fortinet.fortimanager.fmgr_fsp_vlan_interface module – Configure interfaces.
Note
This module is part of the fortinet.fortimanager collection (version 2.8.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install fortinet.fortimanager.
To use it in a playbook, specify: fortinet.fortimanager.fmgr_fsp_vlan_interface.
New in fortinet.fortimanager 2.0.0
Synopsis
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
Parameters
Parameter |
Comments |
|---|---|
The token to access FortiManager without using username and password. |
|
The parameter (adom) in requested url. |
|
Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. Choices:
|
|
Enable/Disable logging for task. Choices:
|
|
Authenticate Ansible client with forticloud API access token. |
|
The top level parameters set. |
|
Ac name. |
|
Aggregate. |
|
Type of aggregation. Choices:
|
|
Algorithm. Choices:
|
|
Alias. |
|
Allowaccess. Choices:
|
|
Set xDSL annex type. Choices:
|
|
Ap discover. Choices:
|
|
Arpforward. Choices:
|
|
Atm protocol. Choices:
|
|
HTTPS server certificate. |
|
Address of captive portal. |
|
Auth type. Choices:
|
|
Auto auth extension device. Choices:
|
|
Bandwidth measure time. |
|
Bfd. Choices:
|
|
Bfd desired min tx. |
|
Bfd detect mult. |
|
Bfd required min rx. |
|
Broadcast forticlient discovery. Choices:
|
|
Broadcast forward. Choices:
|
|
Captive portal. |
|
Cli conn status. |
|
Color. |
|
Ddns. Choices:
|
|
Ddns auth. Choices:
|
|
Ddns domain. |
|
(list or str) Ddns key. |
|
Ddns keyname. |
|
(list) Ddns password. |
|
Ddns server. Choices:
|
|
Ddns server ip. |
|
Ddns sn. |
|
Ddns ttl. |
|
Ddns username. |
|
Ddns zone. |
|
Dedicated to. Choices:
|
|
Default purdue level of device detected on this interface. Choices:
|
|
Defaultgw. Choices:
|
|
Description. |
|
Detected peer mtu. |
|
Detectprotocol. Choices:
|
|
Detectserver. |
|
(list or str) Device access list. |
|
Device identification. Choices:
|
|
Device identification active scan. Choices:
|
|
Device netscan. Choices:
|
|
Device user identification. Choices:
|
|
Devindex. |
|
Enable/disable setting of the broadcast flag in messages sent by the DHCP client Choices:
|
|
Enable/disable addition of classless static routes retrieved from DHCP server. Choices:
|
|
Dhcp client identifier. |
|
Dhcp relay agent option. Choices:
|
|
Enable/disable relaying DHCP messages with no end option. Choices:
|
|
DHCP relay circuit ID. |
|
Dhcp relay interface. |
|
Dhcp relay interface select method. Choices:
|
|
(list) Dhcp relay ip. |
|
DHCP relay link selection. |
|
Enable/disable sending of DHCP requests to all servers. Choices:
|
|
Dhcp relay service. Choices:
|
|
IP address used by the DHCP relay as its source IP. |
|
Dhcp relay type. Choices:
|
|
Dhcp renew time. |
|
Enable/disable DHCP smart relay. Choices:
|
|
Disc retry timeout. |
|
Disconnect threshold. |
|
Distance. |
|
Dns query. Choices:
|
|
Dns server override. Choices:
|
|
DNS transport protocols. Choices:
|
|
Drop fragment. Choices:
|
|
Drop overlapped fragment. Choices:
|
|
EAP CA certificate name. |
|
EAP identity. |
|
EAP method. Choices:
|
|
(list) EAP password. |
|
Enable/disable EAP-Supplicant. Choices:
|
|
EAP user certificate name. |
|
Egress cos. Choices:
|
|
Egress shaping profile. |
|
Eip. |
|
Endpoint compliance. Choices:
|
|
Estimated downstream bandwidth. |
|
Estimated upstream bandwidth. |
|
Explicit ftp proxy. Choices:
|
|
Explicit web proxy. Choices:
|
|
External. Choices:
|
|
Fail action on extender. Choices:
|
|
(list or str) Fail alert interfaces. |
|
Fail alert method. Choices:
|
|
Fail detect. Choices:
|
|
Fail detect option. Choices:
|
|
Fdp. Choices:
|
|
Fortiheartbeat. Choices:
|
|
Fortilink. Choices:
|
|
Fortilink backup link. |
|
Fortilink neighbor detect. Choices:
|
|
Fortilink split interface. Choices:
|
|
Fortilink stacking. Choices:
|
|
Forward domain. |
|
Forward error correction. Choices:
|
|
Fp anomaly. Choices:
|
|
Fp disable. Choices:
|
|
Gateway address. |
|
Generic receive offload. Choices:
|
|
Gi gk. Choices:
|
|
Gwaddr. |
|
Gwdetect. Choices:
|
|
Ha priority. |
|
Icmp accept redirect. Choices:
|
|
Icmp redirect. Choices:
|
|
Icmp send redirect. Choices:
|
|
Ident accept. Choices:
|
|
Idle timeout. |
|
If mdix. Choices:
|
|
If media. Choices:
|
|
Configure IKE authentication SAML server. |
|
In force vlan cos. |
|
Inbandwidth. |
|
Ingress cos. Choices:
|
|
Ingress shaping profile. |
|
Ingress spillover threshold. |
|
Set interconnect profile. Choices:
|
|
Internal. |
|
Ip. |
|
Ip managed by fortiipam. Choices:
|
|
Ipmac. Choices:
|
|
Ips sniffer mode. Choices:
|
|
Ipunnumbered. |
|
Ipv6. |
|
Autoconf. Choices:
|
|
Cli conn6 status. |
|
Dhcp6 client options. Choices:
|
|
Dhcp6 information request. Choices:
|
|
Dhcp6 prefix delegation. Choices:
|
|
Dhcp6 prefix hint. |
|
Dhcp6 prefix hint plt. |
|
Dhcp6 prefix hint vlt. |
|
DHCP6 relay interface ID. |
|
Dhcp6 relay ip. |
|
Dhcp6 relay service. Choices:
|
|
Enable/disable use of address on this interface as the source address of the relay message. Choices:
|
|
IPv6 address used by the DHCP6 relay as its source IP. |
|
Dhcp6 relay type. Choices:
|
|
Enable/disable sending of ICMPv6 redirects. Choices:
|
|
Interface identifier. |
|
Ip6 address. |
|
Ip6 allowaccess. Choices:
|
|
Ip6 default life. |
|
IAID of obtained delegated-prefix from the upstream interface. |
|
Ip6 delegated prefix list. |
|
Autonomous flag. Choices:
|
|
IAID of obtained delegated-prefix from the upstream interface. |
|
Onlink flag. Choices:
|
|
Prefix id. |
|
(list) Rdnss. |
|
Rdnss service. Choices:
|
|
Subnet. |
|
Upstream interface. |
|
Ip6 dns server override. Choices:
|
|
Ip6 extra addr. |
|
Prefix. |
|
Ip6 hop limit. |
|
Ip6 link mtu. |
|
Ip6 manage flag. Choices:
|
|
Ip6 max interval. |
|
Ip6 min interval. |
|
Ip6 mode. Choices:
|
|
Ip6 other flag. Choices:
|
|
Ip6 prefix list. |
|
Autonomous flag. Choices:
|
|
(list) Dnssl. |
|
Onlink flag. Choices:
|
|
Preferred life time. |
|
Prefix. |
|
(list) Rdnss. |
|
Valid life time. |
|
Assigning a prefix from DHCP or RA. Choices:
|
|
Ip6 reachable time. |
|
Ip6 retrans time. |
|
Ip6 send adv. Choices:
|
|
Ip6 subnet. |
|
Ip6 upstream interface. |
|
Nd cert. |
|
Nd cga modifier. |
|
Nd mode. Choices:
|
|
Nd security level. |
|
Nd timestamp delta. |
|
Nd timestamp fuzz. |
|
Enable/disable sending link MTU in RA packet. Choices:
|
|
Unique autoconf addr. Choices:
|
|
Vrip6 link local. |
|
Vrrp6. |
|
Accept mode. Choices:
|
|
Adv interval. |
|
Enable/disable ignoring of default route when checking destination. Choices:
|
|
Preempt. Choices:
|
|
Priority. |
|
Start time. |
|
Status. Choices:
|
|
Vrdst6. |
|
Priority of the virtual router when the virtual router destination becomes unreachable |
|
Vrgrp. |
|
Vrid. |
|
Vrip6. |
|
Vrrp virtual mac6. Choices:
|
|
L2forward. Choices:
|
|
L2tp client. Choices:
|
|
Lacp ha secondary. Choices:
|
|
Lacp ha slave. Choices:
|
|
Lacp mode. Choices:
|
|
Lacp speed. Choices:
|
|
Large receive offload. Choices:
|
|
Lcp echo interval. |
|
