fortinet.fortimanager.fmgr_fsp_vlan module – FortiSwitch VLAN template.
Note
This module is part of the fortinet.fortimanager collection (version 2.7.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install fortinet.fortimanager.
To use it in a playbook, specify: fortinet.fortimanager.fmgr_fsp_vlan.
New in fortinet.fortimanager 2.0.0
Synopsis
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
Parameters
Parameter |
Comments |
|---|---|
The token to access FortiManager without using username and password. |
|
The parameter (adom) in requested url. |
|
Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. Choices:
|
|
Enable/Disable logging for task. Choices:
|
|
Authenticate Ansible client with forticloud API access token. |
|
The top level parameters set. |
|
Deprecated, please rename it to _dhcp_status. Dhcp status. Choices:
|
|
Auth. Choices:
|
|
Color. |
|
Comments. |
|
Deprecated, please rename it to dhcp_server. Dhcp server. |
|
Deprecated, please rename it to auto_configuration. Enable/disable auto configuration. Choices:
|
|
Deprecated, please rename it to auto_managed_status. Enable/disable use of this DHCP server once this interface ha… Choices:
|
|
Deprecated, please rename it to conflicted_ip_timeout. Time in seconds to wait after a conflicted IP address is re… |
|
Deprecated, please rename it to ddns_auth. DDNS authentication mode. Choices:
|
|
(list or str) Deprecated, please rename it to ddns_key. DDNS update key |
|
Deprecated, please rename it to ddns_keyname. DDNS update key name. |
|
Deprecated, please rename it to ddns_server_ip. DDNS server IP. |
|
Deprecated, please rename it to ddns_ttl. TTL. |
|
Deprecated, please rename it to ddns_update. Enable/disable DDNS update for DHCP. Choices:
|
|
Deprecated, please rename it to ddns_update_override. Enable/disable DDNS update override for DHCP. Choices:
|
|
Deprecated, please rename it to ddns_zone. Zone of your domain name |
|
Deprecated, please rename it to default_gateway. Default gateway IP address assigned by the DHCP server. |
|
Deprecated, please rename it to dhcp_settings_from_fortiipam. Enable/disable populating of DHCP server settings fr… Choices:
|
|
Deprecated, please rename it to dns_server1. DNS server 1. |
|
Deprecated, please rename it to dns_server2. DNS server 2. |
|
Deprecated, please rename it to dns_server3. DNS server 3. |
|
Deprecated, please rename it to dns_server4. DNS server 4. |
|
Deprecated, please rename it to dns_service. Options for assigning DNS servers to DHCP clients. Choices:
|
|
Domain name suffix for the IP addresses that the DHCP server assigns to clients. |
|
Enable. Choices:
|
|
Deprecated, please rename it to exclude_range. Exclude range. |
|
Deprecated, please rename it to end_ip. End of IP range. |
|
ID. |
|
Deprecated, please rename it to lease_time. Lease time in seconds, 0 means default lease time. |
|
Deprecated, please rename it to start_ip. Start of IP range. |
|
Deprecated, please rename it to uci_match. Enable/disable user class identifier Choices:
|
|
(list) Deprecated, please rename it to uci_string. One or more UCI strings in quotes separated by spaces. |
|
Deprecated, please rename it to vci_match. Enable/disable vendor class identifier Choices:
|
|
(list) Deprecated, please rename it to vci_string. One or more VCI strings in quotes separated by spaces. |
|
Name of the boot file on the TFTP server. |
|
Deprecated, please rename it to forticlient_on_net_status. Enable/disable FortiClient-On-Net service for this DHCP… Choices:
|
|
ID. |
|
Deprecated, please rename it to ip_mode. Method used to assign client IP. Choices:
|
|
Deprecated, please rename it to ip_range. Ip range. |
|
Deprecated, please rename it to end_ip. End of IP range. |
|
ID. |
|
Deprecated, please rename it to lease_time. Lease time in seconds, 0 means default lease time. |
|
Deprecated, please rename it to start_ip. Start of IP range. |
|
Deprecated, please rename it to uci_match. Enable/disable user class identifier Choices:
|
|
(list) Deprecated, please rename it to uci_string. One or more UCI strings in quotes separated by spaces. |
|
Deprecated, please rename it to vci_match. Enable/disable vendor class identifier Choices:
|
|
(list) Deprecated, please rename it to vci_string. One or more VCI strings in quotes separated by spaces. |
|
Deprecated, please rename it to ipsec_lease_hold. DHCP over IPsec leases expire this many seconds after tunnel down |
|
Deprecated, please rename it to lease_time. Lease time in seconds, 0 means unlimited. |
|
Deprecated, please rename it to mac_acl_default_action. MAC access control default action Choices:
|
|
Netmask assigned by the DHCP server. |
|
Deprecated, please rename it to next_server. IP address of a server |
|
Deprecated, please rename it to ntp_server1. NTP server 1. |
|
Deprecated, please rename it to ntp_server2. NTP server 2. |
|
Deprecated, please rename it to ntp_server3. NTP server 3. |
|
Deprecated, please rename it to ntp_service. Options for assigning Network Time Protocol Choices:
|
|
(list) Option1. |
|
(list) Option2. |
|
(list) Option3. |
|
Option4. |
|
Option5. |
|
Option6. |
|
Options. |
|
DHCP option code. |
|
ID. |
|
(list) DHCP option IPs. |
|
DHCP option type. Choices:
|
|
Deprecated, please rename it to uci_match. Enable/disable user class identifier Choices:
|
|
(list) Deprecated, please rename it to uci_string. One or more UCI strings in quotes separated by spaces. |
|
DHCP option value. |
|
Deprecated, please rename it to vci_match. Enable/disable vendor class identifier Choices:
|
|
(list) Deprecated, please rename it to vci_string. One or more VCI strings in quotes separated by spaces. |
|
Deprecated, please rename it to relay_agent. Relay agent IP. |
|
Deprecated, please rename it to reserved_address. Reserved address. |
|
Options for the DHCP server to configure the client with the reserved MAC address. Choices:
|
|
Deprecated, please rename it to circuit_id. Option 82 circuit-ID of the client that will get the reserved … |
|
Deprecated, please rename it to circuit_id_type. DHCP option type. Choices:
|
|
Description. |
|
ID. |
|
IP address to be reserved for the MAC address. |
|
MAC address of the client that will get the reserved IP address. |
|
Deprecated, please rename it to remote_id. Option 82 remote-ID of the client that will get the reserved IP… |
|
Deprecated, please rename it to remote_id_type. DHCP option type. Choices:
|
|
DHCP reserved-address type. Choices:
|
|
Deprecated, please rename it to server_type. DHCP server can be a normal DHCP server or an IPsec DHCP server. Choices:
|
|
Deprecated, please rename it to shared_subnet. Enable/disable shared subnet. Choices:
|
|
Enable/disable this DHCP configuration. Choices:
|
|
(list) Deprecated, please rename it to tftp_server. One or more hostnames or IP addresses of the TFTP servers in q… |
|
Select the time zone to be assigned to DHCP clients. Choices:
|
|
Deprecated, please rename it to timezone_option. Options for the DHCP server to set the clients time zone. Choices:
|
|
Deprecated, please rename it to vci_match. Enable/disable vendor class identifier Choices:
|
|
(list) Deprecated, please rename it to vci_string. One or more VCI strings in quotes separated by spaces. |
|
Deprecated, please rename it to wifi_ac_service. Options for assigning WiFi Access Controllers to DHCP clients Choices:
|
|
Deprecated, please rename it to wifi_ac1. WiFi Access Controller 1 IP address |
|
Deprecated, please rename it to wifi_ac2. WiFi Access Controller 2 IP address |
|
Deprecated, please rename it to wifi_ac3. WiFi Access Controller 3 IP address |
|
Deprecated, please rename it to wins_server1. WINS server 1. |
|
Deprecated, please rename it to wins_server2. WINS server 2. |
|
Dynamic mapping. |
|
Deprecated, please rename it to _dhcp_status. Dhcp status. Choices:
|
|
Scope. |
|
Name. |
|
Vdom. |
|
Deprecated, please rename it to dhcp_server. Dhcp server. |
|
Deprecated, please rename it to auto_configuration. Enable/disable auto configuration. Choices:
|
|
Deprecated, please rename it to auto_managed_status. Enable/disable use of this DHCP server once this inte… Choices:
|
|
Deprecated, please rename it to conflicted_ip_timeout. Time in seconds to wait after a conflicted IP addre… |
|
Deprecated, please rename it to ddns_auth. DDNS authentication mode. Choices:
|
|
(list or str) Deprecated, please rename it to ddns_key. DDNS update key |
|
Deprecated, please rename it to ddns_keyname. DDNS update key name. |
|
Deprecated, please rename it to ddns_server_ip. DDNS server IP. |
|
Deprecated, please rename it to ddns_ttl. TTL. |
|
Deprecated, please rename it to ddns_update. Enable/disable DDNS update for DHCP. Choices:
|
|
Deprecated, please rename it to ddns_update_override. Enable/disable DDNS update override for DHCP. Choices:
|
|
Deprecated, please rename it to ddns_zone. Zone of your domain name |
|
Deprecated, please rename it to default_gateway. Default gateway IP address assigned by the DHCP server. |
|
Deprecated, please rename it to dhcp_settings_from_fortiipam. Enable/disable populating of DHCP server set… Choices:
|
|
Deprecated, please rename it to dns_server1. DNS server 1. |
|
Deprecated, please rename it to dns_server2. DNS server 2. |
|
Deprecated, please rename it to dns_server3. DNS server 3. |
|
Deprecated, please rename it to dns_server4. DNS server 4. |
|
Deprecated, please rename it to dns_service. Options for assigning DNS servers to DHCP clients. Choices:
|
|
Domain name suffix for the IP addresses that the DHCP server assigns to clients. |
|
Enable. Choices:
|
|
Deprecated, please rename it to exclude_range. Exclude range. |
|
Deprecated, please rename it to end_ip. End of IP range. |
|
ID. |
|
Deprecated, please rename it to lease_time. Lease time in seconds, 0 means default lease time. |
|
Deprecated, please rename it to start_ip. Start of IP range. |
|
Deprecated, please rename it to uci_match. Enable/disable user class identifier Choices:
|
|
(list) Deprecated, please rename it to uci_string. One or more UCI strings in quotes separated by … |
|
Deprecated, please rename it to vci_match. Enable/disable vendor class identifier Choices:
|
|
(list) Deprecated, please rename it to vci_string. One or more VCI strings in quotes separated by … |
|
Name of the boot file on the TFTP server. |
|
Deprecated, please rename it to forticlient_on_net_status. Enable/disable FortiClient-On-Net service for t… Choices:
|
|
ID. |
|
Deprecated, please rename it to ip_mode. Method used to assign client IP. Choices:
|
|
Deprecated, please rename it to ip_range. Ip range. |
|
Deprecated, please rename it to end_ip. End of IP range. |
