information, see Creating administrator users.
To backup or restore your system configuration:
  1. From navigation bar, click System > Settings.
  2. Click the Backup & Restore tab.
  3. Select the desired action and storage location, as described in Backup and restore configuration.
  4. Follow the instructions in the following paragraphs to back up or restore your configuration, or schedule auto backups.

Backup and restore configuration

Actions Guidelines
Mode

Select one of the options:

  • Back Up—Use this option to back up the current configuration. Note: The backup is saved to a text file.
  • Restore—Use this option to restore a previous configuration. The restore file must be a text file.
  • Auto Backup—Use this option to let FortiADC automatically back up its configuration as scheduled.
Storage

Select one of the storage locations:

  • Local PC/Server—The local PC or server. (Note: When scheduling auto backups, this refers to the SFTP server.)
  • ADC—Your FortiADC device.
Entire Configuration

Enable this option to include error page files, script files, and ISP address book files in the backup file.

Note: The backup is saved to a tar file. ADC

Run a manual backup

You can back up your FortiADC system configuration at any time from the System>Settings>Backup & Restore page using the following procedures.

  1. Select Back Up.
  2. Select a storage location for the backup file, Local PC/Server or ADC.
  3. Specify a name.
  4. Add a password if you want.
  5. The maximum total backup file size differs by model. For more information, see Maximum total backup file size by hardware model.
  6. Click Back Up.

Note: If you've chosen to back up your configuration to the local PC or server, the backup file will appear in the lower-left corner of the GUI. The configuration backup file can be found on the PC or server where all downloaded files are stored. When backing up to a local PC or server, you have the option to use a password to protect the backup file. The option is disabled by default. To use this option, you must enable it first, and then create a password for the configuration backup you are going to do. Be sure to remember the password because it is required when you restore the configuration backup file.

If you've chosen to back up to FortiADC device, the backup file will show up in the table on the Backup & Restore page, where you can either download or upload the backup file using the Download or Upload icon to the far-right column of the same row.

Restore a backup configuration

Use the following procedures to restore a backup of a previous configuration.

  1. Select Restore.
  2. Select the storage location where the backup file resides.
  3. To restore from the Local PC/Server, click Choose File, then upload the desired file.
  4. To restore from FortiADC, select the backup from the table, and click the corresponding Restore icon, on the far right.

Note: The time required to restore a backup file varies, depending on the size of the file and the speed of your network connection. Your web UI session is terminated when the system restarts. To continue using the web UI, refresh the web page and log in again.

If the restored system has a different management interface configuration than the previous configuration, you must access the web UI using the new management interface IP address.

Schedule auto backups

FortiADC's auto backup feature allows you to conveniently set up configuration backup schedules so that it can perform the backups for you automatically according to the schedule. Backup files can be saved on yourFortiADC or a local device via SFTP. It must be noted that you can only store up to 10 backup files on FortiADC at any given time and that the size of all backup files combined must not exceed the limit allowed on your hardware model, as stipulated in the table below.

The Auto Backup configuration page also comes with an Overwrite Config check box, which (if enabled) will let the system automatically delete backup files when the number or the size of saved backup files exceeds either limit. Removal of backup files is done in a FIFO (first-in, first-out) fashion, starting with the oldest backup. If Overwrite Config is not enabled, the system will generate error log messages when the backup files exceed the limits.

Schedule auto backups onto FortiADC:

  1. Select Auto Backup.
  2. Select ADC as the storage location where the backup files will be saved.
  3. Enable the scheduled backup radio button.
  4. Specify the scheduled backup frequency, and set the schedule accordingly.
  5. Select the Overwrite Config radio button (recommended).
  6. Click Save.

Schedule auto backups onto an SFTP sever:

To schedule auto backups onto an SFTP server, you must have a user account on the server and provide the information required about the server, such as its IP address, port number, backup location, and your account user name and password.

  1. Select Auto Backup.
  2. Select Local PC/Server (SFTP server) as the storage location where the backup files will be saved.
  3. Select the Scheduled Backup radio button.
  4. Specify the scheduled backup frequency, and set the schedule accordingly.
  5. Enter the IP address of the SFTP server.
  6. Enter the port of the SFTP server.
  7. Specify the backup file path on the SFTP server, in Folder.
  8. Enter your username for the SFTP server.
  9. Enter your password for the SFTP server.
  10. Click Save.

Schedule auto backups from the Console

Use the following commands to set up auto backup from the Console:

config system auto-backup

set storage {sftp| disk}

set address <ip>

set port <port>

set username <name>

set password <password>

set folder <local directory>

set overwrite {enable|disable}

set schedule-backup-day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday |

Saturday}

set schedule-update-frequency {daily|weekly|every}

set schedule-update-time <hh:mm>

set backup-status {enable|disable}

end

Maximum total backup file size by hardware model

Hardware model Maximum total backup file size
FortiADC 60F 50 MB
FortiADC 100F 50 MB
FortiADC200D 50 MB
FortiADC 200F 50 MB
FortiADC 300D 100 MB
FortiADC 400D 100 MB
FortiADC 700D 100 MB
FortiADC 1000F 100 MB
FortiADC 1500D 100 MB
FortiADC 2000D 100 MB
FortiADC 2000F 200 MB
FortiADC 4000D 200 MB
FortiADC 4000F 200 MB
All FortiADC VMs 100 MB