Lcp max echo fails. |
|
Link up delay. |
|
Listen forticlient connection. Choices:
|
|
Lldp network policy. |
|
Lldp reception. Choices:
|
|
Lldp transmission. Choices:
|
|
Log. Choices:
|
|
Macaddr. |
|
Managed subnetwork size. Choices:
|
|
Management ip. |
|
Max egress burst rate. |
|
Max egress rate. |
|
Measured downstream bandwidth. |
|
Measured upstream bandwidth. |
|
Mediatype. Choices:
|
|
(list or str) Member. |
|
Min links. |
|
Min links down. Choices:
|
|
Port mirroring direction. Choices:
|
|
Mirroring port. |
|
Mode. Choices:
|
|
Monitor bandwidth. Choices:
|
|
Mtu. |
|
Mtu override. Choices:
|
|
Mux type. Choices:
|
|
Name. |
|
Ndiscforward. Choices:
|
|
Netbios forward. Choices:
|
|
NetFlow sample rate. |
|
Netflow sampler. Choices:
|
|
Netflow sampler ID. |
|
NP QoS profile ID. |
|
Npu fastpath. Choices:
|
|
Nst. Choices:
|
|
Out force vlan cos. |
|
Outbandwidth. |
|
Padt retry timeout. |
|
(list) Password. |
|
(list or str) Peer interface. |
|
Phy mode. Choices:
|
|
Ping serv status. |
|
Poe. Choices:
|
|
Polling interval. |
|
Enable/disable NP port mirroring. Choices:
|
|
CoS in VLAN tag for outgoing PPPoE/PPP packets. Choices:
|
|
Pppoe unnumbered negotiate. Choices:
|
|
Pptp auth type. Choices:
|
|
Pptp client. Choices:
|
|
(list) Pptp password. |
|
Pptp server ip. |
|
Pptp timeout. |
|
Pptp user. |
|
Preserve session route. Choices:
|
|
Priority. |
|
Priority override. Choices:
|
|
Proxy captive portal. Choices:
|
|
SFP-DSL ADSL Fallback PVC ATM QoS. Choices:
|
|
SFP-DSL ADSL Fallback PVC Channel. |
|
SFP-DSL ADSL Fallback PVC CRC Option |
|
SFP-DSL ADSL Fallback PVC Packet Cell Rate in cells |
|
SFP-DSL ADSL Fallback PVC Sustainable Cell Rate in cells |
|
SFP-DSL ADSL Fallback PVC VLAN ID. |
|
SFP-DSL ADSL Fallback PVC VLANID RX. |
|
SFP-DSL ADSL Fallback PVC VLAN RX op. Choices:
|
|
SFP-DSL ADSL Fallback PVC VLAN ID TX. |
|
SFP-DSL ADSL Fallback PVC VLAN TX op. Choices:
|
|
IPv4 reachable time in milliseconds |
|
Redundant interface. |
|
Remote ip. |
|
Replacemsg override group. |
|
Retransmission. Choices:
|
|
Ring rx. |
|
Ring tx. |
|
Role. Choices:
|
|
Sample direction. Choices:
|
|
Sample rate. |
|
Scan botnet connections. Choices:
|
|
Secondary IP. Choices:
|
|
Secondaryip. |
|
Allowaccess. Choices:
|
|
Detectprotocol. Choices:
|
|
Detectserver. |
|
Gwdetect. Choices:
|
|
Ha priority. |
|
Id. |
|
Ip. |
|
Ping serv status. |
|
DHCP relay IP address. |
|
Seq. |
|
Security 8021x dynamic vlan id. |
|
Security 8021x master. |
|
Choices:
|
|
Security 8021x mode. Choices:
|
|
Security exempt list. |
|
Security external logout. |
|
Security external web. |
|
(list or str) Security groups. |
|
Enable/disable IP authentication bypass. Choices:
|
|
Security mac auth bypass. Choices:
|
|
Security mode. Choices:
|
|
Security redirect url. |
|
Select VDSL Profile 30a or 35b. Choices:
|
|
Service name. |
|
Sflow sampler. Choices:
|
|
Enable/disable SFP DSL. Choices:
|
|
Enable/disable SFP DSL ADSL fallback. Choices:
|
|
Enable/disable SFP DSL MAC address autodetect. Choices:
|
|
SFP DSL MAC address. |
|
Speed. Choices:
|
|
Spillover threshold. |
|
Src check. Choices:
|
|
Status. Choices:
|
|
Stp. Choices:
|
|
Enable/disable as STP edge port. Choices:
|
|
Control STP behaviour on HA secondary. Choices:
|
|
Stp ha slave. Choices:
|
|
Stpforward. Choices:
|
|
Stpforward mode. Choices:
|
|
Strip priority vlan tag. Choices:
|
|
Subst. Choices:
|
|
Substitute dst mac. |
|
Frame distribution algorithm for switch. Choices:
|
|