|
ID. |
|
Deprecated, please rename it to lease_time. Lease time in seconds, 0 means default lease time. |
|
Deprecated, please rename it to start_ip. Start of IP range. |
|
Deprecated, please rename it to uci_match. Enable/disable user class identifier Choices:
|
|
(list) Deprecated, please rename it to uci_string. One or more UCI strings in quotes separated by … |
|
Deprecated, please rename it to vci_match. Enable/disable vendor class identifier Choices:
|
|
(list) Deprecated, please rename it to vci_string. One or more VCI strings in quotes separated by … |
|
Deprecated, please rename it to ipsec_lease_hold. DHCP over IPsec leases expire this many seconds after tu… |
|
Deprecated, please rename it to lease_time. Lease time in seconds, 0 means unlimited. |
|
Deprecated, please rename it to mac_acl_default_action. MAC access control default action Choices:
|
|
Netmask assigned by the DHCP server. |
|
Deprecated, please rename it to next_server. IP address of a server |
|
Deprecated, please rename it to ntp_server1. NTP server 1. |
|
Deprecated, please rename it to ntp_server2. NTP server 2. |
|
Deprecated, please rename it to ntp_server3. NTP server 3. |
|
Deprecated, please rename it to ntp_service. Options for assigning Network Time Protocol Choices:
|
|
(list) Option1. |
|
(list) Option2. |
|
(list) Option3. |
|
Option4. |
|
Option5. |
|
Option6. |
|
Options. |
|
DHCP option code. |
|
ID. |
|
(list) DHCP option IPs. |
|
DHCP option type. Choices:
|
|
Deprecated, please rename it to uci_match. Enable/disable user class identifier Choices:
|
|
(list) Deprecated, please rename it to uci_string. One or more UCI strings in quotes separated by … |
|
DHCP option value. |
|
Deprecated, please rename it to vci_match. Enable/disable vendor class identifier Choices:
|
|
(list) Deprecated, please rename it to vci_string. One or more VCI strings in quotes separated by … |
|
Deprecated, please rename it to relay_agent. Relay agent IP. |
|
Deprecated, please rename it to reserved_address. Reserved address. |
|
Options for the DHCP server to configure the client with the reserved MAC address. Choices:
|
|
Deprecated, please rename it to circuit_id. Option 82 circuit-ID of the client that will get the r… |
|
Deprecated, please rename it to circuit_id_type. DHCP option type. Choices:
|
|
Description. |
|
ID. |
|
IP address to be reserved for the MAC address. |
|
MAC address of the client that will get the reserved IP address. |
|
Deprecated, please rename it to remote_id. Option 82 remote-ID of the client that will get the res… |
|
Deprecated, please rename it to remote_id_type. DHCP option type. Choices:
|
|
DHCP reserved-address type. Choices:
|
|
Deprecated, please rename it to server_type. DHCP server can be a normal DHCP server or an IPsec DHCP server. Choices:
|
|
Deprecated, please rename it to shared_subnet. Enable/disable shared subnet. Choices:
|
|
Enable/disable this DHCP configuration. Choices:
|
|
(list) Deprecated, please rename it to tftp_server. One or more hostnames or IP addresses of the TFTP serv… |
|
Select the time zone to be assigned to DHCP clients. Choices:
|
|
Deprecated, please rename it to timezone_option. Options for the DHCP server to set the clients time zone. Choices:
|
|
Deprecated, please rename it to vci_match. Enable/disable vendor class identifier Choices:
|
|
(list) Deprecated, please rename it to vci_string. One or more VCI strings in quotes separated by spaces. |
|
Deprecated, please rename it to wifi_ac_service. Options for assigning WiFi Access Controllers to DHCP clients Choices:
|
|
Deprecated, please rename it to wifi_ac1. WiFi Access Controller 1 IP address |
|
Deprecated, please rename it to wifi_ac2. WiFi Access Controller 2 IP address |
|
Deprecated, please rename it to wifi_ac3. WiFi Access Controller 3 IP address |
|
Deprecated, please rename it to wins_server1. WINS server 1. |
|
Deprecated, please rename it to wins_server2. WINS server 2. |
|
Interface. |
|
Deprecated, please rename it to dhcp_relay_agent_option. Dhcp relay agent option. Choices:
|
|
Deprecated, please rename it to dhcp_relay_interface_select_method. Dhcp relay interface select method. Choices:
|
|
(list) Deprecated, please rename it to dhcp_relay_ip. Dhcp relay ip. |
|
Deprecated, please rename it to dhcp_relay_service. Dhcp relay service. Choices:
|
|
Deprecated, please rename it to dhcp_relay_type. Dhcp relay type. Choices:
|
|
Ip. |
|
Ipv6. |
|
Enable/disable address auto config. Choices:
|
|
Deprecated, please rename it to cli_conn6_status. Cli conn6 status. |
|
Deprecated, please rename it to dhcp6_client_options. Dhcp6 client options. Choices:
|
|
Deprecated, please rename it to dhcp6_information_request. Enable/disable DHCPv6 information request. Choices:
|
|
Deprecated, please rename it to dhcp6_prefix_delegation. Enable/disable DHCPv6 prefix delegation. Choices:
|
|
Deprecated, please rename it to dhcp6_prefix_hint. DHCPv6 prefix that will be used as a hint to th… |
|
Deprecated, please rename it to dhcp6_prefix_hint_plt. DHCPv6 prefix hint preferred life time |
|
Deprecated, please rename it to dhcp6_prefix_hint_vlt. DHCPv6 prefix hint valid life time |
|
Deprecated, please rename it to dhcp6_relay_interface_id. DHCP6 relay interface ID. |
|
Deprecated, please rename it to dhcp6_relay_ip. DHCPv6 relay IP address. |
|
Deprecated, please rename it to dhcp6_relay_service. Enable/disable DHCPv6 relay. Choices:
|
|
Deprecated, please rename it to dhcp6_relay_source_interface. Enable/disable use of address on thi… Choices:
|
|
Deprecated, please rename it to dhcp6_relay_source_ip. IPv6 address used by the DHCP6 relay as its… |
|
Deprecated, please rename it to dhcp6_relay_type. DHCPv6 relay type. Choices:
|
|
Deprecated, please rename it to icmp6_send_redirect. Enable/disable sending of ICMPv6 redirects. Choices:
|
|
Deprecated, please rename it to interface_identifier. IPv6 interface identifier. |
|
Deprecated, please rename it to ip6_address. Primary IPv6 address prefix, syntax |
|
Deprecated, please rename it to ip6_allowaccess. Allow management access to the interface. Choices:
|
|
Deprecated, please rename it to ip6_default_life. Default life |
|
Deprecated, please rename it to ip6_delegated_prefix_iaid. IAID of obtained delegated-prefix from … |
|
Deprecated, please rename it to ip6_delegated_prefix_list. Ip6 delegated prefix list. |
|
Deprecated, please rename it to autonomous_flag. Enable/disable the autonomous flag. Choices:
|
|
Deprecated, please rename it to delegated_prefix_iaid. IAID of obtained delegated-prefix f… |
|
Deprecated, please rename it to onlink_flag. Enable/disable the onlink flag. Choices:
|
|
Deprecated, please rename it to prefix_id. Prefix ID. |
|
(list) Recursive DNS server option. |
|
Deprecated, please rename it to rdnss_service. Recursive DNS service option. Choices:
|
|
Add subnet ID to routing prefix. |
|
Deprecated, please rename it to upstream_interface. Name of the interface that provides de… |
|
Deprecated, please rename it to ip6_dns_server_override. Enable/disable using the DNS server acqui… Choices:
|
|
Deprecated, please rename it to ip6_extra_addr. Ip6 extra addr. |
|
IPv6 address prefix. |
|
Deprecated, please rename it to ip6_hop_limit. Hop limit |
|
Deprecated, please rename it to ip6_link_mtu. IPv6 link MTU. |
|
Deprecated, please rename it to ip6_manage_flag. Enable/disable the managed flag. Choices:
|
|
Deprecated, please rename it to ip6_max_interval. IPv6 maximum interval |
|
Deprecated, please rename it to ip6_min_interval. IPv6 minimum interval |
|
Deprecated, please rename it to ip6_mode. Addressing mode Choices:
|
|
Deprecated, please rename it to ip6_other_flag. Enable/disable the other IPv6 flag. Choices:
|
|
Deprecated, please rename it to ip6_prefix_list. Ip6 prefix list. |
|
Deprecated, please rename it to autonomous_flag. Enable/disable the autonomous flag. Choices:
|
|
(list) DNS search list option. |
|
Deprecated, please rename it to onlink_flag. Enable/disable the onlink flag. Choices:
|
|
Deprecated, please rename it to preferred_life_time. Preferred life time |
|
IPv6 prefix. |
|
(list) Recursive DNS server option. |
|
Deprecated, please rename it to valid_life_time. Valid life time |
|
Deprecated, please rename it to ip6_prefix_mode. Assigning a prefix from DHCP or RA. Choices:
|
|
Deprecated, please rename it to ip6_reachable_time. IPv6 reachable time |
|
Deprecated, please rename it to ip6_retrans_time. IPv6 retransmit time |
|
Deprecated, please rename it to ip6_send_adv. Enable/disable sending advertisements about the inte… Choices:
|
|
Deprecated, please rename it to ip6_subnet. Subnet to routing prefix, syntax |
|
Deprecated, please rename it to ip6_upstream_interface. Interface name providing delegated informa… |
|
Deprecated, please rename it to nd_cert. Neighbor discovery certificate. |
|
Deprecated, please rename it to nd_cga_modifier. Neighbor discovery CGA modifier. |
|
Deprecated, please rename it to nd_mode. Neighbor discovery mode. Choices:
|
|
Deprecated, please rename it to nd_security_level. Neighbor discovery security level |
|
Deprecated, please rename it to nd_timestamp_delta. Neighbor discovery timestamp delta value |
|
Deprecated, please rename it to nd_timestamp_fuzz. Neighbor discovery timestamp fuzz factor |
|
Deprecated, please rename it to ra_send_mtu. Enable/disable sending link MTU in RA packet. Choices:
|
|
Deprecated, please rename it to unique_autoconf_addr. Enable/disable unique auto config address. Choices:
|
|
Link-local IPv6 address of virtual router. |
|
Deprecated, please rename it to vrrp_virtual_mac6. Enable/disable virtual MAC for VRRP. Choices:
|
|
Vrrp6. |
|
Deprecated, please rename it to accept_mode. Enable/disable accept mode. Choices:
|
|
Deprecated, please rename it to adv_interval. Advertisement interval |
|
Deprecated, please rename it to ignore_default_route. Enable/disable ignoring of default r… Choices:
|
|
Enable/disable preempt mode. Choices:
|
|
Priority of the virtual router |
|
Deprecated, please rename it to start_time. Startup time |
|
Enable/disable VRRP. Choices:
|
|
Deprecated, please rename it to vrdst_priority. Priority of the virtual router when the vi… |
|
Monitor the route to this destination. |
|
VRRP group ID |
|
Virtual router identifier |
|
IPv6 address of the virtual router. |
|
Deprecated, please rename it to secondary_IP. Secondary IP. Choices:
|
|
Secondaryip. |
|
Management access settings for the secondary IP address. Choices:
|
|
Protocols used to detect the server. Choices:
|
|
Gateways ping server for this IP. |
|
Enable/disable detect gateway alive for first. Choices:
|
|
Deprecated, please rename it to ha_priority. HA election priority for the PING server. |
|
ID. |
|
Secondary IP address of the interface. |
|
Deprecated, please rename it to ping_serv_status. Ping serv status. |
|
Deprecated, please rename it to secip_relay_ip. DHCP relay IP address. |
|
Seq. |
|
Vlanid. |
|
Vrrp. |
|
Deprecated, please rename it to accept_mode. Enable/disable accept mode. Choices:
|
|
Deprecated, please rename it to adv_interval. Advertisement interval |
|
Deprecated, please rename it to ignore_default_route. Enable/disable ignoring of default route whe… Choices:
|
|
Enable/disable preempt mode. Choices:
|
|
Priority of the virtual router |
|
Deprecated, please rename it to proxy_arp. Proxy arp. |
|
ID. |
|
Set IP addresses of proxy ARP. |
|
Deprecated, please rename it to start_time. Startup time |
|
Enable/disable this VRRP configuration. Choices:
|
|
VRRP version. Choices:
|
|
(list) Monitor the route to this destination. |
|
Deprecated, please rename it to vrdst_priority. Priority of the virtual router when the virtual ro… |
|
VRRP group ID |
|
Virtual router identifier |
|
IP address of the virtual router. |
|
Interface. |
|
Deprecated, please rename it to ac_name. PPPoE server name. |
|
Aggregate. |
|
Deprecated, please rename it to aggregate_type. Type of aggregation. Choices:
|
|
Frame distribution algorithm. Choices:
|
|
Alias will be displayed with the interface name to make it easier to distinguish. |
|
Permitted types of management access to this interface. Choices:
|
|
Set xDSL annex type. Choices:
|
|
Deprecated, please rename it to ap_discover. Enable/disable automatic registration of unknown FortiAP devices. Choices:
|
|
Enable/disable ARP forwarding. Choices:
|
|
Deprecated, please rename it to atm_protocol. ATM protocol. Choices:
|
|
Deprecated, please rename it to auth_cert. HTTPS server certificate. |
|
Deprecated, please rename it to auth_portal_addr. Address of captive portal. |
|
Deprecated, please rename it to auth_type. PPP authentication type to use. Choices:
|
|
Deprecated, please rename it to auto_auth_extension_device. Enable/disable automatic authorization of dedicated Fo… Choices:
|
|
Deprecated, please rename it to bandwidth_measure_time. Bandwidth measure time |
|
Bidirectional Forwarding Detection Choices:
|
|
Deprecated, please rename it to bfd_desired_min_tx. BFD desired minimal transmit interval. |
|
Deprecated, please rename it to bfd_detect_mult. BFD detection multiplier. |
|
Deprecated, please rename it to bfd_required_min_rx. BFD required minimal receive interval. |
|
Deprecated, please rename it to broadcast_forticlient_discovery. Enable/disable broadcasting FortiClient discovery… Choices:
|
|
Deprecated, please rename it to broadcast_forward. Enable/disable broadcast forwarding. Choices:
|
|
Deprecated, please rename it to captive_portal. Enable/disable captive portal. |
|
Deprecated, please rename it to cli_conn_status. Cli conn status. |
|
Color of icon on the GUI. |
|
Ddns. Choices:
|
|
Deprecated, please rename it to ddns_auth. Ddns auth. Choices:
|
|
Deprecated, please rename it to ddns_domain. Ddns domain. |
|
(list or str) Deprecated, please rename it to ddns_key. Ddns key. |
|
Deprecated, please rename it to ddns_keyname. Ddns keyname. |
|
(list) Deprecated, please rename it to ddns_password. Ddns password. |
|
Deprecated, please rename it to ddns_server. Ddns server. Choices:
|
|
Deprecated, please rename it to ddns_server_ip. Ddns server ip. |
|
Deprecated, please rename it to ddns_sn. Ddns sn. |
|
Deprecated, please rename it to ddns_ttl. Ddns ttl. |
|
Deprecated, please rename it to ddns_username. Ddns username. |
|
Deprecated, please rename it to ddns_zone. Ddns zone. |
|
Deprecated, please rename it to dedicated_to. Configure interface for single purpose. Choices:
|
|
Deprecated, please rename it to default_purdue_level. Default purdue level of device detected on this interface. Choices:
|
|
Enable to get the gateway IP from the DHCP or PPPoE server. Choices:
|
|
Description. |
|
Deprecated, please rename it to detected_peer_mtu. Detected peer mtu. |
|
Protocols used to detect the server. Choices:
|
|
Gateways ping server for this IP. |
|
(list or str) Deprecated, please rename it to device_access_list. Device access list. |
|
Deprecated, please rename it to device_identification. Enable/disable passively gathering of device identity infor… Choices:
|
|
Deprecated, please rename it to device_identification_active_scan. Enable/disable active gathering of device ident… Choices:
|
|
Deprecated, please rename it to device_netscan. Enable/disable inclusion of devices detected on this interface in … Choices:
|
|
Deprecated, please rename it to device_user_identification. Enable/disable passive gathering of user identity info… Choices:
|
|
Devindex. |
|
Deprecated, please rename it to dhcp_broadcast_flag. Enable/disable setting of the broadcast flag in messages sent… Choices:
|
|
Deprecated, please rename it to dhcp_classless_route_addition. Enable/disable addition of classless static routes … Choices:
|
|
Deprecated, please rename it to dhcp_client_identifier. DHCP client identifier. |
|
Deprecated, please rename it to dhcp_relay_agent_option. Enable/disable DHCP relay agent option. Choices:
|
|
Deprecated, please rename it to dhcp_relay_allow_no_end_option. Enable/disable relaying DHCP messages with no end … Choices:
|
|
Deprecated, please rename it to dhcp_relay_circuit_id. DHCP relay circuit ID. |
|
Deprecated, please rename it to dhcp_relay_interface. Specify outgoing interface to reach server. |
|
Deprecated, please rename it to dhcp_relay_interface_select_method. Specify how to select outgoing interface to re… Choices:
|
|
(list) Deprecated, please rename it to dhcp_relay_ip. DHCP relay IP address. |
|
Deprecated, please rename it to dhcp_relay_link_selection. DHCP relay link selection. |
|
Deprecated, please rename it to dhcp_relay_request_all_server. Enable/disable sending of DHCP requests to all servers. Choices:
|
|
Deprecated, please rename it to dhcp_relay_service. Enable/disable allowing this interface to act as a DHCP relay. Choices:
|
|
Deprecated, please rename it to dhcp_relay_source_ip. IP address used by the DHCP relay as its source IP. |
|
Deprecated, please rename it to dhcp_relay_type. DHCP relay type Choices:
|
|
Deprecated, please rename it to dhcp_renew_time. DHCP renew time in seconds |
|
Deprecated, please rename it to dhcp_smart_relay. Enable/disable DHCP smart relay. Choices:
|
|
Deprecated, please rename it to disc_retry_timeout. Time in seconds to wait before retrying to start a PPPoE disco… |
|
Deprecated, please rename it to disconnect_threshold. Time in milliseconds to wait before sending a notification t… |
|
Distance for routes learned through PPPoE or DHCP, lower distance indicates preferred route. |
|
Deprecated, please rename it to dns_query. Dns query. Choices:
|
|
Deprecated, please rename it to dns_server_override. Enable/disable use DNS acquired by DHCP or PPPoE. Choices:
|
|
Deprecated, please rename it to dns_server_protocol. DNS transport protocols. Choices:
|
|
Deprecated, please rename it to drop_fragment. Enable/disable drop fragment packets. Choices:
|
|
Deprecated, please rename it to drop_overlapped_fragment. Enable/disable drop overlapped fragment packets. Choices:
|
|
Deprecated, please rename it to eap_ca_cert. EAP CA certificate name. |
|
Deprecated, please rename it to eap_identity. EAP identity. |
|
Deprecated, please rename it to eap_method. EAP method. Choices:
|
|
(list) Deprecated, please rename it to eap_password. EAP password. |
|
Deprecated, please rename it to eap_supplicant. Enable/disable EAP-Supplicant. Choices:
|
|
Deprecated, please rename it to eap_user_cert. EAP user certificate name. |
|
Deprecated, please rename it to egress_cos. Override outgoing CoS in user VLAN tag. Choices:
|
|
Deprecated, please rename it to egress_shaping_profile. Outgoing traffic shaping profile. |
|
Eip. |
|
Deprecated, please rename it to endpoint_compliance. Enable/disable endpoint compliance enforcement. Choices:
|
|
Deprecated, please rename it to estimated_downstream_bandwidth. Estimated maximum downstream bandwidth |
|
Deprecated, please rename it to estimated_upstream_bandwidth. Estimated maximum upstream bandwidth |
|
Deprecated, please rename it to explicit_ftp_proxy. Enable/disable the explicit FTP proxy on this interface. Choices:
|
|
Deprecated, please rename it to explicit_web_proxy. Enable/disable the explicit web proxy on this interface. Choices:
|
|
Enable/disable identifying the interface as an external interface Choices:
|
|
Deprecated, please rename it to fail_action_on_extender. Action on extender when interface fail . Choices:
|
|
(list or str) Deprecated, please rename it to fail_alert_interfaces. Names of the FortiGate interfaces to which th… |
|
Deprecated, please rename it to fail_alert_method. Select link-failed-signal or link-down method to alert about a … Choices:
|
|
Deprecated, please rename it to fail_detect. Enable/disable fail detection features for this interface. Choices:
|
|
Deprecated, please rename it to fail_detect_option. Options for detecting that this interface has failed. Choices:
|
|
Fdp. Choices:
|
|
Enable/disable FortiHeartBeat Choices:
|
|
Enable FortiLink to dedicate this interface to manage other Fortinet devices. Choices:
|
|
Deprecated, please rename it to fortilink_backup_link. Fortilink backup link. |
|
Deprecated, please rename it to fortilink_neighbor_detect. Protocol for FortiGate neighbor discovery. Choices:
|
|
Deprecated, please rename it to fortilink_split_interface. Enable/disable FortiLink split interface to connect mem… Choices:
|
|
Deprecated, please rename it to fortilink_stacking. Enable/disable FortiLink switch-stacking on this interface. Choices:
|
|
Deprecated, please rename it to forward_domain. Transparent mode forward domain. |
|
Deprecated, please rename it to forward_error_correction. Enable/disable forward error correction Choices:
|
|
Deprecated, please rename it to fp_anomaly. Pass or drop different types of anomalies using Fastpath Choices:
|
|
Deprecated, please rename it to fp_disable. Fp disable. Choices:
|
|
Deprecated, please rename it to gateway_address. Gateway address |
|
Deprecated, please rename it to generic_receive_offload. Generic receive offload. Choices:
|
|
Deprecated, please rename it to gi_gk. Enable/disable Gi Gatekeeper. Choices:
|
|
Gateway address |
|
Enable/disable detect gateway alive for first. Choices:
|
|
Deprecated, please rename it to ha_priority. HA election priority for the PING server. |
