Wednesday, December 1, 2010

Fortigate TFTP configuration script

How many times have you not wished for a function to grab your valuable configurationfiles automatically for safety reasons if your Fortigate should die ?

This simple script in Linuxenvironment will contact your Fortigate and tell it to send it´s configurationfile to your TFTP server. The script requires that you have the expect function installed on your server from where you´ll execute the script.

#!/usr/bin/expect -f
set timeout 60
spawn ssh admin@fgt-ipaddress
expect “password: $”
set send_slow {1 0.05}
send -s “password\r”
send_user “password\r”
send -s ” config global\n”
send -s “execute backup full-config tftp filename.txt tftp-ipaddress\n”
send -s “exit\n”
interact


Where the bold information for you to enter. The italic row is ONLY used if you´re running VDOM´s.

Use chmod 700 scriptfilename to make this scriptfile executable and then configure your crontab for whatever schedule you wish.

No comments: