This article describes about the issue where exporting FortiManager system file through TFTP is not working.
FortiManager 6.x, 7.x
Can be replicated in lab FortiManager version 7.0.4.
Tried to export a FortiManager system file using tftp through command:
# execute fmupdate tftp fds-export 00000000FAIM00100 tftptest1 <LAB TFTP Server IP>
There is no output from FortiManager CLI.
Started packet capture on network > interface but do not see any packets being recorded. Even sniffer didn’t show any UDP packets.
Checked task monitor and found that task gets stuck at 5%.
Once the task is manually deleted from task monitor, below output from FortiManager CLI can be seen:
# execute fmupdate tftp fds-export 00000000FAIM00100 tftptest1 172.31.200.3 exporting '00000000FAIM00100', task(id=9546)... __wait_task 143: no task with id 9546, r=-3 export '00000000FAIM00100' done Start export file to TFTP Server... ##TFTP transfer is successful. Backup successfully.
However, on TFTP server, there is 0KB file which gets created with no information.
Also once task is manually deleted, packets being captured can be seen. Attaching pcap file named testlab_tftp
TEST WITH FTP
Confirmed FTP works fine.
# execute fmupdate ftp fds-export 00000000FAIM00100 xyza 172.31.200.3 \Temp fortinet fortinet exporting 'fds', task(id=9547)... 100%, task(id=9547,Object Export), done export 'fds' done Start sending file to FTP Server... Transferred 0.559M of 0.559M in 0:00:00s (14.925M/s) FTP transfer is successful. Backup successfully.
Also, proper packet capture can be seen in this case. Attaching pcap named testlab_ftp.
Checked on FTP server and can see file xyza being created.
The problem is resolved in 7.0.5 Firmware of FortiManager.
It is possible to export device stored FortiGuard signatures through TFTP as well as FTP. It is also explained in Release Notes for 7.0.5 firmware for FortiManager.