|
Deprecated, please rename it to icmp_accept_redirect. Enable/disable ICMP accept redirect. Choices:
|
|
Deprecated, please rename it to icmp_redirect. Enable/disable ICMP redirect. Choices:
|
|
Deprecated, please rename it to icmp_send_redirect. Enable/disable sending of ICMP redirects. Choices:
|
|
Deprecated, please rename it to ident_accept. Enable/disable authentication for this interface. Choices:
|
|
Deprecated, please rename it to idle_timeout. PPPoE auto disconnect after idle timeout seconds, 0 means no timeout. |
|
Deprecated, please rename it to if_mdix. Interface MDIX mode Choices:
|
|
Deprecated, please rename it to if_media. Select interface media type Choices:
|
|
Deprecated, please rename it to ike_saml_server. Configure IKE authentication SAML server. |
|
Deprecated, please rename it to in_force_vlan_cos. In force vlan cos. |
|
Bandwidth limit for incoming traffic |
|
Deprecated, please rename it to ingress_cos. Override incoming CoS in user VLAN tag on VLAN interface or assign a … Choices:
|
|
Deprecated, please rename it to ingress_shaping_profile. Incoming traffic shaping profile. |
|
Deprecated, please rename it to ingress_spillover_threshold. Ingress Spillover threshold |
|
Deprecated, please rename it to interconnect_profile. Set interconnect profile. Choices:
|
|
Implicitly created. |
|
Interface IPv4 address and subnet mask, syntax |
|
Deprecated, please rename it to ip_managed_by_fortiipam. Enable/disable automatic IP address assignment of this in… Choices:
|
|
Enable/disable IP/MAC binding. Choices:
|
|
Deprecated, please rename it to ips_sniffer_mode. Enable/disable the use of this interface as a one-armed sniffer. Choices:
|
|
Unnumbered IP used for PPPoE interfaces for which no unique local address is provided. |
|
Ipv6. |
|
Enable/disable address auto config. Choices:
|
|
Deprecated, please rename it to cli_conn6_status. Cli conn6 status. |
|
Deprecated, please rename it to dhcp6_client_options. Dhcp6 client options. Choices:
|
|
Deprecated, please rename it to dhcp6_information_request. Enable/disable DHCPv6 information request. Choices:
|
|
Deprecated, please rename it to dhcp6_prefix_delegation. Enable/disable DHCPv6 prefix delegation. Choices:
|
|
Deprecated, please rename it to dhcp6_prefix_hint. DHCPv6 prefix that will be used as a hint to the upstre… |
|
Deprecated, please rename it to dhcp6_prefix_hint_plt. DHCPv6 prefix hint preferred life time |
|
Deprecated, please rename it to dhcp6_prefix_hint_vlt. DHCPv6 prefix hint valid life time |
|
Deprecated, please rename it to dhcp6_relay_interface_id. DHCP6 relay interface ID. |
|
Deprecated, please rename it to dhcp6_relay_ip. DHCPv6 relay IP address. |
|
Deprecated, please rename it to dhcp6_relay_service. Enable/disable DHCPv6 relay. Choices:
|
|
Deprecated, please rename it to dhcp6_relay_source_interface. Enable/disable use of address on this interf… Choices:
|
|
Deprecated, please rename it to dhcp6_relay_source_ip. IPv6 address used by the DHCP6 relay as its source IP. |
|
Deprecated, please rename it to dhcp6_relay_type. DHCPv6 relay type. Choices:
|
|
Deprecated, please rename it to icmp6_send_redirect. Enable/disable sending of ICMPv6 redirects. Choices:
|
|
Deprecated, please rename it to interface_identifier. IPv6 interface identifier. |
|
Deprecated, please rename it to ip6_address. Primary IPv6 address prefix, syntax |
|
Deprecated, please rename it to ip6_allowaccess. Allow management access to the interface. Choices:
|
|
Deprecated, please rename it to ip6_default_life. Default life |
|
Deprecated, please rename it to ip6_delegated_prefix_iaid. IAID of obtained delegated-prefix from the upst… |
|
Deprecated, please rename it to ip6_delegated_prefix_list. Ip6 delegated prefix list. |
|
Deprecated, please rename it to autonomous_flag. Enable/disable the autonomous flag. Choices:
|
|
Deprecated, please rename it to delegated_prefix_iaid. IAID of obtained delegated-prefix from the … |
|
Deprecated, please rename it to onlink_flag. Enable/disable the onlink flag. Choices:
|
|
Deprecated, please rename it to prefix_id. Prefix ID. |
|
(list) Recursive DNS server option. |
|
Deprecated, please rename it to rdnss_service. Recursive DNS service option. Choices:
|
|
Add subnet ID to routing prefix. |
|
Deprecated, please rename it to upstream_interface. Name of the interface that provides delegated … |
|
Deprecated, please rename it to ip6_dns_server_override. Enable/disable using the DNS server acquired by DHCP. Choices:
|
|
Deprecated, please rename it to ip6_extra_addr. Ip6 extra addr. |
|
IPv6 address prefix. |
|
Deprecated, please rename it to ip6_hop_limit. Hop limit |
|
Deprecated, please rename it to ip6_link_mtu. IPv6 link MTU. |
|
Deprecated, please rename it to ip6_manage_flag. Enable/disable the managed flag. Choices:
|
|
Deprecated, please rename it to ip6_max_interval. IPv6 maximum interval |
|
Deprecated, please rename it to ip6_min_interval. IPv6 minimum interval |
|
Deprecated, please rename it to ip6_mode. Addressing mode Choices:
|
|
Deprecated, please rename it to ip6_other_flag. Enable/disable the other IPv6 flag. Choices:
|
|
Deprecated, please rename it to ip6_prefix_list. Ip6 prefix list. |
|
Deprecated, please rename it to autonomous_flag. Enable/disable the autonomous flag. Choices:
|
|
(list) DNS search list option. |
|
Deprecated, please rename it to onlink_flag. Enable/disable the onlink flag. Choices:
|
|
Deprecated, please rename it to preferred_life_time. Preferred life time |
|
IPv6 prefix. |
|
(list) Recursive DNS server option. |
|
Deprecated, please rename it to valid_life_time. Valid life time |
|
Deprecated, please rename it to ip6_prefix_mode. Assigning a prefix from DHCP or RA. Choices:
|
|
Deprecated, please rename it to ip6_reachable_time. IPv6 reachable time |
|
Deprecated, please rename it to ip6_retrans_time. IPv6 retransmit time |
|
Deprecated, please rename it to ip6_send_adv. Enable/disable sending advertisements about the interface. Choices:
|
|
Deprecated, please rename it to ip6_subnet. Subnet to routing prefix, syntax |
|
Deprecated, please rename it to ip6_upstream_interface. Interface name providing delegated information. |
|
Deprecated, please rename it to nd_cert. Neighbor discovery certificate. |
|
Deprecated, please rename it to nd_cga_modifier. Neighbor discovery CGA modifier. |
|
Deprecated, please rename it to nd_mode. Neighbor discovery mode. Choices:
|
|
Deprecated, please rename it to nd_security_level. Neighbor discovery security level |
|
Deprecated, please rename it to nd_timestamp_delta. Neighbor discovery timestamp delta value |
|
Deprecated, please rename it to nd_timestamp_fuzz. Neighbor discovery timestamp fuzz factor |
|
Deprecated, please rename it to ra_send_mtu. Enable/disable sending link MTU in RA packet. Choices:
|
|
Deprecated, please rename it to unique_autoconf_addr. Enable/disable unique auto config address. Choices:
|
|
Link-local IPv6 address of virtual router. |
|
Deprecated, please rename it to vrrp_virtual_mac6. Enable/disable virtual MAC for VRRP. Choices:
|
|
Vrrp6. |
|
Deprecated, please rename it to accept_mode. Enable/disable accept mode. Choices:
|
|
Deprecated, please rename it to adv_interval. Advertisement interval |
|
Deprecated, please rename it to ignore_default_route. Enable/disable ignoring of default route whe… Choices:
|
|
Enable/disable preempt mode. Choices:
|
|
Priority of the virtual router |
|
Deprecated, please rename it to start_time. Startup time |
|
Enable/disable VRRP. Choices:
|
|
Deprecated, please rename it to vrdst_priority. Priority of the virtual router when the virtual ro… |
|
Monitor the route to this destination. |
|
VRRP group ID |
|
Virtual router identifier |
|
IPv6 address of the virtual router. |
|
Enable/disable l2 forwarding. Choices:
|
|
Deprecated, please rename it to l2tp_client. Enable/disable this interface as a Layer 2 Tunnelling Protocol Choices:
|
|
Deprecated, please rename it to lacp_ha_secondary. Lacp ha secondary. Choices:
|
|
Deprecated, please rename it to lacp_ha_slave. LACP HA slave. Choices:
|
|
Deprecated, please rename it to lacp_mode. LACP mode. Choices:
|
|
Deprecated, please rename it to lacp_speed. How often the interface sends LACP messages. Choices:
|
|
Deprecated, please rename it to large_receive_offload. Large receive offload. Choices:
|
|
Deprecated, please rename it to lcp_echo_interval. Time in seconds between PPPoE Link Control Protocol |
|
Deprecated, please rename it to lcp_max_echo_fails. Maximum missed LCP echo messages before disconnect. |
|
Deprecated, please rename it to link_up_delay. Number of milliseconds to wait before considering a link is up. |
|
Deprecated, please rename it to listen_forticlient_connection. Listen forticlient connection. Choices:
|
|
Deprecated, please rename it to lldp_network_policy. LLDP-MED network policy profile. |
|
Deprecated, please rename it to lldp_reception. Enable/disable Link Layer Discovery Protocol Choices:
|
|
Deprecated, please rename it to lldp_transmission. Enable/disable Link Layer Discovery Protocol Choices:
|
|
Log. Choices:
|
|
Change the interfaces MAC address. |
|
Deprecated, please rename it to managed_subnetwork_size. Number of IP addresses to be allocated by FortiIPAM and u… Choices:
|
|
Deprecated, please rename it to management_ip. High Availability in-band management IP address of this interface. |
|
Deprecated, please rename it to max_egress_burst_rate. Max egress burst rate |
|
Deprecated, please rename it to max_egress_rate. Max egress rate |
|
Deprecated, please rename it to measured_downstream_bandwidth. Measured downstream bandwidth |
|
Deprecated, please rename it to measured_upstream_bandwidth. Measured upstream bandwidth |
|
Select SFP media interface type Choices:
|
|
(list or str) Physical interfaces that belong to the aggregate or redundant interface. |
|
Deprecated, please rename it to min_links. Minimum number of aggregated ports that must be up. |
|
Deprecated, please rename it to min_links_down. Action to take when less than the configured minimum number of lin… Choices:
|
|
Deprecated, please rename it to mirroring_direction. Port mirroring direction. Choices:
|
|
Deprecated, please rename it to mirroring_port. Mirroring port. |
|
Addressing mode Choices:
|
|
Deprecated, please rename it to monitor_bandwidth. Enable monitoring bandwidth on this interface. Choices:
|
|
MTU value for this interface. |
|
Deprecated, please rename it to mtu_override. Enable to set a custom MTU for this interface. Choices:
|
|
Deprecated, please rename it to mux_type. Multiplexer type Choices:
|
|
Name. |
|
