Fortinet black logo

Control Manager

Home FortiNAC 8.5.0 Control Manager

Configure the remote backup destination

8.5.0
8.8.0
8.7.0
8.6.0
8.5.0
8.3.0
Copy Link
Copy Doc ID c0e495af-7299-11e9-81a4-00505692583a:146338
Download PDF

Configure the remote backup destination

Remote Backup Configuration defines the connection details used to copy files to a third party (remote) server when the Database Backup task is run in Scheduler. Transferring the backup files can be done using FTP and/or SSH protocols.

Remote server configuration using FTP

  1. Create an account on the remote FTP server to be used by FortiNAC for backup file transfer.
  2. Create a folder to which FortiNAC will copy the files.

For instructions on completing the above tasks, consult documentation specific to the FTP application used.

Remote server configuration using SSH

SSH communication must be established between the FortiNAC Control Manager and the remote backup server for the SSH remote backups to be successful. Ensure that the public key for the root user on the machine being backed up has been appended to the authorized_keys file in the <root home dir>/.ssh directory of the remote server. In the case of High Availability, the SSH keys for both the primary and secondary must be appended to the authorized_keys file.

Copy the SSH key to the remote server account (Linux)

  1. Access the CLI on the FortiNAC Control Server as root.

  2. Navigate to the .ssh directory. Type

    cd /root/.ssh

  3. Display and copy the key. Type

    cat id_rsa.pub

  4. Access the remote server where the backups will be stored as root.

  5. If the .ssh directory does not exist, create it. Type

    mkdir /home/backup_username/.ssh

  6. Change the permissions. Type

    chmod 700 /home/backup_username/.ssh

  7. Navigate to the .ssh directory, and then paste (append) the key you copied from the FortiNAC to the authorized_keys file. Type

    cd /home/backup_username/.ssh

    vi authorized_keys

  8. The format of authorized_keys file is one entry per line.

  9. Make sure the key you paste is identical to the key on the FortiNAC and does not include extra white space or characters.

Copy the SSH key to the remote server account (third party)

  1. Access the CLI on the FortiNAC Control Server as root.

  2. Navigate to the .ssh directory. Type

    cd /root/.ssh

  3. Display and copy the key. Type

    cat id_rsa.pub

  4. Associate the public key to the remote server where the backups will be stored.

  5. This process will vary depending on the product. Refer to the SSH server product documentation for instructions.

Configure the remote backup target in FortiNAC
  1. Click System > Settings.
  2. Expand the System Management folder.
  3. Select Remote Backup Configuration from the tree.
  4. Use the table of field definitions below to complete these steps.
  5. In the Backup Timeout field enter the number of minutes for the backup to be created and copied to the remote server.
  6. Select Enable FTP Remote Backup and/or Enable SSH Remote Backup to enable the remote backup to that server(s).
  7. Enter the connection information for the backup server(s).
  8. Click Test SSH Connection to validate the SSH Server and SSH Remote Path settings.
  9. Click Save Settings.

Field

Definition

Backup Timeout

Number of minutes for the backup to be created and copied to the remote server. If this time elapses before the backup is done, the process is interrupted. Be sure to select a time that is long enough for your system to complete its backup. The default is 20 minutes, however, large systems may require more time.

Enable FTP Remote Backup

Remote backups to this server are enabled when this is checked.

Default = Unchecked

Display Public SSH Keys

Click to view the public SSH key from the FortiNAC Primary and Secondary Control Servers.

Server

IP Address of the remote server.

User Name

User Name required for write access to the server.

Password

Password required for write access to the server.

Confirm Password

The Password required for write access to the server. Re-entry ensures that the password was typed correctly in the Password field.

Remote Path

The directory path where the remote backup files will be placed. This directory must exist on the server.

In the example shown above, this is a directory in admin's home area.

EnableSSH Remote Backup

Remote backups to this server are enabled when this is checked. The SSH keys must already be established for the SSH remote backups to be successful.

Default = Unchecked

Server

The IP Address of the remote server. Format is user@remote-server, such as asmith@192.168.1.1 .

Remote Path

The directory path where the remote backup files will be placed. This directory must exist on the server.

Test SSH Connection

Test the connection to the server using the SSH Server and SSH Remote Path settings to confirm the settings are valid.

If the test fails, it means the Remote Backup task will not back up the files to the specified remote server.

