FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jonathan_Body_FTNT
Article Id 192290

Description

This article explains how to save and edit a full configuration file from the FortiGate.


Scope

All FortiOS users


Solution

There are two methods to obtain a full configuration file from a FortiGate.

The first method is to connect to the CLI via SSH or console of the FortiGate and perform the following commands either to tftp or to USB

 #exec backup full-config tftp|usb <test7> 10.147.1.75
The file is saved in .conf format and can be opened in any text editor such as WordPad.  It should be noted that if password encryption then the .conf file can only be restored to the FortiGate, it cannot be viewed in a text editor once password protection has been enabled.
#exec backup full-config tftp|usb <test7> 10.147.1.75 <pwd>

The second method is to open a SSH session to the FortiGate and run the following commands:
#config system console
#set output standard
#end
Start to log the SSH session from within the SSH tool, and then run the following command on the CLI:
#show full-configuration
The full-configuration will be dumped to the screen.  Once the dump is complete open the saved log from the SSH session and save this as a .conf file. A text editor can then be used to edit the saved .conf file.

A web based manager full config is not the same as the CLI full config, the former is the global config when VDOM are enabled, whereas the latter is the config including all defaults

 

Contributors