Enable/disable NDISC forwarding. Choices:
|
|
Deprecated, please rename it to netbios_forward. Enable/disable NETBIOS forwarding. Choices:
|
|
Deprecated, please rename it to netflow_sample_rate. NetFlow sample rate. |
|
Deprecated, please rename it to netflow_sampler. Enable/disable NetFlow on this interface and set the data that Ne… Choices:
|
|
Deprecated, please rename it to netflow_sampler_id. Netflow sampler ID. |
|
Deprecated, please rename it to np_qos_profile. NP QoS profile ID. |
|
Deprecated, please rename it to npu_fastpath. Npu fastpath. Choices:
|
|
Nst. Choices:
|
|
Deprecated, please rename it to out_force_vlan_cos. Out force vlan cos. |
|
Bandwidth limit for outgoing traffic |
|
Deprecated, please rename it to padt_retry_timeout. PPPoE Active Discovery Terminate |
|
(list) PPPoE accounts password. |
|
(list or str) Deprecated, please rename it to peer_interface. Peer interface. |
|
Deprecated, please rename it to phy_mode. DSL physical mode. Choices:
|
|
Deprecated, please rename it to ping_serv_status. Ping serv status. |
|
Enable/disable PoE status. Choices:
|
|
Deprecated, please rename it to polling_interval. SFlow polling interval |
|
Deprecated, please rename it to port_mirroring. Enable/disable NP port mirroring. Choices:
|
|
Deprecated, please rename it to pppoe_egress_cos. CoS in VLAN tag for outgoing PPPoE/PPP packets. Choices:
|
|
Deprecated, please rename it to pppoe_unnumbered_negotiate. Enable/disable PPPoE unnumbered negotiation. Choices:
|
|
Deprecated, please rename it to pptp_auth_type. PPTP authentication type. Choices:
|
|
Deprecated, please rename it to pptp_client. Enable/disable PPTP client. Choices:
|
|
(list) Deprecated, please rename it to pptp_password. PPTP password. |
|
Deprecated, please rename it to pptp_server_ip. PPTP server IP address. |
|
Deprecated, please rename it to pptp_timeout. Idle timer in minutes |
|
Deprecated, please rename it to pptp_user. PPTP user name. |
|
Deprecated, please rename it to preserve_session_route. Enable/disable preservation of session route when dirty. Choices:
|
|
Priority of learned routes. |
|
Deprecated, please rename it to priority_override. Enable/disable fail back to higher priority port once recovered. Choices:
|
|
Deprecated, please rename it to proxy_captive_portal. Enable/disable proxy captive portal on this interface. Choices:
|
|
Deprecated, please rename it to pvc_atm_qos. SFP-DSL ADSL Fallback PVC ATM QoS. Choices:
|
|
Deprecated, please rename it to pvc_chan. SFP-DSL ADSL Fallback PVC Channel. |
|
Deprecated, please rename it to pvc_crc. SFP-DSL ADSL Fallback PVC CRC Option |
|
Deprecated, please rename it to pvc_pcr. SFP-DSL ADSL Fallback PVC Packet Cell Rate in cells |
|
Deprecated, please rename it to pvc_scr. SFP-DSL ADSL Fallback PVC Sustainable Cell Rate in cells |
|
Deprecated, please rename it to pvc_vlan_id. SFP-DSL ADSL Fallback PVC VLAN ID. |
|
Deprecated, please rename it to pvc_vlan_rx_id. SFP-DSL ADSL Fallback PVC VLANID RX. |
|
Deprecated, please rename it to pvc_vlan_rx_op. SFP-DSL ADSL Fallback PVC VLAN RX op. Choices:
|
|
Deprecated, please rename it to pvc_vlan_tx_id. SFP-DSL ADSL Fallback PVC VLAN ID TX. |
|
Deprecated, please rename it to pvc_vlan_tx_op. SFP-DSL ADSL Fallback PVC VLAN TX op. Choices:
|
|
Deprecated, please rename it to reachable_time. IPv4 reachable time in milliseconds |
|
Deprecated, please rename it to redundant_interface. Redundant interface. |
|
Deprecated, please rename it to remote_ip. Remote IP address of tunnel. |
|
Deprecated, please rename it to replacemsg_override_group. Replacement message override group. |
|
Enable/disable DSL retransmission. Choices:
|
|
Deprecated, please rename it to ring_rx. RX ring size. |
|
Deprecated, please rename it to ring_tx. TX ring size. |
|
Interface role. Choices:
|
|
Deprecated, please rename it to sample_direction. Data that NetFlow collects Choices:
|
|
Deprecated, please rename it to sample_rate. SFlow sample rate |
|
Deprecated, please rename it to scan_botnet_connections. Enable monitoring or blocking connections to Botnet serve… Choices:
|
|
Deprecated, please rename it to secondary_IP. Enable/disable adding a secondary IP to this interface. Choices:
|
|
Secondaryip. |
|
Management access settings for the secondary IP address. Choices:
|
|
Protocols used to detect the server. Choices:
|
|
Gateways ping server for this IP. |
|
Enable/disable detect gateway alive for first. Choices:
|
|
Deprecated, please rename it to ha_priority. HA election priority for the PING server. |
|
ID. |
|
Secondary IP address of the interface. |
|
Deprecated, please rename it to ping_serv_status. Ping serv status. |
|
Deprecated, please rename it to secip_relay_ip. DHCP relay IP address. |
|
Seq. |
|
Deprecated, please rename it to security_8021x_dynamic_vlan_id. VLAN ID for virtual switch. |
|
Deprecated, please rename it to security_8021x_master. ‘802.’ |
|
Deprecated, please rename it to security_8021x_member_mode. ‘802.’ Choices:
|
|
Deprecated, please rename it to security_8021x_mode. ‘802.’ Choices:
|
|
Deprecated, please rename it to security_exempt_list. Name of security-exempt-list. |
|
Deprecated, please rename it to security_external_logout. URL of external authentication logout server. |
|
Deprecated, please rename it to security_external_web. URL of external authentication web server. |
|
(list or str) Deprecated, please rename it to security_groups. User groups that can authenticate with the captive … |
|
Deprecated, please rename it to security_ip_auth_bypass. Enable/disable IP authentication bypass. Choices:
|
|
Deprecated, please rename it to security_mac_auth_bypass. Enable/disable MAC authentication bypass. Choices:
|
|
Deprecated, please rename it to security_mode. Turn on captive portal authentication for this interface. Choices:
|
|
Deprecated, please rename it to security_redirect_url. URL redirection after disclaimer/authentication. |
|
Deprecated, please rename it to select_profile_30a_35b. Select VDSL Profile 30a or 35b. Choices:
|
|
Deprecated, please rename it to service_name. PPPoE service name. |
|
Deprecated, please rename it to sflow_sampler. Enable/disable sFlow on this interface. Choices:
|
|
Deprecated, please rename it to sfp_dsl. Enable/disable SFP DSL. Choices:
|
|
Deprecated, please rename it to sfp_dsl_adsl_fallback. Enable/disable SFP DSL ADSL fallback. Choices:
|
|
Deprecated, please rename it to sfp_dsl_autodetect. Enable/disable SFP DSL MAC address autodetect. Choices:
|
|
Deprecated, please rename it to sfp_dsl_mac. SFP DSL MAC address. |
|
Interface speed. Choices:
|
|
Deprecated, please rename it to spillover_threshold. Egress Spillover threshold |
|
Deprecated, please rename it to src_check. Enable/disable source IP check. Choices:
|
|
Bring the interface up or shut the interface down. Choices:
|
|
Enable/disable STP. Choices:
|
|
Deprecated, please rename it to stp_edge. Enable/disable as STP edge port. Choices:
|
|
Deprecated, please rename it to stp_ha_secondary. Control STP behaviour on HA secondary. Choices:
|
|
Deprecated, please rename it to stp_ha_slave. Control STP behaviour on HA slave. Choices:
|
|
Enable/disable STP forwarding. Choices:
|
|
Deprecated, please rename it to stpforward_mode. Configure STP forwarding mode. Choices:
|
|
Deprecated, please rename it to strip_priority_vlan_tag. Strip priority vlan tag. Choices:
|
|
Enable to always send packets from this interface to a destination MAC address. Choices:
|
|
Deprecated, please rename it to substitute_dst_mac. Destination MAC address that all packets are sent to from this… |
|
Deprecated, please rename it to sw_algorithm. Frame distribution algorithm for switch. Choices:
|
|
Deprecated, please rename it to swc_first_create. Initial create for switch-controller VLANs. |
|
Deprecated, please rename it to swc_vlan. Swc vlan. |
|
Switch. |
|
Deprecated, please rename it to switch_controller_access_vlan. Block FortiSwitch port-to-port traffic. Choices:
|
|
Deprecated, please rename it to switch_controller_arp_inspection. Enable/disable FortiSwitch ARP inspection. Choices:
|
|
Deprecated, please rename it to switch_controller_auth. Switch controller authentication. Choices:
|
|
Deprecated, please rename it to switch_controller_dhcp_snooping. Switch controller DHCP snooping. Choices:
|
|
Deprecated, please rename it to switch_controller_dhcp_snooping_option82. Switch controller DHCP snooping option82. Choices:
|
|
Deprecated, please rename it to switch_controller_dhcp_snooping_verify_mac. Switch controller DHCP snooping verify… Choices:
|
|
Deprecated, please rename it to switch_controller_dynamic. Integrated FortiLink settings for managed FortiSwitch. |
|
Deprecated, please rename it to switch_controller_feature. Interfaces purpose when assigning traffic Choices:
|
|
Deprecated, please rename it to switch_controller_igmp_snooping. Switch controller IGMP snooping. Choices:
|
|
Deprecated, please rename it to switch_controller_igmp_snooping_fast_leave. Switch controller IGMP snooping fast-l… Choices:
|
|
Deprecated, please rename it to switch_controller_igmp_snooping_proxy. Switch controller IGMP snooping proxy. Choices:
|
|
Deprecated, please rename it to switch_controller_iot_scanning. Enable/disable managed FortiSwitch IoT scanning. Choices:
|
|
Deprecated, please rename it to switch_controller_learning_limit. Limit the number of dynamic MAC addresses on thi… |
|
Deprecated, please rename it to switch_controller_mgmt_vlan. VLAN to use for FortiLink management purposes. |
|
Deprecated, please rename it to switch_controller_nac. Integrated NAC settings for managed FortiSwitch. |
|
Deprecated, please rename it to switch_controller_netflow_collect. NetFlow collection and processing. Choices:
|
|
Deprecated, please rename it to switch_controller_offload. Enable/disable managed FortiSwitch routing offload. Choices:
|
|
Deprecated, please rename it to switch_controller_offload_gw. Enable/disable managed FortiSwitch routing offload g… Choices:
|
|
Deprecated, please rename it to switch_controller_offload_ip. IP for routing offload on FortiSwitch. |
|
Deprecated, please rename it to switch_controller_offloading. Switch controller offloading. Choices:
|
|
Deprecated, please rename it to switch_controller_offloading_gw. Switch controller offloading gw. Choices:
|
|
Deprecated, please rename it to switch_controller_offloading_ip. Switch controller offloading ip. |
|
Deprecated, please rename it to switch_controller_radius_server. RADIUS server name for this FortiSwitch VLAN. |
|
Deprecated, please rename it to switch_controller_rspan_mode. Stop Layer2 MAC learning and interception of BPDUs a… Choices:
|
|
Deprecated, please rename it to switch_controller_source_ip. Source IP address used in FortiLink over L3 connections. Choices:
|
|
Deprecated, please rename it to switch_controller_traffic_policy. Switch controller traffic policy for the VLAN. |
|
Deprecated, please rename it to system_id. Define a system ID for the aggregate interface. |
|
Deprecated, please rename it to system_id_type. Method in which system ID is generated. Choices:
|
|
Deprecated, please rename it to tc_mode. DSL transfer mode. Choices:
|
|
Deprecated, please rename it to tcp_mss. TCP maximum segment size. |
|
Enable/disable VLAN trunk. Choices:
|
|
Deprecated, please rename it to trust_ip_1. Trusted host for dedicated management traffic |
|
Deprecated, please rename it to trust_ip_2. Trusted host for dedicated management traffic |
|
Deprecated, please rename it to trust_ip_3. Trusted host for dedicated management traffic |
|
Deprecated, please rename it to trust_ip6_1. Trusted IPv6 host for dedicated management traffic |
|
Deprecated, please rename it to trust_ip6_2. Trusted IPv6 host for dedicated management traffic |
|
Deprecated, please rename it to trust_ip6_3. Trusted IPv6 host for dedicated management traffic |
|
Interface type. Choices:
|
|
Username of the PPPoE account, provided by your ISP. |
|
Virtual Channel ID |
|
Enable/disable DSL vectoring. Choices:
|
|
Vindex. |
|
Deprecated, please rename it to virtual_mac. Change the interfaces virtual MAC address. |
|
Deprecated, please rename it to vlan_id. Vlan ID |
|
Deprecated, please rename it to vlan_op_mode. Configure DSL 802. Choices:
|
|
Deprecated, please rename it to vlan_protocol. Ethernet protocol of VLAN. Choices:
|
|
Enable/disable traffic forwarding between VLANs on this interface. Choices:
|
|
VLAN ID |
|
Virtual Path ID |
|
Virtual Routing Forwarding ID. |
|
Vrrp. |
|
Deprecated, please rename it to accept_mode. Enable/disable accept mode. Choices:
|
|
Deprecated, please rename it to adv_interval. Advertisement interval |
|
Deprecated, please rename it to ignore_default_route. Enable/disable ignoring of default route when checki… Choices:
|
|
Enable/disable preempt mode. Choices:
|
|
Priority of the virtual router |
|
Deprecated, please rename it to proxy_arp. Proxy arp. |
|
ID. |
|
Set IP addresses of proxy ARP. |
|
Deprecated, please rename it to start_time. Startup time |
|
Enable/disable this VRRP configuration. Choices:
|
|
VRRP version. Choices:
|
|
(list) Monitor the route to this destination. |
|
Deprecated, please rename it to vrdst_priority. Priority of the virtual router when the virtual router des… |
|
VRRP group ID |
|
Virtual router identifier |
|
IP address of the virtual router. |
|
Deprecated, please rename it to vrrp_virtual_mac. Enable/disable use of virtual MAC for VRRP. Choices:
|
|
Enable/disable WCCP on this interface. Choices:
|
|
Default weight for static routes |
|
Deprecated, please rename it to wifi_5g_threshold. Minimal signal strength to be considered as a good 5G AP. |
|
Deprecated, please rename it to wifi_acl. Access control for MAC addresses in the MAC list. Choices:
|
|
Deprecated, please rename it to wifi_ap_band. How to select the AP to connect. Choices:
|
|
Deprecated, please rename it to wifi_auth. WiFi authentication. Choices:
|
|
Deprecated, please rename it to wifi_auto_connect. Enable/disable WiFi network auto connect. Choices:
|
|
Deprecated, please rename it to wifi_auto_save. Enable/disable WiFi network automatic save. Choices:
|
|
Deprecated, please rename it to wifi_broadcast_ssid. Enable/disable SSID broadcast in the beacon. Choices:
|
|
Deprecated, please rename it to wifi_dns_server1. DNS server 1. |
|
Deprecated, please rename it to wifi_dns_server2. DNS server 2. |
|
Deprecated, please rename it to wifi_encrypt. Data encryption. Choices:
|
|
Deprecated, please rename it to wifi_fragment_threshold. WiFi fragment threshold |
|
Deprecated, please rename it to wifi_gateway. IPv4 default gateway IP address. |
|
(list) Deprecated, please rename it to wifi_key. WiFi WEP Key. |
|
Deprecated, please rename it to wifi_keyindex. WEP key index |
|
Deprecated, please rename it to wifi_mac_filter. Enable/disable MAC filter status. Choices:
|
|
(list) Deprecated, please rename it to wifi_passphrase. WiFi pre-shared key for WPA. |
|
Deprecated, please rename it to wifi_radius_server. WiFi RADIUS server for WPA. |
|
Deprecated, please rename it to wifi_rts_threshold. WiFi RTS threshold |
|
Deprecated, please rename it to wifi_security. Wireless access security of SSID. Choices:
|
|
Deprecated, please rename it to wifi_ssid. IEEE 802. |
|
Deprecated, please rename it to wifi_usergroup. WiFi user group for WPA. |
|
Deprecated, please rename it to wins_ip. WINS server IP. |
|
Name. |
|
Deprecated, please rename it to portal_message_override_group. Portal message override group. |
|
Deprecated, please rename it to radius_server. Radius server. |
|
Security. Choices:
|
|
Deprecated, please rename it to selected_usergroups. Selected usergroups. |
|
Usergroup. |
|
Vdom. |
|
Vlanid. |
|
The overridden method for the underlying Json RPC request. Choices:
|
|
The rc codes list with which the conditions to fail will be overriden. |
|
The rc codes list with which the conditions to succeed will be overriden. |
|
The directive to create, update or delete an object. Choices:
|
|
The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. |
|
The maximum time in seconds to wait for other user to release the workspace lock. Default: |
Notes
Note
Starting in version 2.4.0, all input arguments are named using the underscore naming convention (snake_case). Please change the arguments such as “var-name” to “var_name”. Old argument names are still available yet you will receive deprecation warnings. You can ignore this warning by setting deprecation_warnings=False in ansible.cfg.
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state present directive.
To delete an object, use state absent directive.
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: FortiSwitch VLAN template.
fortinet.fortimanager.fmgr_fsp_vlan:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
adom: <your own value>
state: present # <value in [present, absent]>
fsp_vlan:
_dhcp_status: <value in [disable, enable]>
auth: <value in [radius, usergroup]>
color: <integer>
comments: <string>
dynamic_mapping:
-
_dhcp_status: <value in [disable, enable]>
_scope:
-
name: <string>
vdom: <string>
dhcp_server:
auto_configuration: <value in [disable, enable]>
auto_managed_status: <value in [disable, enable]>
conflicted_ip_timeout: <integer>
ddns_auth: <value in [disable, tsig]>
ddns_key: <list or string>
ddns_keyname: <string>
ddns_server_ip: <string>
ddns_ttl: <integer>
ddns_update: <value in [disable, enable]>
ddns_update_override: <value in [disable, enable]>
ddns_zone: <string>
default_gateway: <string>
dhcp_settings_from_fortiipam: <value in [disable, enable]>
dns_server1: <string>
dns_server2: <string>
dns_server3: <string>
dns_server4: <string>
dns_service: <value in [default, specify, local]>
domain: <string>
enable: <value in [disable, enable]>
exclude_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
lease_time: <integer>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
filename: <string>
forticlient_on_net_status: <value in [disable, enable]>
id: <integer>
ip_mode: <value in [range, usrgrp]>
ip_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
lease_time: <integer>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
ipsec_lease_hold: <integer>
lease_time: <integer>
mac_acl_default_action: <value in [assign, block]>
netmask: <string>
next_server: <string>
ntp_server1: <string>
ntp_server2: <string>
ntp_server3: <string>
ntp_service: <value in [default, specify, local]>
option1: <list or string>
option2: <list or string>
option3: <list or string>
option4: <string>
option5: <string>
option6: <string>
options:
-
code: <integer>
id: <integer>
ip: <list or string>
type: <value in [hex, string, ip, ...]>
value: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
reserved_address:
-
action: <value in [assign, block, reserved]>
circuit_id: <string>
circuit_id_type: <value in [hex, string]>
description: <string>
id: <integer>
ip: <string>
mac: <string>
remote_id: <string>
remote_id_type: <value in [hex, string]>
type: <value in [mac, option82]>
server_type: <value in [regular, ipsec]>
status: <value in [disable, enable]>
tftp_server: <list or string>
timezone: <value in [00, 01, 02, ...]>
timezone_option: <value in [disable, default, specify]>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
wifi_ac_service: <value in [specify, local]>
wifi_ac1: <string>
wifi_ac2: <string>
wifi_ac3: <string>
wins_server1: <string>
wins_server2: <string>
relay_agent: <string>
shared_subnet: <value in [disable, enable]>
interface:
dhcp_relay_agent_option: <value in [disable, enable]>
dhcp_relay_ip: <list or string>
dhcp_relay_service: <value in [disable, enable]>
dhcp_relay_type: <value in [regular, ipsec]>
ip: <string>
ipv6:
autoconf: <value in [disable, enable]>
dhcp6_client_options:
- rapid
- iapd
- iana
- dns
- dnsname
dhcp6_information_request: <value in [disable, enable]>
dhcp6_prefix_delegation: <value in [disable, enable]>
dhcp6_prefix_hint: <string>
dhcp6_prefix_hint_plt: <integer>
dhcp6_prefix_hint_vlt: <integer>
dhcp6_relay_ip: <string>
dhcp6_relay_service: <value in [disable, enable]>
dhcp6_relay_type: <value in [regular]>
icmp6_send_redirect: <value in [disable, enable]>
interface_identifier: <string>
ip6_address: <string>
ip6_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- capwap
- fabric
ip6_default_life: <integer>
ip6_delegated_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
onlink_flag: <value in [disable, enable]>
prefix_id: <integer>
rdnss: <list or string>
rdnss_service: <value in [delegated, default, specify]>
subnet: <string>
upstream_interface: <string>
delegated_prefix_iaid: <integer>
ip6_dns_server_override: <value in [disable, enable]>
ip6_extra_addr:
-
prefix: <string>
ip6_hop_limit: <integer>
ip6_link_mtu: <integer>
ip6_manage_flag: <value in [disable, enable]>
ip6_max_interval: <integer>
ip6_min_interval: <integer>
ip6_mode: <value in [static, dhcp, pppoe, ...]>
ip6_other_flag: <value in [disable, enable]>
ip6_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
dnssl: <list or string>
onlink_flag: <value in [disable, enable]>
preferred_life_time: <integer>
prefix: <string>
rdnss: <list or string>
valid_life_time: <integer>
ip6_reachable_time: <integer>
ip6_retrans_time: <integer>
ip6_send_adv: <value in [disable, enable]>
ip6_subnet: <string>
