Saving & Editing Config File on Fortigate

By | September 5, 2013
There are two methods to obtain a full configuration file from a FortiGate.

The first method is to connect to the CLI via SSH or console of the FortiGate and perform the following commands either to tftp or to USB

 #exec backup full-config tftp|usb <test7>
The file is saved in .conf format and can be opened in any text editor such as WordPad.  It should be noted that if password encryption then the .conf file can only be restored to the FortiGate, it cannot be viewed in a text editor once password protection has been enabled.
#exec backup full-config tftp|usb <test7> <pwd>
The second method is to open a SSH session to the FortiGate and run the following commands:
#config system console
#set output standard
Start to log the SSH session from within the SSH tool, and then run the following command on the CLI:
#show full-configuration
The full-configuration will be dumped to the screen.  Once the dump is complete open the saved log from the SSH session and save this as a .conf file. A text editor can then be used to edit the saved .conf file.

A web based manager full config is not the same as the CLI full config, the former is the global config when VDOM are enabled, whereas the latter is the config including all defaults