Fortinet black logo

Administration Guide

Backing up the configuration

Backing up the configuration

Once you have tested your basic installation and verified that it functions correctly, create a backup. This “clean” backup can be used to:

  • troubleshoot a non-functional configuration by comparing it with this functional baseline
  • rapidly restore your installation to a simple yet working point
Note

The following procedures only produce a backup of the configuration file. If you have also configured other settings such as block/safe lists, dictionaries, and the Bayesian databases, you should back them up as well.

To back up the configuration file via the web UI
  1. Log in to the web UI as the admin administrator.
  2. Other administrator accounts do not have the required permissions.

  3. Go to System > Maintenance > Configuration.
  4. Select System Configuration (and User Configuration if you have already configured user preferences).
  5. Click Backup.

If your browser prompts you, navigate to the folder where you want to save the configuration file. Click Save.

Your browser downloads the configuration file. Time required varies by the size of the configuration and the specifications of the appliance’s hardware as well as the speed of your network connection.

To back up the configuration file via the CLI
  1. Log in to the CLI as the admin administrator using either the local serial console, the CLI Console widget in the web UI, or an SSH or Telnet connection.
  2. Other administrator accounts do not have the required permissions.

  3. Enter the following command:
  4. execute backup full-config tftp <file-name_str> <server_ipv4> [<backup-password_str>]

    where the variables and options are as follows:

    Variable

    Description

    <file-name_str>

    Type the file name of the backup.

    <server_ipv4>

    Type the IP address or domain name of the server.

    [<backup-password_str>]

    Optional. Type the password that will be used to encrypt the backup file.

    Caution: Do not lose this password. You will need to enter this same password when restoring the backup file in order for the appliance to successfully decrypt the file. If you cannot remember the password, the backup cannot be used.

    For example, the following command backs up a FortiMail-3000C’s configuration file to a file named FortiMail-3000C.conf in the current directory on the TFTP server 172.16.1.10, encrypting the backup file using the password P@ssw0rd1:

    For example, the following command backs up a FortiMail-3000C’s configuration file to a file named FortiMail-3000C.conf in the current directory on the TFTP server 172.16.1.10, encrypting the backup file using the password P@ssw0rd1:

    FortiMail-3000C # execute backup full-config tftp FortiMail-3000c.conf 172.16.1.10 P@ssw0rd1

    Time required varies by the size of the database and the specifications of the appliance’s hardware, but could take several minutes.

Backing up the configuration

Once you have tested your basic installation and verified that it functions correctly, create a backup. This “clean” backup can be used to:

  • troubleshoot a non-functional configuration by comparing it with this functional baseline
  • rapidly restore your installation to a simple yet working point
Note

The following procedures only produce a backup of the configuration file. If you have also configured other settings such as block/safe lists, dictionaries, and the Bayesian databases, you should back them up as well.

To back up the configuration file via the web UI
  1. Log in to the web UI as the admin administrator.
  2. Other administrator accounts do not have the required permissions.

  3. Go to System > Maintenance > Configuration.
  4. Select System Configuration (and User Configuration if you have already configured user preferences).
  5. Click Backup.

If your browser prompts you, navigate to the folder where you want to save the configuration file. Click Save.

Your browser downloads the configuration file. Time required varies by the size of the configuration and the specifications of the appliance’s hardware as well as the speed of your network connection.

To back up the configuration file via the CLI
  1. Log in to the CLI as the admin administrator using either the local serial console, the CLI Console widget in the web UI, or an SSH or Telnet connection.
  2. Other administrator accounts do not have the required permissions.

  3. Enter the following command:
  4. execute backup full-config tftp <file-name_str> <server_ipv4> [<backup-password_str>]

    where the variables and options are as follows:

    Variable

    Description

    <file-name_str>

    Type the file name of the backup.

    <server_ipv4>

    Type the IP address or domain name of the server.

    [<backup-password_str>]

    Optional. Type the password that will be used to encrypt the backup file.

    Caution: Do not lose this password. You will need to enter this same password when restoring the backup file in order for the appliance to successfully decrypt the file. If you cannot remember the password, the backup cannot be used.

    For example, the following command backs up a FortiMail-3000C’s configuration file to a file named FortiMail-3000C.conf in the current directory on the TFTP server 172.16.1.10, encrypting the backup file using the password P@ssw0rd1:

    For example, the following command backs up a FortiMail-3000C’s configuration file to a file named FortiMail-3000C.conf in the current directory on the TFTP server 172.16.1.10, encrypting the backup file using the password P@ssw0rd1:

    FortiMail-3000C # execute backup full-config tftp FortiMail-3000c.conf 172.16.1.10 P@ssw0rd1

    Time required varies by the size of the database and the specifications of the appliance’s hardware, but could take several minutes.