ip6_upstream_interface: <string>
nd_cert: <string>
nd_cga_modifier: <string>
nd_mode: <value in [basic, SEND-compatible]>
nd_security_level: <integer>
nd_timestamp_delta: <integer>
nd_timestamp_fuzz: <integer>
unique_autoconf_addr: <value in [disable, enable]>
vrip6_link_local: <string>
vrrp_virtual_mac6: <value in [disable, enable]>
vrrp6:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
preempt: <value in [disable, enable]>
priority: <integer>
start_time: <integer>
status: <value in [disable, enable]>
vrdst6: <string>
vrgrp: <integer>
vrid: <integer>
vrip6: <string>
ignore_default_route: <value in [disable, enable]>
vrdst_priority: <integer>
cli_conn6_status: <integer>
ip6_prefix_mode: <value in [dhcp6, ra]>
ra_send_mtu: <value in [disable, enable]>
ip6_delegated_prefix_iaid: <integer>
dhcp6_relay_source_interface: <value in [disable, enable]>
dhcp6_relay_interface_id: <string>
dhcp6_relay_source_ip: <string>
secondary_IP: <value in [disable, enable]>
secondaryip:
-
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
- icond
- scim
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <string>
gwdetect: <value in [disable, enable]>
ha_priority: <integer>
id: <integer>
ip: <string>
ping_serv_status: <integer>
seq: <integer>
secip_relay_ip: <string>
vlanid: <integer>
dhcp_relay_interface_select_method: <value in [auto, sdwan, specify]>
vrrp:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
ignore_default_route: <value in [disable, enable]>
preempt: <value in [disable, enable]>
priority: <integer>
proxy_arp:
-
id: <integer>
ip: <string>
start_time: <integer>
status: <value in [disable, enable]>
version: <value in [2, 3]>
vrdst: <list or string>
vrdst_priority: <integer>
vrgrp: <integer>
vrid: <integer>
vrip: <string>
name: <string>
portal_message_override_group: <string>
radius_server: <string>
security: <value in [open, captive-portal, 8021x]>
selected_usergroups: <string>
usergroup: <string>
vdom: <string>
vlanid: <integer>
dhcp_server:
auto_configuration: <value in [disable, enable]>
auto_managed_status: <value in [disable, enable]>
conflicted_ip_timeout: <integer>
ddns_auth: <value in [disable, tsig]>
ddns_key: <list or string>
ddns_keyname: <string>
ddns_server_ip: <string>
ddns_ttl: <integer>
ddns_update: <value in [disable, enable]>
ddns_update_override: <value in [disable, enable]>
ddns_zone: <string>
default_gateway: <string>
dhcp_settings_from_fortiipam: <value in [disable, enable]>
dns_server1: <string>
dns_server2: <string>
dns_server3: <string>
dns_server4: <string>
dns_service: <value in [default, specify, local]>
domain: <string>
enable: <value in [disable, enable]>
exclude_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
lease_time: <integer>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
filename: <string>
forticlient_on_net_status: <value in [disable, enable]>
id: <integer>
ip_mode: <value in [range, usrgrp]>
ip_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
lease_time: <integer>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
ipsec_lease_hold: <integer>
lease_time: <integer>
mac_acl_default_action: <value in [assign, block]>
netmask: <string>
next_server: <string>
ntp_server1: <string>
ntp_server2: <string>
ntp_server3: <string>
ntp_service: <value in [default, specify, local]>
option1: <list or string>
option2: <list or string>
option3: <list or string>
option4: <string>
option5: <string>
option6: <string>
options:
-
code: <integer>
id: <integer>
ip: <list or string>
type: <value in [hex, string, ip, ...]>
value: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
reserved_address:
-
action: <value in [assign, block, reserved]>
circuit_id: <string>
circuit_id_type: <value in [hex, string]>
description: <string>
id: <integer>
ip: <string>
mac: <string>
remote_id: <string>
remote_id_type: <value in [hex, string]>
type: <value in [mac, option82]>
server_type: <value in [regular, ipsec]>
status: <value in [disable, enable]>
tftp_server: <list or string>
timezone: <value in [00, 01, 02, ...]>
timezone_option: <value in [disable, default, specify]>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
wifi_ac_service: <value in [specify, local]>
wifi_ac1: <string>
wifi_ac2: <string>
wifi_ac3: <string>
wins_server1: <string>
wins_server2: <string>
relay_agent: <string>
shared_subnet: <value in [disable, enable]>
interface:
ac_name: <string>
aggregate: <string>
algorithm: <value in [L2, L3, L4, ...]>
alias: <string>
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
ap_discover: <value in [disable, enable]>
arpforward: <value in [disable, enable]>
atm_protocol: <value in [none, ipoa]>
auth_type: <value in [auto, pap, chap, ...]>
auto_auth_extension_device: <value in [disable, enable]>
bandwidth_measure_time: <integer>
bfd: <value in [global, enable, disable]>
bfd_desired_min_tx: <integer>
bfd_detect_mult: <integer>
bfd_required_min_rx: <integer>
broadcast_forticlient_discovery: <value in [disable, enable]>
broadcast_forward: <value in [disable, enable]>
captive_portal: <integer>
cli_conn_status: <integer>
color: <integer>
ddns: <value in [disable, enable]>
ddns_auth: <value in [disable, tsig]>
ddns_domain: <string>
ddns_key: <list or string>
ddns_keyname: <string>
ddns_password: <list or string>
ddns_server: <value in [dhs.org, dyndns.org, dyns.net, ...]>
ddns_server_ip: <string>
ddns_sn: <string>
ddns_ttl: <integer>
ddns_username: <string>
ddns_zone: <string>
dedicated_to: <value in [none, management]>
defaultgw: <value in [disable, enable]>
description: <string>
detected_peer_mtu: <integer>
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <string>
device_access_list: <list or string>
device_identification: <value in [disable, enable]>
device_identification_active_scan: <value in [disable, enable]>
device_netscan: <value in [disable, enable]>
device_user_identification: <value in [disable, enable]>
devindex: <integer>
dhcp_client_identifier: <string>
dhcp_relay_agent_option: <value in [disable, enable]>
dhcp_relay_interface: <string>
dhcp_relay_interface_select_method: <value in [auto, sdwan, specify]>
dhcp_relay_ip: <list or string>
dhcp_relay_service: <value in [disable, enable]>
dhcp_relay_type: <value in [regular, ipsec]>
dhcp_renew_time: <integer>
disc_retry_timeout: <integer>
disconnect_threshold: <integer>
distance: <integer>
dns_query: <value in [disable, recursive, non-recursive]>
dns_server_override: <value in [disable, enable]>
drop_fragment: <value in [disable, enable]>
drop_overlapped_fragment: <value in [disable, enable]>
egress_cos: <value in [disable, cos0, cos1, ...]>
egress_shaping_profile: <string>
eip: <string>
endpoint_compliance: <value in [disable, enable]>
estimated_downstream_bandwidth: <integer>
estimated_upstream_bandwidth: <integer>
explicit_ftp_proxy: <value in [disable, enable]>
explicit_web_proxy: <value in [disable, enable]>
external: <value in [disable, enable]>
fail_action_on_extender: <value in [soft-restart, hard-restart, reboot]>
fail_alert_interfaces: <list or string>
fail_alert_method: <value in [link-failed-signal, link-down]>
fail_detect: <value in [disable, enable]>
fail_detect_option:
- detectserver
- link-down
fdp: <value in [disable, enable]>
fortiheartbeat: <value in [disable, enable]>
fortilink: <value in [disable, enable]>
fortilink_backup_link: <integer>
fortilink_neighbor_detect: <value in [lldp, fortilink]>
fortilink_split_interface: <value in [disable, enable]>
fortilink_stacking: <value in [disable, enable]>
forward_domain: <integer>
forward_error_correction: <value in [disable, enable, rs-fec, ...]>
fp_anomaly:
- drop_tcp_fin_noack
- pass_winnuke
- pass_tcpland
- pass_udpland
- pass_icmpland
- pass_ipland
- pass_iprr
- pass_ipssrr
- pass_iplsrr
- pass_ipstream
- pass_ipsecurity
- pass_iptimestamp
- pass_ipunknown_option
- pass_ipunknown_prot
- pass_icmp_frag
- pass_tcp_no_flag
- pass_tcp_fin_noack
- drop_winnuke
- drop_tcpland
- drop_udpland
- drop_icmpland
- drop_ipland
- drop_iprr
- drop_ipssrr
- drop_iplsrr
- drop_ipstream
- drop_ipsecurity
- drop_iptimestamp
- drop_ipunknown_option
- drop_ipunknown_prot
- drop_icmp_frag
- drop_tcp_no_flag
fp_disable:
- all
- ipsec
- none
gateway_address: <string>
gi_gk: <value in [disable, enable]>
gwaddr: <string>
gwdetect: <value in [disable, enable]>
ha_priority: <integer>
icmp_accept_redirect: <value in [disable, enable]>
icmp_redirect: <value in [disable, enable]>
icmp_send_redirect: <value in [disable, enable]>
ident_accept: <value in [disable, enable]>
idle_timeout: <integer>
if_mdix: <value in [auto, normal, crossover]>
if_media: <value in [auto, copper, fiber]>
in_force_vlan_cos: <integer>
inbandwidth: <integer>
ingress_cos: <value in [disable, cos0, cos1, ...]>
ingress_shaping_profile: <string>
ingress_spillover_threshold: <integer>
internal: <integer>
ip: <string>
ip_managed_by_fortiipam: <value in [disable, enable, inherit-global]>
ipmac: <value in [disable, enable]>
ips_sniffer_mode: <value in [disable, enable]>
ipunnumbered: <string>
ipv6:
autoconf: <value in [disable, enable]>
dhcp6_client_options:
- rapid
- iapd
- iana
- dns
- dnsname
dhcp6_information_request: <value in [disable, enable]>
dhcp6_prefix_delegation: <value in [disable, enable]>
dhcp6_prefix_hint: <string>
dhcp6_prefix_hint_plt: <integer>
dhcp6_prefix_hint_vlt: <integer>
dhcp6_relay_ip: <string>
dhcp6_relay_service: <value in [disable, enable]>
dhcp6_relay_type: <value in [regular]>
icmp6_send_redirect: <value in [disable, enable]>
interface_identifier: <string>
ip6_address: <string>
ip6_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- capwap
- fabric
ip6_default_life: <integer>
ip6_delegated_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
onlink_flag: <value in [disable, enable]>
prefix_id: <integer>
rdnss: <list or string>
rdnss_service: <value in [delegated, default, specify]>
subnet: <string>
upstream_interface: <string>
delegated_prefix_iaid: <integer>
ip6_dns_server_override: <value in [disable, enable]>
ip6_extra_addr:
-
prefix: <string>
ip6_hop_limit: <integer>
ip6_link_mtu: <integer>
ip6_manage_flag: <value in [disable, enable]>
ip6_max_interval: <integer>
ip6_min_interval: <integer>
ip6_mode: <value in [static, dhcp, pppoe, ...]>
ip6_other_flag: <value in [disable, enable]>
ip6_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
dnssl: <list or string>
onlink_flag: <value in [disable, enable]>
preferred_life_time: <integer>
prefix: <string>
rdnss: <list or string>
valid_life_time: <integer>
ip6_reachable_time: <integer>
ip6_retrans_time: <integer>
ip6_send_adv: <value in [disable, enable]>
ip6_subnet: <string>
ip6_upstream_interface: <string>
nd_cert: <string>
nd_cga_modifier: <string>
