Import export

You can export and import full or partial device configuration across compatible devices of the same or different models. Device configuration is exported to a text file in human readable XML format. Update it offline, if required.

Secure storage master key

The secure storage master key provides extra protection for the account details stored on XG Firewall. The key encrypts sensitive information, such as passwords, secrets, and keys, preventing unauthorized access. The default administrator (username: admin) sets the secure storage master key.

You don't enter the master key when you export a configuration. To see how XG Firewall imports configurations and sensitive information, see the following table:

Table 1. Importing configurations

Scenario

Description

Configurations without the master key

You can export the configuration, and import it to the same firewall along with sensitive information and the dependent configurations if the firmware wasn't reset or reimaged after the export.

You won't be able to import sensitive information and dependent configurations if you're importing the configuration to the following devices:

  • A different XG Firewall.
  • The current device if you reset or reimaged its firmware after exporting the configuration.

You'll need to reenter or recreate the information later. You'll be able to import the rest of the configuration.

Configurations with the master key

You must enter the master key when you import the configuration to the following devices:

  • A different XG Firewall.
  • The current device if you reset or reimaged its firmware after exporting the configuration.

If you don't enter the master key when you're prompted, you can import the configuration, but you'll lose sensitive information and dependent configurations. For example, if you don't enter the master key when you import a configuration containing users and their dependent configurations, XG Firewall won't import the users and their dependent configurations.

You'll need to reenter or recreate the information later.

Configurations without sensitive information

When you import a configuration that doesn't contain sensitive information, you don't need to enter the master key.

Import

Import file

To select the complete path of the tar file to be imported, click the file selection button.

Import

Click to import the configuration on the device.

Device existing configuration will be preserved. Entities with same name in existing configuration will be updated with the imported entity configuration and new entities will be added.

For example:

If you have a network traffic quota policy with name “Daily 10 MB” in both the existing and imported configuration then the existing policy configuration will be updated with the imported configuration. Any new policies in the imported configuration will also get added.

Export

Export full configuration

Select to export all the entities configuration to a text file.

Export selective configuration

Select to export only selected entities configuration. Click Add new item to select entities and apply to add the selected entities.

Dependent entities for the selected entity will also be exported if Include dependent entity is selected.

To update a configuration using API, do the following:

  • Export the required configuration.
  • Extract the .xml file and make the required changes. For the configuration's API format, go to API help.
  • Compress the updated .xml file into a .tar file.
  • Import the .tar file to XG Firewall.
Export
Click to export the configuration from the device.

You must enter the secure storage master key if the configuration has one. If you don't enter the master key, you can't import sensitive information, such as passwords, and dependent configurations. You also lose sensitive information and the dependent configurations when you import configurations that don't have a master key.