Initial create for switch-controller VLANs. |
|
Swc vlan. |
|
Switch. |
|
Switch controller access vlan. Choices:
|
|
Switch controller arp inspection. Choices:
|
|
Switch controller auth. Choices:
|
|
Switch controller dhcp snooping. Choices:
|
|
Switch controller dhcp snooping option82. Choices:
|
|
Switch controller dhcp snooping verify mac. Choices:
|
|
Integrated FortiLink settings for managed FortiSwitch. |
|
Switch controller feature. Choices:
|
|
Switch controller igmp snooping. Choices:
|
|
Switch controller igmp snooping fast leave. Choices:
|
|
Switch controller igmp snooping proxy. Choices:
|
|
Enable/disable managed FortiSwitch IoT scanning. Choices:
|
|
Switch controller learning limit. |
|
Switch controller mgmt vlan. |
|
Switch controller nac. |
|
NetFlow collection and processing. Choices:
|
|
Enable/disable managed FortiSwitch routing offload. Choices:
|
|
Enable/disable managed FortiSwitch routing offload gateway. Choices:
|
|
IP for routing offload on FortiSwitch. |
|
Switch controller offloading. Choices:
|
|
Switch controller offloading gw. Choices:
|
|
Switch controller offloading ip. |
|
Switch controller radius server. |
|
Switch controller rspan mode. Choices:
|
|
Source IP address used in FortiLink over L3 connections. Choices:
|
|
Switch controller traffic policy. |
|
Define a system ID for the aggregate interface. |
|
Method in which system ID is generated. Choices:
|
|
Tc mode. Choices:
|
|
Tcp mss. |
|
Trunk. Choices:
|
|
Trust ip6 1. |
|
Trust ip6 2. |
|
Trust ip6 3. |
|
Trust ip 1. |
|
Trust ip 2. |
|
Trust ip 3. |
|
Type. Choices:
|
|
Username. |
|
Vci. |
|
Vectoring. Choices:
|
|
Vindex. |
|
Change the interfaces virtual MAC address. |
|
Vlan ID |
|
Configure DSL 802. Choices:
|
|
Vlan protocol. Choices:
|
|
Vlanforward. Choices:
|
|
Vlanid. |
|
Vpi. |
|
Vrf. |
|
Vrrp. |
|
Accept mode. Choices:
|
|
Adv interval. |
|
Ignore default route. Choices:
|
|
Preempt. Choices:
|
|
Priority. |
|
Proxy arp. |
|
ID. |
|
Set IP addresses of proxy ARP. |
|
Start time. |
|
Status. Choices:
|
|
Version. Choices:
|
|
(list) Vrdst. |
|
Vrdst priority. |
|
Vrgrp. |
|
Vrid. |
|
Vrip. |
|
Vrrp virtual mac. Choices:
|
|
Wccp. Choices:
|
|
Weight. |
|
Wifi 5g threshold. |
|
Wifi acl. Choices:
|
|
Wifi ap band. Choices:
|
|
Wifi auth. Choices:
|
|
Wifi auto connect. Choices:
|
|
Wifi auto save. Choices:
|
|
Wifi broadcast ssid. Choices:
|
|
DNS server 1. |
|
DNS server 2. |
|
Wifi encrypt. Choices:
|
|
Wifi fragment threshold. |
|
IPv4 default gateway IP address. |
|
(list) Wifi key. |
|
Wifi keyindex. |
|
Wifi mac filter. Choices:
|
|
(list) Wifi passphrase. |
|
Wifi radius server. |
|
Wifi rts threshold. |
|
Wifi security. Choices:
|
|
Wifi ssid. |
|
Wifi usergroup. |
|
Wins ip. |
|
The overridden method for the underlying Json RPC request. Choices:
|
|
The rc codes list with which the conditions to fail will be overriden. |
|
The rc codes list with which the conditions to succeed will be overriden. |
|
The parameter (vlan) in requested url. |
|
The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. |
|
The maximum time in seconds to wait for other user to release the workspace lock. Default: |
Notes
Note
Starting in version 2.4.0, all input arguments are named using the underscore naming convention (snake_case). Please change the arguments such as “var-name” to “var_name”. Old argument names are still available yet you will receive deprecation warnings. You can ignore this warning by setting deprecation_warnings=False in ansible.cfg.
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Configure interfaces.
fortinet.fortimanager.fmgr_fsp_vlan_interface:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
adom: <your own value>
vlan: <your own value>
fsp_vlan_interface:
ac_name: <string>
aggregate: <string>
algorithm: <value in [L2, L3, L4, ...]>
alias: <string>
allowaccess:
- "https"
- "ping"
- "ssh"
- "snmp"
- "http"
- "telnet"
- "fgfm"
- "auto-ipsec"
- "radius-acct"
- "probe-response"
- "capwap"
- "dnp"
- "ftm"
- "fabric"
- "speed-test"
ap_discover: <value in [disable, enable]>
arpforward: <value in [disable, enable]>
atm_protocol: <value in [none, ipoa]>
auth_type: <value in [auto, pap, chap, ...]>
auto_auth_extension_device: <value in [disable, enable]>
bfd: <value in [global, enable, disable]>
bfd_desired_min_tx: <integer>
bfd_detect_mult: <integer>
bfd_required_min_rx: <integer>
broadcast_forticlient_discovery: <value in [disable, enable]>
broadcast_forward: <value in [disable, enable]>
captive_portal: <integer>
cli_conn_status: <integer>
color: <integer>
ddns: <value in [disable, enable]>
ddns_auth: <value in [disable, tsig]>
ddns_domain: <string>
ddns_key: <list or string>
ddns_keyname: <string>
ddns_password: <list or string>
ddns_server: <value in [dhs.org, dyndns.org, dyns.net, ...]>
ddns_server_ip: <string>
ddns_sn: <string>
ddns_ttl: <integer>
ddns_username: <string>
ddns_zone: <string>
dedicated_to: <value in [none, management]>
defaultgw: <value in [disable, enable]>
description: <string>
detected_peer_mtu: <integer>
detectprotocol:
- "ping"
- "tcp-echo"
- "udp-echo"
detectserver: <string>
device_access_list: <list or string>
device_identification: <value in [disable, enable]>
device_identification_active_scan: <value in [disable, enable]>
device_netscan: <value in [disable, enable]>
device_user_identification: <value in [disable, enable]>
devindex: <integer>
dhcp_client_identifier: <string>
dhcp_relay_agent_option: <value in [disable, enable]>
dhcp_relay_ip: <list or string>
dhcp_relay_service: <value in [disable, enable]>
dhcp_relay_type: <value in [regular, ipsec]>
dhcp_renew_time: <integer>
disc_retry_timeout: <integer>
disconnect_threshold: <integer>
distance: <integer>
dns_query: <value in [disable, recursive, non-recursive]>
dns_server_override: <value in [disable, enable]>
drop_fragment: <value in [disable, enable]>
drop_overlapped_fragment: <value in [disable, enable]>
egress_cos: <value in [disable, cos0, cos1, ...]>
egress_shaping_profile: <string>
endpoint_compliance: <value in [disable, enable]>
estimated_downstream_bandwidth: <integer>
estimated_upstream_bandwidth: <integer>
explicit_ftp_proxy: <value in [disable, enable]>
explicit_web_proxy: <value in [disable, enable]>
external: <value in [disable, enable]>
fail_action_on_extender: <value in [soft-restart, hard-restart, reboot]>
fail_alert_interfaces: <list or string>
fail_alert_method: <value in [link-failed-signal, link-down]>
fail_detect: <value in [disable, enable]>
fail_detect_option:
- "detectserver"
- "link-down"
fdp: <value in [disable, enable]>
fortiheartbeat: <value in [disable, enable]>
fortilink: <value in [disable, enable]>
fortilink_backup_link: <integer>
fortilink_split_interface: <value in [disable, enable]>
fortilink_stacking: <value in [disable, enable]>
forward_domain: <integer>
forward_error_correction: <value in [disable, enable, rs-fec, ...]>
fp_anomaly:
- "drop_tcp_fin_noack"
- "pass_winnuke"
- "pass_tcpland"
- "pass_udpland"
- "pass_icmpland"
- "pass_ipland"
- "pass_iprr"
- "pass_ipssrr"
- "pass_iplsrr"
- "pass_ipstream"
- "pass_ipsecurity"
- "pass_iptimestamp"
- "pass_ipunknown_option"
- "pass_ipunknown_prot"
- "pass_icmp_frag"
- "pass_tcp_no_flag"
- "pass_tcp_fin_noack"
- "drop_winnuke"
- "drop_tcpland"
- "drop_udpland"
- "drop_icmpland"
- "drop_ipland"
- "drop_iprr"
- "drop_ipssrr"
- "drop_iplsrr"
- "drop_ipstream"
- "drop_ipsecurity"
- "drop_iptimestamp"
- "drop_ipunknown_option"
- "drop_ipunknown_prot"
- "drop_icmp_frag"
- "drop_tcp_no_flag"
fp_disable:
- "all"
- "ipsec"
- "none"
gateway_address: <string>
gi_gk: <value in [disable, enable]>
gwaddr: <string>
gwdetect: <value in [disable, enable]>
ha_priority: <integer>
icmp_accept_redirect: <value in [disable, enable]>
icmp_redirect: <value in [disable, enable]>
icmp_send_redirect: <value in [disable, enable]>
ident_accept: <value in [disable, enable]>
idle_timeout: <integer>
if_mdix: <value in [auto, normal, crossover]>
if_media: <value in [auto, copper, fiber]>
in_force_vlan_cos: <integer>
inbandwidth: <integer>
ingress_cos: <value in [disable, cos0, cos1, ...]>
ingress_spillover_threshold: <integer>
internal: <integer>
ip: <string>
ipmac: <value in [disable, enable]>
ips_sniffer_mode: <value in [disable, enable]>
ipunnumbered: <string>
ipv6:
autoconf: <value in [disable, enable]>
dhcp6_client_options:
- "rapid"
- "iapd"
- "iana"
- "dns"
- "dnsname"
dhcp6_information_request: <value in [disable, enable]>
dhcp6_prefix_delegation: <value in [disable, enable]>
dhcp6_prefix_hint: <string>
dhcp6_prefix_hint_plt: <integer>
dhcp6_prefix_hint_vlt: <integer>
dhcp6_relay_ip: <string>
dhcp6_relay_service: <value in [disable, enable]>
dhcp6_relay_type: <value in [regular]>
ip6_address: <string>
ip6_allowaccess:
- "https"
- "ping"
- "ssh"
- "snmp"
- "http"
- "telnet"
- "fgfm"
- "capwap"
- "fabric"
ip6_default_life: <integer>
ip6_dns_server_override: <value in [disable, enable]>
ip6_hop_limit: <integer>
ip6_link_mtu: <integer>
ip6_manage_flag: <value in [disable, enable]>
ip6_max_interval: <integer>
ip6_min_interval: <integer>
ip6_mode: <value in [static, dhcp, pppoe, ...]>
ip6_other_flag: <value in [disable, enable]>
ip6_reachable_time: <integer>
ip6_retrans_time: <integer>
ip6_send_adv: <value in [disable, enable]>
ip6_subnet: <string>
ip6_upstream_interface: <string>
nd_cert: <string>
nd_cga_modifier: <string>
nd_mode: <value in [basic, SEND-compatible]>
nd_security_level: <integer>
nd_timestamp_delta: <integer>
nd_timestamp_fuzz: <integer>
vrip6_link_local: <string>
vrrp_virtual_mac6: <value in [disable, enable]>
ip6_delegated_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
onlink_flag: <value in [disable, enable]>
prefix_id: <integer>
rdnss: <list or string>
rdnss_service: <value in [delegated, default, specify]>
subnet: <string>
upstream_interface: <string>
delegated_prefix_iaid: <integer>
ip6_extra_addr:
-
prefix: <string>
ip6_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
dnssl: <list or string>
onlink_flag: <value in [disable, enable]>
preferred_life_time: <integer>
prefix: <string>
rdnss: <list or string>
valid_life_time: <integer>
vrrp6:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
preempt: <value in [disable, enable]>
priority: <integer>
start_time: <integer>
status: <value in [disable, enable]>
vrdst6: <string>
vrgrp: <integer>
vrid: <integer>
vrip6: <string>
ignore_default_route: <value in [disable, enable]>
vrdst_priority: <integer>
interface_identifier: <string>
unique_autoconf_addr: <value in [disable, enable]>
icmp6_send_redirect: <value in [disable, enable]>
cli_conn6_status: <integer>
ip6_prefix_mode: <value in [dhcp6, ra]>
ra_send_mtu: <value in [disable, enable]>
ip6_delegated_prefix_iaid: <integer>
dhcp6_relay_source_interface: <value in [disable, enable]>
dhcp6_relay_interface_id: <string>
dhcp6_relay_source_ip: <string>
l2forward: <value in [disable, enable]>
l2tp_client: <value in [disable, enable]>
lacp_ha_slave: <value in [disable, enable]>
lacp_mode: <value in [static, passive, active]>
lacp_speed: <value in [slow, fast]>
lcp_echo_interval: <integer>
lcp_max_echo_fails: <integer>