nd_mode: <value in [basic, SEND-compatible]>
nd_security_level: <integer>
nd_timestamp_delta: <integer>
nd_timestamp_fuzz: <integer>
unique_autoconf_addr: <value in [disable, enable]>
vrip6_link_local: <string>
vrrp_virtual_mac6: <value in [disable, enable]>
vrrp6:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
preempt: <value in [disable, enable]>
priority: <integer>
start_time: <integer>
status: <value in [disable, enable]>
vrdst6: <string>
vrgrp: <integer>
vrid: <integer>
vrip6: <string>
ignore_default_route: <value in [disable, enable]>
vrdst_priority: <integer>
cli_conn6_status: <integer>
ip6_prefix_mode: <value in [dhcp6, ra]>
ra_send_mtu: <value in [disable, enable]>
ip6_delegated_prefix_iaid: <integer>
dhcp6_relay_source_interface: <value in [disable, enable]>
dhcp6_relay_interface_id: <string>
dhcp6_relay_source_ip: <string>
l2forward: <value in [disable, enable]>
l2tp_client: <value in [disable, enable]>
lacp_ha_slave: <value in [disable, enable]>
lacp_mode: <value in [static, passive, active]>
lacp_speed: <value in [slow, fast]>
lcp_echo_interval: <integer>
lcp_max_echo_fails: <integer>
link_up_delay: <integer>
listen_forticlient_connection: <value in [disable, enable]>
lldp_network_policy: <string>
lldp_reception: <value in [disable, enable, vdom]>
lldp_transmission: <value in [enable, disable, vdom]>
log: <value in [disable, enable]>
macaddr: <string>
managed_subnetwork_size: <value in [256, 512, 1024, ...]>
management_ip: <string>
max_egress_burst_rate: <integer>
max_egress_rate: <integer>
measured_downstream_bandwidth: <integer>
measured_upstream_bandwidth: <integer>
mediatype: <value in [serdes-sfp, sgmii-sfp, cfp2-sr10, ...]>
member: <list or string>
min_links: <integer>
min_links_down: <value in [operational, administrative]>
mode: <value in [static, dhcp, pppoe, ...]>
monitor_bandwidth: <value in [disable, enable]>
mtu: <integer>
mtu_override: <value in [disable, enable]>
mux_type: <value in [llc-encaps, vc-encaps]>
name: <string>
ndiscforward: <value in [disable, enable]>
netbios_forward: <value in [disable, enable]>
netflow_sampler: <value in [disable, tx, rx, ...]>
np_qos_profile: <integer>
npu_fastpath: <value in [disable, enable]>
nst: <value in [disable, enable]>
out_force_vlan_cos: <integer>
outbandwidth: <integer>
padt_retry_timeout: <integer>
password: <list or string>
peer_interface: <list or string>
phy_mode: <value in [auto, adsl, vdsl, ...]>
ping_serv_status: <integer>
poe: <value in [disable, enable]>
polling_interval: <integer>
pppoe_unnumbered_negotiate: <value in [disable, enable]>
pptp_auth_type: <value in [auto, pap, chap, ...]>
pptp_client: <value in [disable, enable]>
pptp_password: <list or string>
pptp_server_ip: <string>
pptp_timeout: <integer>
pptp_user: <string>
preserve_session_route: <value in [disable, enable]>
priority: <integer>
priority_override: <value in [disable, enable]>
proxy_captive_portal: <value in [disable, enable]>
redundant_interface: <string>
remote_ip: <string>
replacemsg_override_group: <string>
retransmission: <value in [disable, enable]>
ring_rx: <integer>
ring_tx: <integer>
role: <value in [lan, wan, dmz, ...]>
sample_direction: <value in [rx, tx, both]>
sample_rate: <integer>
scan_botnet_connections: <value in [disable, block, monitor]>
secondary_IP: <value in [disable, enable]>
secondaryip:
-
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
- icond
- scim
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <string>
gwdetect: <value in [disable, enable]>
ha_priority: <integer>
id: <integer>
ip: <string>
ping_serv_status: <integer>
seq: <integer>
secip_relay_ip: <string>
security_8021x_dynamic_vlan_id: <integer>
security_8021x_master: <string>
security_8021x_mode: <value in [default, dynamic-vlan, fallback, ...]>
security_exempt_list: <string>
security_external_logout: <string>
security_external_web: <string>
security_groups: <list or string>
security_mac_auth_bypass: <value in [disable, enable, mac-auth-only]>
security_mode: <value in [none, captive-portal, 802.1X]>
security_redirect_url: <string>
service_name: <string>
sflow_sampler: <value in [disable, enable]>
speed: <value in [auto, 10full, 10half, ...]>
spillover_threshold: <integer>
src_check: <value in [disable, enable]>
status: <value in [down, up]>
stp: <value in [disable, enable]>
stp_ha_slave: <value in [disable, enable, priority-adjust]>
stpforward: <value in [disable, enable]>
stpforward_mode: <value in [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]>
strip_priority_vlan_tag: <value in [disable, enable]>
subst: <value in [disable, enable]>
substitute_dst_mac: <string>
swc_first_create: <integer>
swc_vlan: <integer>
switch: <string>
switch_controller_access_vlan: <value in [disable, enable]>
switch_controller_arp_inspection: <value in [disable, enable, monitor]>
switch_controller_auth: <value in [radius, usergroup]>
switch_controller_dhcp_snooping: <value in [disable, enable]>
switch_controller_dhcp_snooping_option82: <value in [disable, enable]>
switch_controller_dhcp_snooping_verify_mac: <value in [disable, enable]>
switch_controller_feature: <value in [none, default-vlan, quarantine, ...]>
switch_controller_igmp_snooping: <value in [disable, enable]>
switch_controller_igmp_snooping_fast_leave: <value in [disable, enable]>
switch_controller_igmp_snooping_proxy: <value in [disable, enable]>
switch_controller_iot_scanning: <value in [disable, enable]>
switch_controller_learning_limit: <integer>
switch_controller_mgmt_vlan: <integer>
switch_controller_nac: <string>
switch_controller_radius_server: <string>
switch_controller_rspan_mode: <value in [disable, enable]>
switch_controller_source_ip: <value in [outbound, fixed]>
switch_controller_traffic_policy: <string>
tc_mode: <value in [ptm, atm]>
tcp_mss: <integer>
trunk: <value in [disable, enable]>
trust_ip_1: <string>
trust_ip_2: <string>
trust_ip_3: <string>
trust_ip6_1: <string>
trust_ip6_2: <string>
trust_ip6_3: <string>
type: <value in [physical, vlan, aggregate, ...]>
username: <string>
vci: <integer>
vectoring: <value in [disable, enable]>
vindex: <integer>
vlan_protocol: <value in [8021q, 8021ad]>
vlanforward: <value in [disable, enable]>
vlanid: <integer>
vpi: <integer>
vrf: <integer>
vrrp:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
ignore_default_route: <value in [disable, enable]>
preempt: <value in [disable, enable]>
priority: <integer>
start_time: <integer>
status: <value in [disable, enable]>
version: <value in [2, 3]>
vrdst: <list or string>
vrdst_priority: <integer>
vrgrp: <integer>
vrid: <integer>
vrip: <string>
proxy_arp:
-
id: <integer>
ip: <string>
vrrp_virtual_mac: <value in [disable, enable]>
wccp: <value in [disable, enable]>
weight: <integer>
wifi_5g_threshold: <string>
wifi_acl: <value in [deny, allow]>
wifi_ap_band: <value in [any, 5g-preferred, 5g-only]>
wifi_auth: <value in [PSK, RADIUS, radius, ...]>
wifi_auto_connect: <value in [disable, enable]>
wifi_auto_save: <value in [disable, enable]>
wifi_broadcast_ssid: <value in [disable, enable]>
wifi_encrypt: <value in [TKIP, AES]>
wifi_fragment_threshold: <integer>
wifi_key: <list or string>
wifi_keyindex: <integer>
wifi_mac_filter: <value in [disable, enable]>
wifi_passphrase: <list or string>
wifi_radius_server: <string>
wifi_rts_threshold: <integer>
wifi_security: <value in [None, WEP64, wep64, ...]>
wifi_ssid: <string>
wifi_usergroup: <string>
wins_ip: <string>
dhcp_relay_request_all_server: <value in [disable, enable]>
stp_ha_secondary: <value in [disable, enable, priority-adjust]>
switch_controller_dynamic: <string>
auth_cert: <string>
auth_portal_addr: <string>
dhcp_classless_route_addition: <value in [disable, enable]>
dhcp_relay_link_selection: <string>
dns_server_protocol:
- cleartext
- dot
- doh
eap_ca_cert: <string>
eap_identity: <string>
eap_method: <value in [tls, peap]>
eap_password: <list or string>
eap_supplicant: <value in [disable, enable]>
eap_user_cert: <string>
ike_saml_server: <string>
lacp_ha_secondary: <value in [disable, enable]>
pvc_atm_qos: <value in [cbr, rt-vbr, nrt-vbr, ...]>
pvc_chan: <integer>
pvc_crc: <integer>
pvc_pcr: <integer>
pvc_scr: <integer>
pvc_vlan_id: <integer>
pvc_vlan_rx_id: <integer>
pvc_vlan_rx_op: <value in [pass-through, replace, remove]>
pvc_vlan_tx_id: <integer>
pvc_vlan_tx_op: <value in [pass-through, replace, remove]>
reachable_time: <integer>
select_profile_30a_35b: <value in [30A, 35B]>
sfp_dsl: <value in [disable, enable]>
sfp_dsl_adsl_fallback: <value in [disable, enable]>
sfp_dsl_autodetect: <value in [disable, enable]>
sfp_dsl_mac: <string>
sw_algorithm: <value in [l2, l3, eh, ...]>
system_id: <string>
system_id_type: <value in [auto, user]>
vlan_id: <integer>
vlan_op_mode: <value in [tag, untag, passthrough]>
generic_receive_offload: <value in [disable, enable]>
interconnect_profile: <value in [default, profile1, profile2]>
large_receive_offload: <value in [disable, enable]>
annex: <value in [a, b, j, ...]>
aggregate_type: <value in [physical, vxlan]>
switch_controller_netflow_collect: <value in [disable, enable]>
wifi_dns_server1: <string>
wifi_dns_server2: <string>
wifi_gateway: <string>
default_purdue_level: <value in [1, 2, 3, ...]>
dhcp_broadcast_flag: <value in [disable, enable]>
dhcp_smart_relay: <value in [disable, enable]>
switch_controller_offloading: <value in [disable, enable]>
switch_controller_offloading_gw: <value in [disable, enable]>
switch_controller_offloading_ip: <string>
dhcp_relay_circuit_id: <string>
dhcp_relay_source_ip: <string>
switch_controller_offload: <value in [disable, enable]>
switch_controller_offload_gw: <value in [disable, enable]>
switch_controller_offload_ip: <string>
mirroring_direction: <value in [rx, tx, both]>
mirroring_port: <string>
port_mirroring: <value in [disable, enable]>
security_8021x_member_mode: <value in [disable, switch]>
stp_edge: <value in [disable, enable]>
dhcp_relay_allow_no_end_option: <value in [disable, enable]>
netflow_sample_rate: <integer>
netflow_sampler_id: <integer>
pppoe_egress_cos: <value in [cos0, cos1, cos2, ...]>
security_ip_auth_bypass: <value in [disable, enable]>
virtual_mac: <string>
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
The result of the request. Returned: always |
|
The full url requested. Returned: always Sample: |
|
The status of api request. Returned: always Sample: |
|
The api response. Returned: always |
|
The descriptive message of the api response. Returned: always Sample: |
|
The information of the target system. Returned: always |
|
The status the request. Returned: always Sample: |
|
Warning if the parameters used in the playbook are not supported by the current FortiManager version. Returned: complex |