Validate the connection and backup task
FTP
  1. Navigate to System > Scheduler.
  2. Add the Database Backup task (if not already present).
  3. Highlight the Database Backup task and click Run Now.
SSH
  1. Click the Test SSH Connection button to verify SSH communication with the remote server.
  2. Once successfully tested, navigate to System > Scheduler.
  3. Add the Database Backup task (if not already present).
  4. Highlight the Database Backup task and click Run Now.
Previous
Next

Configure the remote backup destination

Remote Backup Configuration defines the connection details used to copy files to a third party (remote) server when the Database Backup task is run in Scheduler. Transferring the backup files can be done using FTP and/or SSH protocols.

Remote server configuration using FTP

  1. Create an account on the remote FTP server to be used by FortiNAC for backup file transfer.
  2. Create a folder to which FortiNAC will copy the files.

For instructions on completing the above tasks, consult documentation specific to the FTP application used.

Remote server configuration using SSH

SSH communication must be established between the FortiNAC Control Manager and the remote backup server for the SSH remote backups to be successful. Ensure that the public key for the root user on the machine being backed up has been appended to the authorized_keys file in the <root home dir>/.ssh directory of the remote server. In the case of High Availability, the SSH keys for both the primary and secondary must be appended to the authorized_keys file.

Copy the SSH key to the remote server account (Linux)

  1. Access the CLI on the FortiNAC Control Server as root.

  2. Navigate to the .ssh directory. Type

    cd /root/.ssh

  3. Display and copy the key. Type

    cat id_rsa.pub

  4. Access the remote server where the backups will be stored as root.

  5. If the .ssh directory does not exist, create it. Type

    mkdir /home/backup_username/.ssh

  6. Change the permissions. Type

    chmod 700 /home/backup_username/.ssh

  7. Navigate to the .ssh directory, and then paste (append) the key you copied from the FortiNAC to the authorized_keys file. Type

    cd /home/backup_username/.ssh

    vi authorized_keys

  8. The format of authorized_keys file is one entry per line.

  9. Make sure the key you paste is identical to the key on the FortiNAC and does not include extra white space or characters.

Copy the SSH key to the remote server account (third party)

  1. Access the CLI on the FortiNAC Control Server as root.

  2. Navigate to the .ssh directory. Type

    cd /root/.ssh

  3. Display and copy the key. Type

    cat id_rsa.pub

  4. Associate the public key to the remote server where the backups will be stored.

  5. This process will vary depending on the product. Refer to the SSH server product documentation for instructions.

Configure the remote backup target in FortiNAC
  1. Click System > Settings.
  2. Expand the System Management folder.
  3. Select Remote Backup Configuration from the tree.
  4. Use the table of field definitions below to complete these steps.
  5. In the Backup Timeout field enter the number of minutes for the backup to be created and copied to the remote server.
  6. Select Enable FTP Remote Backup and/or Enable SSH Remote Backup to enable the remote backup to that server(s).
  7. Enter the connection information for the backup server(s).
  8. Click Test SSH Connection to validate the SSH Server and SSH Remote Path settings.
  9. Click Save Settings.

Field

Definition

Backup Timeout

Number of minutes for the backup to be created and copied to the remote server. If this time elapses before the backup is done, the process is interrupted. Be sure to select a time that is long enough for your system to complete its backup. The default is 20 minutes, however, large systems may require more time.

Enable FTP Remote Backup

Remote backups to this server are enabled when this is checked.

Default = Unchecked

Display Public SSH Keys

Click to view the public SSH key from the FortiNAC Primary and Secondary Control Servers.

Server

IP Address of the remote server.

User Name

User Name required for write access to the server.

Password

Password required for write access to the server.

Confirm Password

The Password required for write access to the server. Re-entry ensures that the password was typed correctly in the Password field.

Remote Path

The directory path where the remote backup files will be placed. This directory must exist on the server.

In the example shown above, this is a directory in admin's home area.

EnableSSH Remote Backup

Remote backups to this server are enabled when this is checked. The SSH keys must already be established for the SSH remote backups to be successful.

Default = Unchecked

Server

The IP Address of the remote server. Format is user@remote-server, such as asmith@192.168.1.1 .

Remote Path

The directory path where the remote backup files will be placed. This directory must exist on the server.

Test SSH Connection

Test the connection to the server using the SSH Server and SSH Remote Path settings to confirm the settings are valid.

If the test fails, it means the Remote Backup task will not back up the files to the specified remote server.

Validate the connection and backup task
FTP
  1. Navigate to System > Scheduler.
  2. Add the Database Backup task (if not already present).
  3. Highlight the Database Backup task and click Run Now.
SSH
  1. Click the Test SSH Connection button to verify SSH communication with the remote server.
  2. Once successfully tested, navigate to System > Scheduler.
  3. Add the Database Backup task (if not already present).
  4. Highlight the Database Backup task and click Run Now.
Previous
Next