link_up_delay: <integer>
listen_forticlient_connection: <value in [disable, enable]>
lldp_network_policy: <string>
lldp_reception: <value in [disable, enable, vdom]>
lldp_transmission: <value in [enable, disable, vdom]>
log: <value in [disable, enable]>
macaddr: <string>
management_ip: <string>
max_egress_burst_rate: <integer>
max_egress_rate: <integer>
mediatype: <value in [serdes-sfp, sgmii-sfp, cfp2-sr10, ...]>
member: <list or string>
min_links: <integer>
min_links_down: <value in [operational, administrative]>
mode: <value in [static, dhcp, pppoe, ...]>
mtu: <integer>
mtu_override: <value in [disable, enable]>
mux_type: <value in [llc-encaps, vc-encaps]>
name: <string>
ndiscforward: <value in [disable, enable]>
netbios_forward: <value in [disable, enable]>
netflow_sampler: <value in [disable, tx, rx, ...]>
npu_fastpath: <value in [disable, enable]>
nst: <value in [disable, enable]>
out_force_vlan_cos: <integer>
outbandwidth: <integer>
padt_retry_timeout: <integer>
password: <list or string>
peer_interface: <list or string>
phy_mode: <value in [auto, adsl, vdsl, ...]>
ping_serv_status: <integer>
poe: <value in [disable, enable]>
polling_interval: <integer>
pppoe_unnumbered_negotiate: <value in [disable, enable]>
pptp_auth_type: <value in [auto, pap, chap, ...]>
pptp_client: <value in [disable, enable]>
pptp_password: <list or string>
pptp_server_ip: <string>
pptp_timeout: <integer>
pptp_user: <string>
preserve_session_route: <value in [disable, enable]>
priority: <integer>
priority_override: <value in [disable, enable]>
proxy_captive_portal: <value in [disable, enable]>
redundant_interface: <string>
remote_ip: <string>
replacemsg_override_group: <string>
retransmission: <value in [disable, enable]>
role: <value in [lan, wan, dmz, ...]>
sample_direction: <value in [rx, tx, both]>
sample_rate: <integer>
scan_botnet_connections: <value in [disable, block, monitor]>
secondary_IP: <value in [disable, enable]>
secondaryip:
-
allowaccess:
- "https"
- "ping"
- "ssh"
- "snmp"
- "http"
- "telnet"
- "fgfm"
- "auto-ipsec"
- "radius-acct"
- "probe-response"
- "capwap"
- "dnp"
- "ftm"
- "fabric"
- "speed-test"
- "icond"
- "scim"
detectprotocol:
- "ping"
- "tcp-echo"
- "udp-echo"
detectserver: <string>
gwdetect: <value in [disable, enable]>
ha_priority: <integer>
id: <integer>
ip: <string>
ping_serv_status: <integer>
seq: <integer>
secip_relay_ip: <string>
security_8021x_dynamic_vlan_id: <integer>
security_8021x_master: <string>
security_8021x_mode: <value in [default, dynamic-vlan, fallback, ...]>
security_exempt_list: <string>
security_external_logout: <string>
security_external_web: <string>
security_groups: <list or string>
security_mac_auth_bypass: <value in [disable, enable, mac-auth-only]>
security_mode: <value in [none, captive-portal, 802.1X]>
security_redirect_url: <string>
service_name: <string>
sflow_sampler: <value in [disable, enable]>
speed: <value in [auto, 10full, 10half, ...]>
spillover_threshold: <integer>
src_check: <value in [disable, enable]>
status: <value in [down, up]>
stp: <value in [disable, enable]>
stp_ha_slave: <value in [disable, enable, priority-adjust]>
stpforward: <value in [disable, enable]>
stpforward_mode: <value in [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]>
strip_priority_vlan_tag: <value in [disable, enable]>
subst: <value in [disable, enable]>
substitute_dst_mac: <string>
switch: <string>
switch_controller_access_vlan: <value in [disable, enable]>
switch_controller_arp_inspection: <value in [disable, enable, monitor]>
switch_controller_auth: <value in [radius, usergroup]>
switch_controller_dhcp_snooping: <value in [disable, enable]>
switch_controller_dhcp_snooping_option82: <value in [disable, enable]>
switch_controller_dhcp_snooping_verify_mac: <value in [disable, enable]>
