3 Replies Latest reply on Oct 27, 2011 4:31 PM by kt000791

    Unable to backup FortiNet Firewalls - Cat Tools v3.6.0 (Enterprise)

    thewarehouse

      Hi,

      I have spent over 5 hours trying to backup the configuration of all our FortiGate firewalls.

      Cat Tools can only backup "global" configuration and not VDOMs when I use "Device.Backup.Running Config" activity.

      If I use "Device.Backup.TFTP", Cat Tools will fail and the error message says "Did not receive echo of execute backup full-config tftp UAT-FG01.txt 10.1.2.119 command".

      I did a bit of search in the forum and the fix is to disable echo, so I added the following commands under Option tab:

      %ctUM: EchoOff
      exec backup full-config tftp %ctDeviceName.conf 10.1.2.119
      end

      With the commands added, the error message changed to "Backup via TFTP results: Failed", however I do see the configuration file in the TFTP folder. But why didn't this configuration file move to correct the folder (Configs\Default)? Also since the backup failed, compare and move was not performed...

       

      Below are the output of debug: (1st part is without echo off, 2nd part is with echo off)

      1st Part:

      <NEWSESSION CatTools 3.6.0 22/06/2011 6:55:12 p.m.>
      <PROTOCOL=SSH2>
      <DEVICE TYPE=Fortinet.FortiOS.General>
      <ACTIVITY TYPE=Device.Backup.TFTP>
      <ACTIVITY SCRIPT=C:\Program Files\CatTools3\Scripts\Client.Device.Backup.TFTP.txt>
      <USERS NAME FOR DEVICE=UAT-FG01>
      <C OK 6:55:12 p.m.><R-6:55:13 p.m.>FGT60B3909602002 # <W-6:55:18 p.m.>[13]<R-6:55:18 p.m.>[13][13][10]FGT60B3909602002 # <W-6:55:18 p.m.>[13]<R-6:55:18 p.m.>[13][13][10]FGT60B3909602002 # <W-6:55:18 p.m.>config system console<R-6:55:18 p.m.>config system console<W-6:55:18 p.m.>[13]<R-6:55:18 p.m.>[13][13][10]4799: Unknown action 3[13][10]Command fail. Return code -1[13][10][13][10]FGT60B3909602002 #
      ================================================================================
      WFMDRetVal=1 Waiting for: "(console)#"
      WFMDRetVal=2 Waiting for: "(console) #"
      WFMDRetVal=3 Waiting for: "(console)$"
      WFMDRetVal=4 Waiting for: "(console) $"
      WFMDRetVal=5 Waiting for: "global #"
      WFMDRetVal=6 Waiting for: "(global) #"
      WFMDRetVal=8 Waiting for: "FGT60B3909602002#"
      WFMDRetVal=9 Waiting for: "FGT60B3909602002 $"
      WFMDBuffer="config system console[13][13][10]4799: unknown action 3[13][10]command fail. return code -1[13][10][13][10]fgt60b3909602002 # "
      ================================================================================
      <W-6:55:24 p.m.>config global<R-6:55:24 p.m.>config global<W-6:55:24 p.m.>[13]<R-6:55:24 p.m.>[13][13][10][13][10]FGT60B3909602002 (global) # <W-6:55:24 p.m.>config system console<R-6:55:24 p.m.>config system console<W-6:55:24 p.m.>[13]<R-6:55:24 p.m.>[13][13][10][13][10]FGT60B3909602002 (console) # <W-6:55:24 p.m.>set output standard<R-6:55:24 p.m.>set output standard<W-6:55:24 p.m.>[13]<R-6:55:24 p.m.>[13][13][10][13][10]FGT60B3909602002 (console) # <W-6:55:24 p.m.>end<R-6:55:24 p.m.>end<W-6:55:24 p.m.>[13]<R-6:55:24 p.m.>[13][13][10]<R-6:55:25 p.m.>[13][10]FGT60B3909602002 (global) # <W-6:55:25 p.m.>execute backup full-config tftp UAT-FG01.txt 10.1.2.119<R-6:55:25 p.m.>execute backup full-config tftp UAT-FG01.txt 10.1.2. [08]119
      ================================================================================
      WFDRetVal=0. Waiting for: "execute backup full-config tftp uat-fg01.txt 10.1.2.119"
      WFDBuffer="execute backup full-config tftp uat-fg01.txt 10.1.2. [08]119"
      ================================================================================
      <D 6:55:55 p.m.>
      <SCRIPT VALUES>
      <HOSTNAME="FGT60B3909602002">
      <PROMPT VTY="FGT60B3909602002 ">
      <PROMPT ENABLE="(global) #">
      <PROMPT CONFIG="">

