«
»

The cheap way to automate Fortinet firewall backups is:

  1. Enable SSH on the firewall.
  2. Enable SCP (System -> Admin -> Settings -> Enable SCP)
  3. Create a ‘backup’ admin user with read_only profile.
  4. Run a script to scp the configs.

Uses Net::SCP::Expect

#!/usr/bin/perl -w

use warnings;
use Net::SCP::Expect;

@firewallips = ('192.168.1.1',
 '192.168.2.1',
 '192.168.3.1',
 '192.168.4.1',
 '192.168.5.1',
 '192.168.6.1'
);

foreach $ip (@firewallips) {
 print "$ip\n";

 my $scpe = Net::SCP::Expect->new(auto_yes=>1);
 $scpe->login('backup', 'SUPERSECRET');
 $scpe->scp("$ip:sys_config","/home/fortinetbackups/fortinet-$ip\.conf");

}

Or you could do it this way.

This entry was posted by Jason Filley on September 25, 2009 at 8:30 am under Computers, Main. Both comments and pings are currently closed.