FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
Sabk_FTNT
Staff
Staff
Article Id 195935
Purpose
The FortiManager software stores revision history for each managed FortiGate unit.
The revision history database is updated on configuration changes and policy package installation.
This database can be used to revert a FortiGate unit to a previous configuration and previous version of policy packages.

This KB article explains how to revert a FortiGate unit back to a stored revision, including reverting to the previous configuration of policies.

Screenshots are taken from FortiManager 4.3 but the terminology and steps are still valid up to and including FortiManager 6.0.

Expectations, Requirements

At least 2 FortiGate configurations, stored in revision history.


Configuration
 
1. Access the Revision History database from device dashboard:

Revert1.png

 
2. Click on Revert icon that correspond to the revision you want to revert to:

Revert2.png
 
3. The selected revision is loaded in a device level database, and is shown as "reverted":

Revert3.png

At this stage, the policy package has NOT been updated.
If an "Install" is done, the global level parameters will correspond to the reverted config (ID 7), but the policy packages will still correspond to ID 9.
 
 
4. To update the policy packages with policies and objects as they are in the reverted revision, it's necessary to import the policy packages for each VDOM:

Revert4.png

Note, that policy packages are imported from the FortiManager device level database, not from the FortiGate unit.

On import, new policy packages are created.

Revert9.png

 
5. Install - After policy packages for all VDOMs have been imported, the reverted configuration can be installed to the FortiGate unit:

Revert5b.png

Make sure you correctly select policy package as imported from the reverted configuration at step 4:

Revert10.png

Repeat for each VDOM.
 
 

Verification

Check Preview to make sure changes are as expected:

Revert7.png


Diagram:


Contributors