Backup and Restore:

Once you successfully configure the FortiGate, it is extremely important that you backup the
configuration. In some cases, you may need to reset the FortiGate to factory defaults which will
erase the existing configuration. We also recommend that you backup the configuration after
any changes are made, to ensure you have the most current configuration available. Also,
backup the configuration before any upgrades of the FortiGate’s firmware. Should anything
happen to the configuration during the upgrade, you can easily restore the saved configuration.
Always backup the configuration and store it on the management computer or off-site. You
have the option to save the configuration file to various locations including the local PC, USB
key, FTP, and TFTP server. The last two are configurable through the CLI only.

FW1 Management IP Address 192.168.100.200

Management System IP Address 192.168.100.16
Backup Sever IP Address 192.168.100.230
TFTP Server IP Address 192.168.100.16
TFTP Application 3CDaemon
Backup Password 123

1 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

Backup Configuration GUI:
Click on the username in the upper right-hand corner of the screen and select Configuration >
Backup.

Direct the backup to your Local PC or to a USB Disk. The USB Disk option will not be available if
no USB drive is inserted in the USB port. Enable Encryption. Encryption must be enabled on the
backup file to back up VPN certificates. Enter a password and enter it again to confirm it. This
password will be required to restore the configuration. Click OK.

When prompted, select a location on the PC to save the configuration file. The configuration file
will have a .conf extension.

2 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

Restore Configuration Using GUI:
Click on the username in the upper right-hand corner of the screen and select
admin>Configuration > Restore.

Identify the source of the configuration file to be restored: your Local PC or a USB Disk. Click
Upload, locate the configuration file, and click Open. Enter the password if required. Click OK.

It will give warning that the device will reboot click OK to continue.

3 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

Backup Configuration CLI:
FW1 # execute backup config tftp FW1-Backup 192.168.114.1

Restore Configuration CLI:

FW1 # execute restore config tftp FW1-Backup 192.168.114.1

FortiGate Firewall will reboot and will restore the configuration.

4 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

Configuration Revision:
The FortiGate configuration revision option enables the user to maintain multiple versions of
the configuration file on the device, the device flash memory should be 512 or higher.
Configuration revisions are viewed by clicking on the username in the upper right-hand corner
of the screen and selecting Configuration > Revisions.

When revision control is enabled on your FortiGate unit, and configuration backups have been
made, a list of saved revisions of those backed-up configurations appears.

Select two different configuration version click on Diff to see the difference.

5 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

Restore Factory Defaults:
There may be a need to reset the FortiGate to its original defaults; for example, to begin with a
fresh configuration. There are two options when restoring factory defaults. The first resets the
entire device to the original out-of-the-box configuration. You can reset the device with the
following CLI command: When prompted, type y to confirm the reset.
FW1 # execute factoryreset

Alternatively, in the CLI you can reset the factory defaults but retain the interface and VDOM
configuration with the following command:
FW1 # execute factoryreset2

6 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

Firmware:
Fortinet periodically updates the FortiGate firmware to include new features and resolve
important issues. After you have registered your FortiGate unit, you can download firmware
updates from the Fortinet Support web site. Installing new firmware without reviewing release
notes or testing the firmware may result in changes to settings or unexpected issues. You
should always back up the configuration before installing new firmware, in case you need to
restore your FortiGate configuration.

First find out the Upgrade Path enter Current Product name, Current FortiOS version and
Upgrade to FortiOS Version click OK to show recommended Upgrade Path.

We need to download 7.2.0 Build Number 1157 upgrade file for FGT KVM.

7 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

Log into the GUI as the admin administrative user. Go to System > Firmware. Under Upload
Firmware, select Browse and locate the firmware image file. Select OK.

Click Backup config and upgrade. The FortiGate unit backs up the current configuration to the
management computer, uploads the firmware image file, upgrades to the new firmware
version, and restarts. This process takes a few minutes.

8 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

If it gives you warning, Click Continue.

This process takes a few minutes and will reboot the FortiGate Firewall System.

9 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717

Finally, after upgrade and reboot the Firmware has been upgraded to the new Version.

If you have internet access you can directly upgrade Firmware to any updated version.

10 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 00966564303717