To back up the FortiGate configuration – CLI:

execute backup config management-station <comment>

… or …

execute backup config usb <backup_filename> [<backup_password>]

… or for FTP (note that port number, username are optional depending on the FTP site)…

execute backup config ftp <backup_filename> <ftp_server> [<port>] [<user_name>] [<password>]

… or for TFTP …

execute backup config tftp <backup_filename> <tftp_servers> <password>

Use the same commands to backup a VDOM configuration by first entering the commands:

config vdom

edit <vdom_name>

Backing up a configuration file using SCP

You can use secure copy protocol (SCP) to download the configuration file from the FortiGate unit as an alternative method of backing up the configuration file or an individual VDOM configuration file. This is done by enabling SCP for and administrator account and enabling SSH on a port used by the SCP client application to connect to the FortiGate unit. SCP is enabled using the CLI commands:

config system global set admin-scp enable

end

Use the same commands to backup a VDOM configuration by first entering the commands:

config global

set admin-scp enable end

config vdom

edit <vdom_name>