Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiNAC-F 7.2.0 Administration Guide
    7.2.0
    7.6.0
    7.4.0
    7.2.0

    Remote backup configuration

    Remote backup configuration

    Use the Remote Backup Configuration view to define the connection details used to copy database and system files to a third party (remote) server.

    Database and system backups occur automatically when the Database BackUp and System Backup scheduled tasks run. The backup files are stored on the local appliance. See Database backup/restore and System backups for more information.

    The Administrator can, additionally, configure FortiNAC to place a copy of the database and system backups on a remote server for safekeeping. The backups are placed in time and date stamped files.

    Files can be transferred using FTP and/or SSH protocols.

    Database backup file naming convention: 

    FortiNAC_DataBase_BackUp_YYYY_MM_DD_HH_mm_SS_<hostname>.gz

    System backup file naming convention: 

    <hostname>.YYYYMMDD.*.gz
    Step 1: Configure the backup server

    Remote server configuration using FTP

    1. Create an account on the remote FTP server to be used by FortiNAC for backup file transfer.

    2. Create a folder to which FortiNAC will copy the files.

    For instructions on completing the above tasks, consult documentation specific to the FTP application used.

    Remote server configuration using SSH

    The FortiNAC’s public key must be appended to the authorized_keys file in the remote server for successful SSH communication.

    High Availability configurations: SSH keys for both the primary and secondary FortiNAC servers must be appended.

    1. In the FortiNAC UI, navigate to System > Settings > System Management > Remote backup configuration.

    2. Select the checkbox next to Enable SSH Remote Backup.

    3. Select Display Public SSH Keys.

    4. The Public SSH Key window appears. Copy the key displayed.

    5. Click Close.

    6. Associate the public key to the remote server where the backups will be stored. This process will vary depending on the product. Refer to the SSH server product documentation for instructions.

      Note

      • The format of authorized_keys file is one entry per line.

      • Do not include extra white space or characters when pasting the key.

    Step 2: Configure the remote backup target

    1. In the UI navigate to System > Settings > System Management > Remote Backup Configuration.

    2. Configure using the table below.

      Field

      Definition

      Backup Timeout

      Number of minutes for the backup to be created and copied to the remote server. If this time elapses before the backup is done, the process is interrupted. Be sure to select a time that is long enough for your system to complete its backup. The default is 20 minutes; however, large systems may require more time.

      Enable FTP Remote Backup

      Remote backups to this server are enabled when this is checked.

      Default = Unchecked

      Server

      IP address of the remote server.

      User Name

      User Name required for write access to the server.

      Password

      Password required for write access to the server.

      Remote Path

      The directory path where the remote backup files will be placed. This directory must exist on the server.

      EnableSSH Remote Backup

      Remote backups to this server are enabled when this is checked. The SSH keys must already be established for the SSH remote backups to be successful.

      Default = Unchecked

      Display Public SSH Keys

      Click to view the public SSH key from the FortiNAC Primary and Secondary Control Servers.

      Server

      The IP address of the remote server. Format is user@remote-server, such as asmith@192.168.1.1 .

      Remote Path

      The directory path where the remote backup files will be placed. This directory must exist on the server.

      Test SSH Connection

      Test the connection to the server using the SSH Server and SSH Remote Path settings to confirm the settings are valid.

      If the test fails, it means the Remote Backup task will not back up the files to the specified remote server.
    Step 3: Validate

    FTP

    1. Navigate to System > Scheduler.

    2. Highlight the Database Backup task and click Run Now.

    3. On the remote server, confirm the files were transferred.

    SSH

    1. Click Test SSH Connection to verify SSH communication with the remote server.

    2. Once successfully tested, navigate to System > Scheduler.

    3. Highlight the Database Backup task and click Run Now.

    4. On the remote server, confirm the files were transferred.

    Previous
    Next

    Remote backup configuration

    Remote backup configuration

    Use the Remote Backup Configuration view to define the connection details used to copy database and system files to a third party (remote) server.

    Database and system backups occur automatically when the Database BackUp and System Backup scheduled tasks run. The backup files are stored on the local appliance. See Database backup/restore and System backups for more information.

    The Administrator can, additionally, configure FortiNAC to place a copy of the database and system backups on a remote server for safekeeping. The backups are placed in time and date stamped files.

    Files can be transferred using FTP and/or SSH protocols.

    Database backup file naming convention: 

    FortiNAC_DataBase_BackUp_YYYY_MM_DD_HH_mm_SS_<hostname>.gz

    System backup file naming convention: 

    <hostname>.YYYYMMDD.*.gz
    Step 1: Configure the backup server

    Remote server configuration using FTP

    1. Create an account on the remote FTP server to be used by FortiNAC for backup file transfer.

    2. Create a folder to which FortiNAC will copy the files.

    For instructions on completing the above tasks, consult documentation specific to the FTP application used.

    Remote server configuration using SSH

    The FortiNAC’s public key must be appended to the authorized_keys file in the remote server for successful SSH communication.

    High Availability configurations: SSH keys for both the primary and secondary FortiNAC servers must be appended.

    1. In the FortiNAC UI, navigate to System > Settings > System Management > Remote backup configuration.

    2. Select the checkbox next to Enable SSH Remote Backup.

    3. Select Display Public SSH Keys.

    4. The Public SSH Key window appears. Copy the key displayed.

    5. Click Close.

    6. Associate the public key to the remote server where the backups will be stored. This process will vary depending on the product. Refer to the SSH server product documentation for instructions.

      Note

      • The format of authorized_keys file is one entry per line.

      • Do not include extra white space or characters when pasting the key.

    Step 2: Configure the remote backup target

    1. In the UI navigate to System > Settings > System Management > Remote Backup Configuration.

    2. Configure using the table below.

      Field

      Definition

      Backup Timeout

      Number of minutes for the backup to be created and copied to the remote server. If this time elapses before the backup is done, the process is interrupted. Be sure to select a time that is long enough for your system to complete its backup. The default is 20 minutes; however, large systems may require more time.

      Enable FTP Remote Backup

      Remote backups to this server are enabled when this is checked.

      Default = Unchecked

      Server

      IP address of the remote server.

      User Name

      User Name required for write access to the server.

      Password

      Password required for write access to the server.

      Remote Path

      The directory path where the remote backup files will be placed. This directory must exist on the server.

      EnableSSH Remote Backup

      Remote backups to this server are enabled when this is checked. The SSH keys must already be established for the SSH remote backups to be successful.

      Default = Unchecked

      Display Public SSH Keys

      Click to view the public SSH key from the FortiNAC Primary and Secondary Control Servers.

      Server

      The IP address of the remote server. Format is user@remote-server, such as asmith@192.168.1.1 .

      Remote Path

      The directory path where the remote backup files will be placed. This directory must exist on the server.

      Test SSH Connection

      Test the connection to the server using the SSH Server and SSH Remote Path settings to confirm the settings are valid.

      If the test fails, it means the Remote Backup task will not back up the files to the specified remote server.
    Step 3: Validate

    FTP

    1. Navigate to System > Scheduler.

    2. Highlight the Database Backup task and click Run Now.

    3. On the remote server, confirm the files were transferred.

    SSH

    1. Click Test SSH Connection to verify SSH communication with the remote server.

    2. Once successfully tested, navigate to System > Scheduler.

    3. Highlight the Database Backup task and click Run Now.

    4. On the remote server, confirm the files were transferred.

    Previous
    Next