Open topic with navigation

Backup and Restore

The Backup feature allows you to back up an FortiADC’s user-configured objects and parameters to a file that can be uploaded and later restored to another FortiADC. Backup files may be uploaded to an FTP site or saved locally.

The Restore feature allows you to restored a previous backup file containing user-configured objects and parameters to another FortiADC. Restored files may be uploaded to an FortiADC through FTP or from a locally saved backup file.

On boot, FortiADC looks for a unique local peer definition in the configuration file by comparing the System ID found in each peer definition to all available licenses:

If a unique local peer definition is found, the System ID found in the local peer definition is compared against the System ID being used by the running system. If they do not match (as in the case where a backup file from one FortiADC is being restored on another FortiADC), the configuration file is modified to reflect the System ID of the running system and the signature is re-generated. If they do match, the configuration is not modified.

If a unique local peer definition is not found, then all peer definitions are removed from the configuration file and a new local peer definition is generated. This behavior is the same behavior that occurs if FortiADC is booted and there are no peer definitions found in the configuration file (which happens, for example, when the system is reset to factory defaults).

Restore features are available through the GUI and through eqcli.

Restore Notes

1. eqcli restore of a backup archive from a local directory is not supported.
2. When restoring a backup archive created on an FortiADC other than the one you are restoring, all IP addresses (clusters, servers, failover IP addresses, VLAN IP addresses, etc.) will be instantiated as-is from the backup archive. Consequently, if the unit on which the backup archive was created is connected to the network, IP conflicts will arise. You must correct the IP address conflicts before configuring the restored unit into failover, or issues (such as core dumps) will occur.
3. If a backup was performed on a system with more interfaces than exist on the system on which it is being restored, full connectivity will not be restored if a VLAN specifies a port that does not exist on the system on which it is being restored. Connectivity can only be restored for vlans that specify ports that exist on the system on which they are being restored.
4. When a backup is restored on a system: -- Any valid licenses present on that system are preserved. The licenses in the backup file are discarded. If there are no valid licenses on that system, the licenses in the backup file are restored.

Backup

The Backup feature allows you to back up an FortiADC’s user-configured objects and parameters to a file that can be uploaded and later restored to another FortiADC. Backup files may be uploaded to an FTP site or saved locally. Backup features are available through the GUI and through eqcli.

Backup (GUI)

Creating a backup file containing all user-configured objects and parameters through the GUI is as follows:

1. Log in to the GUI as described in Logging In.
2. Click on the Maintenance tab and then select Backup and Restore. The following will be displayed.

3. In the Backup pane enter a File Name which is built from the optionally specified Tag. In the example above, voodoo is used. The Tag is used in addition to the default file name, which is of the form:

<system_name>[-<tag>]-<date>_<time>-backup.tbz

As the Tag is typed, it is added to the File Name or, at least, when the focus leaves the Tag, the tag should be added to the File Name - which is read-only.

4. In the Destination section, select either FTP URL to upload to an FTP site or Local File to save the file locally.

1. For FTP URL, you must type the full FTP URL path to the backup file -leaving off the file name. A terminating slash (/) is required. The italic text shown indicates the required URL format. Entry of an FTP URL will replace the italic text.

2. If the Local File option is selected when you click on the Backup button a save location dialogue box will be displayed. Select a location to save the file and enter a file name. Click Save to save the file locally.

5. Click on the Backup button to create the backup file either save it to the specified local directory or transfers the file to the FTP server via the URL entered.

Backup (CLI)

The backup archive is created and then uploaded to a URL that specifies an FTP site that can be reached by FortiADC.

To create a backup and upload to a specific URL, enter the following:

eqcli > backup url URL name

where:

name is a string that will be used in the backup file name. The default name is of the form:

URL is the path to save the backup and must be in the form:

ftp://[user[:password]@]server[/path]

The backup file will be in the following format:

systemname-date_time-backup.tbz

 

When you restore , the name is required and must match the name of the backup archive to be downloaded.

Note - You will be prompted to enter a password if it is not supplied in the URL

Restore

The Restore feature allows you to restored a previous backup file containing user-configured objects and parameters to another FortiADC. Restored files may be uploaded to an FortiADC through FTP or from a locally saved backup file.

On boot, FortiADC looks for a unique local peer definition in the configuration file by comparing the System ID found in each peer definition to all available licenses:

If a unique local peer definition is found, the System ID found in the local peer definition is compared against the System ID being used by the running system. If they do not match (as in the case where a backup file from one FortiADC is being restored on another FortiADC), the configuration file is modified to reflect the System ID of the running system and the signature is re-generated. If they do match, the configuration is not modified.

If a unique local peer definition is not found, then all peer definitions are removed from the configuration file and a new local peer definition is generated. This behavior is the same behavior that occurs if FortiADC is booted and there are no peer definitions found in the configuration file (which happens, for example, when the system is reset to factory defaults).

Restore features are available through the GUI and through eqcli.

Restore Notes

1. eqcli restore of a backup archive from a local directory is not supported.
2. When restoring a backup archive created on an FortiADC other than the one you are restoring, all IP addresses (clusters, servers, failover IP addresses, VLAN IP addresses, etc.) will be instantiated as-is from the backup archive. Consequently, if the unit on which the backup archive was created is connected to the network, IP conflicts will arise. You must correct the IP address conflicts before configuring the restored unit into failover, or issues (such as core dumps) will occur.
3. If a backup was performed on a system with more interfaces than exist on the system on which it is being restored, full connectivity will not be restored if a VLAN specifies a port that does not exist on the system on which it is being restored. Connectivity can only be restored for vlans that specify ports that exist on the system on which they are being restored.
4. When a backup is restored on a system: -- Any valid licenses present on that system are preserved. The licenses in the backup file are discarded. If there are no valid licenses on that system, the licenses in the backup file are restored.

Restore (GUI)

Restore a backup file containing all user-configured objects and parameters through the GUI is as follows:

1. Log in to the GUI as described in Logging In.
2. Click on the Maintenance tab and then select Backup and Restore. The following will be displayed.

3. In the Restore section select either FTP URL or Local File.

For FTP URL you must type in the full path name (including the file name) into the text box. The italic text shown indicates the required format. Entry of an FTP URL will replace the italic text. When the Restore button is clicked, the file is downloaded from the specified FTP site and a pop up displays a summary of the configuration in the archive. A notification SSL Certificates for HTTPS cluster notification will be displayed. Click on Continue or Cancel. If Continue is selected the archive is restored and the system is rebooted.

For Local File click on the Restore button to display a file selection dialogue to select a file from local storage. Once the file is selected, it is transferred to FortiADC and a popup displays a summary of the configuration in the archive. A notification SSL Certificates for HTTPS cluster notification will be displayed. Click on Continue or Cancel. If Continue is selected the archive is restored and the system is rebooted.

Restore (CLI)

The previously archived backup is uploaded from a URL that specifies an FTP site that can be reached by FortiADC.

To restore a previously backed up file from a specified URL (location) enter the following:

eqcli > restore url URL name

Where:

name must match the name of the backup archive to be downloaded.

URL is the path to the previously backed up file and must be of the form:

ftp://[user[:password]@]server[/path]

 

Note - You will be prompted to enter a password if it is not supplied in the URL