       

       2nd Part:

      <NEWSESSION CatTools 3.6.0 22/06/2011 6:57:12 p.m.>
      <PROTOCOL=SSH2>
      <DEVICE TYPE=Fortinet.FortiOS.General>
      <ACTIVITY TYPE=Device.Backup.TFTP>
      <ACTIVITY SCRIPT=C:\Program Files\CatTools3\Scripts\Client.Device.Backup.TFTP.txt>
      <USERS NAME FOR DEVICE=UAT-FG01>
      <C OK 6:57:12 p.m.><R-6:57:13 p.m.>FGT60B3909602002 # <W-6:57:18 p.m.>[13]<R-6:57:18 p.m.>[13][13][10]FGT60B3909602002 # <W-6:57:18 p.m.>[13]<R-6:57:18 p.m.>[13][13][10]FGT60B3909602002 # <W-6:57:18 p.m.>config system console<R-6:57:18 p.m.>config system console<W-6:57:18 p.m.>[13]<R-6:57:18 p.m.>[13][13][10]4799: Unknown action 3[13][10]Command fail. Return code -1[13][10][13][10]FGT60B3909602002 #
      ================================================================================
      WFMDRetVal=1 Waiting for: "(console)#"
      WFMDRetVal=2 Waiting for: "(console) #"
      WFMDRetVal=3 Waiting for: "(console)$"
      WFMDRetVal=4 Waiting for: "(console) $"
      WFMDRetVal=5 Waiting for: "global #"
      WFMDRetVal=6 Waiting for: "(global) #"
      WFMDRetVal=8 Waiting for: "FGT60B3909602002#"
      WFMDRetVal=9 Waiting for: "FGT60B3909602002 $"
      WFMDBuffer="config system console[13][13][10]4799: unknown action 3[13][10]command fail. return code -1[13][10][13][10]fgt60b3909602002 # "
      ================================================================================
      <W-6:57:24 p.m.>config global<R-6:57:24 p.m.>config global<W-6:57:24 p.m.>[13]<R-6:57:24 p.m.>[13][13][10][13][10]FGT60B3909602002 (global) # <W-6:57:24 p.m.>config system console<R-6:57:24 p.m.>config system console<W-6:57:24 p.m.>[13]<R-6:57:24 p.m.>[13][13][10][13][10]FGT60B3909602002 (console) # <W-6:57:24 p.m.>set output standard<R-6:57:24 p.m.>set output standard<W-6:57:24 p.m.>[13]<R-6:57:24 p.m.>[13][13][10][13][10]FGT60B3909602002 (console) # <W-6:57:24 p.m.>end<R-6:57:24 p.m.>end<W-6:57:24 p.m.>[13]<R-6:57:24 p.m.>[13][13][10]<R-6:57:25 p.m.>[13][10]FGT60B3909602002 (global) # <W-6:57:25 p.m.>exec backup config tftp UAT-FG01.conf 10.1.2.119<W-6:57:25 p.m.>[13]<R-6:57:25 p.m.>exec backup config tftp UAT-FG01.conf 10.1.2.119[13][13][10]<R-6:57:25 p.m.>Please wait...[13][10]<R-6:57:28 p.m.>Connect to tftp server 10.1.2.119 ...[13][10]<R-6:57:28 p.m.>#<R-6:57:29 p.m.>[13][10]Send config file to tftp server OK.[13][10][13][10]FGT60B3909602002 (global) # <W-6:57:29 p.m.>end<W-6:57:29 p.m.>[13]<R-6:57:29 p.m.>end<R-6:57:29 p.m.>[13][13][10][13][10]FGT60B3909602002 # <D 6:57:29 p.m.>
      <SCRIPT VALUES>
      <HOSTNAME="FGT60B3909602002">
      <PROMPT VTY="FGT60B3909602002 ">
      <PROMPT ENABLE="(global) #">
      <PROMPT CONFIG="">

       

      What do I need to do to get this working?

      Thanks,
      Dan