Hello community,
I am a Network and Security Engineer at a small tech consulting company.
I am about to import the backup configuration file of my hardware-based FortiGate firewall onto my VM-based FortiGate firewall.
Can you please assist me with the procedure?
Thank you for your help.
Certainly! While importing a backup configuration file from a hardware-based FortiGate firewall to a VM-based FortiGate firewall is generally possible, there might be some differences between the two platforms that you should be aware of. Here's a step-by-step procedure to help you with the import process:
Export the backup configuration file from your hardware-based FortiGate firewall:
a. Log in to the FortiGate web-based manager.
b. Navigate to System > Maintenance > Backup & Restore.
c. Click on "Backup" and choose "Configuration Only."
d. Save the .conf file to your local machine.
Review the exported configuration file:
a. Open the .conf file in a text editor and review it for any platform-specific configurations or settings that might not be applicable to the VM-based FortiGate firewall.
b. If necessary, make adjustments to the configuration file to ensure compatibility with the VM-based FortiGate firewall. For example, you may need to adjust interface names, hardware switch settings, or other hardware-specific configurations.
Import the configuration file to your VM-based FortiGate firewall:
a. Log in to the VM-based FortiGate web-based manager.
b. Navigate to System > Maintenance > Backup & Restore.
c. Click on "Choose File" and select the modified .conf file from your local machine.
d. Click on "Restore" to import the configuration.
Verify the imported configuration:
a. After the import process is complete, your VM-based FortiGate firewall will reboot.
b. Log in to the web-based manager again and review the imported settings to ensure they have been applied correctly.
c. Test the functionality of your firewall, such as routing, VPN connections, and security policies, to make sure everything is working as expected.
Please note that you should always test the imported configuration in a non-production environment first to avoid any disruptions or issues. Additionally, keep a backup of your current VM-based FortiGate configuration before importing the new configuration in case you need to roll back.
Hi, I had the same issue to restore back from 80E to 80F. I couldn't restore it and had to use a Forti convertor.
Different HW and VM FortiGate models typically differ in the names of network interfaces. To account for that, it may be necessary to edit the configuration file created by the backup procedure to change the physical interface names. Fortunately, it is a plain text file - a CLI script, so use the FortiOS CLI reference documentation to understand it. We have done this multiple times - not to transition to a different platform, but to perform bulk configuration changes difficult to do the conventional way via GUI or CLI. One aspect that I unfortunately have no experience with is the encryption of secrets like user passwords or certificates - I have no idea if they will decrypt properly on a different HW or VM model.