Scribd
Upload
30 views7 pages

Exercise 3

Uploaded by

manuteoihu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
30 views7 pages

Exercise 3

Uploaded by

manuteoihu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Exercise 3: Generating Configuration

Backups
In this exercise, you will learn how to generate and restore cleartext and encrypted
configuration backups. The configuration files that backups produce enable you to restore
FortiGate to an earlier configuration.

Restore a Configuration From a Backup


You will restore a configuration from a backup.

To restore a configuration from a backup

1. Log in to the Local-Client VM with the username Administrator and


password password.

The first time that you log in, you may need to click and drag the screen from the bottom
to bring up the login prompt.

2. On the Local-Client VM, open a browser, and then log in to the Local-FortiGate GUI
at 10.0.1.254 with the username admin and password password.

You can also access the Local-FortiGate GUI from the bookmarks bar in the Mozilla
Firefox browser.

All lab exercises were tested running Firefox on the Local-Client and Remote-Client
VMs. To get consistent results, you should use Firefox to access both the internet and
the FortiGate GUIs in this virtual environment.

3. In the upper-right corner, click admin, and then click Configuration > Restore.
4. Click Upload to select the backup configuration file from your local PC.

5. Click Desktop > Resources > FortiGate-Administrator > Introduction > local-
initial.conf, and then click Select.

6. Click OK.

7. Click OK to reboot.

After your browser uploads the configuration, FortiGate reboots automatically. This takes
approximately 30–45 seconds.

8. When the Local-FortiGate GUI login page reappears after reboot, log in with the
username admin and password password.
9. Click Network > Interfaces, and then verify that the network interface settings were
restored.

10. Click Network > Static Routes, and then verify that the default route was restored.

Back Up and Encrypt a Configuration File


Always back up the configuration before making changes to FortiGate (even if the change
seems minor or unimportant). There is no undo. You should carefully consider the pros and
cons of an encrypted backup before you begin encrypting backups. While your
configuration, including things like private keys, remains private, an encrypted file hampers
troubleshooting because Fortinet Support cannot read the file. Consider saving backups in
plaintext, and storing them in a secure place instead.

You will create an encrypted file with the backup of the FortiGate current configuration.

To save an encrypted configuration backup

1. On the Local-Client VM, open a browser, and then log in to the Local-FortiGate GUI
at 10.0.1.254 with the username admin and password password.

2. On the Local-FortiGate GUI, in the upper-right corner, click admin, and then
click Configuration > Backup.

3. On the Backup System Configuration page, enable Encryption.

4. In the Password and Confirm password fields, type fortinet.


5. Click OK.

The Firefox browser saves the encrypted configuration file in the Downloads folder, by
default. Ensure that you record the password and store it in a secure place.

You can access downloaded files by clicking the download arrow button in the upper-
right corner of the browser.

Restore an Encrypted Configuration Backup


Restoring from a backup enables you to return FortiGate to a previous configuration. As a
word of caution, if you cannot recall the password required to decrypt an encrypted backup,
you will not be able to restore FortiGate to the backup. Ensure that you record the
password and store it in a secure place.

You will restore the configuration backup that you created in the previous procedure.

Take the Expert Challenge!


Restore the configuration from the encrypted backup.

If you require assistance, or to verify your work, use the step-by-step instructions that follow.

After you complete the challenge, see Compare the Headers of Two Configuration Files on page 1.
To restore an encrypted configuration backup

1. On the Local-FortiGate GUI, in the upper-right corner, click admin, and then
click Configuration > Restore.

2. On the Restore System Configuration page, click Upload.

3. Browse to your Downloads folder, and then select the configuration file that you
created in the previous procedure.

4. In the Password field, type fortinet, and then click OK.

5. Click OK to confirm that you want to restore the configuration.

FortiGate reboots.

Compare the Headers of Two Configuration Files


When you troubleshoot issues, or when you restore FortiGate to an earlier OS version or
build, it is useful to know where to find the version and build number in a configuration file.
This task shows you where to find this information.

You will open and compare two configuration files using Notepad++.

To compare the headers of two configuration files

1. On the Local-Client VM, click the Notepad++ icon.


2. Click File > Open, and then browse to the Downloads folder to open the encrypted
configuration file.

3. Click File > Open, and then browse to the initial configuration file:

Desktop\Resources\FortiGate-Security\Introduction\local-initial.conf
The configuration file opens in a second tab in Notepad++.

4. Compare the headers in the two files.

The following example is an encrypted file:

The following example is a cleartext file:

In both the cleartext and encrypted configuration files, the top line acts as a header, and
lists the firmware and model that this configuration belongs to.

5. Close the two tabs in Notepad++, and then close the application.

LAB-1 > Generating Configuration Backups

You might also like