switch_controller_igmp_snooping: <value in [disable, enable]>
switch_controller_learning_limit: <integer>
switch_controller_radius_server: <string>
switch_controller_traffic_policy: <string>
tc_mode: <value in [ptm, atm]>
tcp_mss: <integer>
trunk: <value in [disable, enable]>
trust_ip_1: <string>
trust_ip_2: <string>
trust_ip_3: <string>
trust_ip6_1: <string>
trust_ip6_2: <string>
trust_ip6_3: <string>
type: <value in [physical, vlan, aggregate, ...]>
username: <string>
vci: <integer>
vectoring: <value in [disable, enable]>
vindex: <integer>
vlanforward: <value in [disable, enable]>
vlanid: <integer>
vpi: <integer>
vrf: <integer>
vrrp:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
ignore_default_route: <value in [disable, enable]>
preempt: <value in [disable, enable]>
priority: <integer>
start_time: <integer>
status: <value in [disable, enable]>
version: <value in [2, 3]>
vrdst: <list or string>
vrdst_priority: <integer>
vrgrp: <integer>
vrid: <integer>
vrip: <string>
proxy_arp:
-
id: <integer>
ip: <string>
vrrp_virtual_mac: <value in [disable, enable]>
wccp: <value in [disable, enable]>
weight: <integer>
wifi_5g_threshold: <string>
wifi_acl: <value in [deny, allow]>
wifi_ap_band: <value in [any, 5g-preferred, 5g-only]>
wifi_auth: <value in [PSK, RADIUS, radius, ...]>
wifi_auto_connect: <value in [disable, enable]>
wifi_auto_save: <value in [disable, enable]>
wifi_broadcast_ssid: <value in [disable, enable]>
wifi_encrypt: <value in [TKIP, AES]>
wifi_fragment_threshold: <integer>
wifi_key: <list or string>
wifi_keyindex: <integer>
wifi_mac_filter: <value in [disable, enable]>
wifi_passphrase: <list or string>
wifi_radius_server: <string>
wifi_rts_threshold: <integer>
wifi_security: <value in [None, WEP64, wep64, ...]>
wifi_ssid: <string>
wifi_usergroup: <string>
wins_ip: <string>
eip: <string>
fortilink_neighbor_detect: <value in [lldp, fortilink]>
ingress_shaping_profile: <string>
ring_rx: <integer>
ring_tx: <integer>
switch_controller_igmp_snooping_fast_leave: <value in [disable, enable]>
switch_controller_igmp_snooping_proxy: <value in [disable, enable]>
switch_controller_rspan_mode: <value in [disable, enable]>
bandwidth_measure_time: <integer>
ip_managed_by_fortiipam: <value in [disable, enable, inherit-global]>
managed_subnetwork_size: <value in [256, 512, 1024, ...]>
measured_downstream_bandwidth: <integer>
measured_upstream_bandwidth: <integer>
monitor_bandwidth: <value in [disable, enable]>
swc_vlan: <integer>
switch_controller_feature: <value in [none, default-vlan, quarantine, ...]>
switch_controller_mgmt_vlan: <integer>
switch_controller_nac: <string>
vlan_protocol: <value in [8021q, 8021ad]>
dhcp_relay_interface: <string>
dhcp_relay_interface_select_method: <value in [auto, sdwan, specify]>
np_qos_profile: <integer>
swc_first_create: <integer>
switch_controller_iot_scanning: <value in [disable, enable]>
switch_controller_source_ip: <value in [outbound, fixed]>
dhcp_relay_request_all_server: <value in [disable, enable]>
stp_ha_secondary: <value in [disable, enable, priority-adjust]>
switch_controller_dynamic: <string>
auth_cert: <string>
auth_portal_addr: <string>
dhcp_classless_route_addition: <value in [disable, enable]>
dhcp_relay_link_selection: <string>
dns_server_protocol:
- "cleartext"
- "dot"
- "doh"
eap_ca_cert: <string>
eap_identity: <string>
eap_method: <value in [tls, peap]>
eap_password: <list or string>
eap_supplicant: <value in [disable, enable]>
eap_user_cert: <string>
ike_saml_server: <string>
lacp_ha_secondary: <value in [disable, enable]>
pvc_atm_qos: <value in [cbr, rt-vbr, nrt-vbr, ...]>
pvc_chan: <integer>
pvc_crc: <integer>
pvc_pcr: <integer>
pvc_scr: <integer>
pvc_vlan_id: <integer>
pvc_vlan_rx_id: <integer>
pvc_vlan_rx_op: <value in [pass-through, replace, remove]>
pvc_vlan_tx_id: <integer>
pvc_vlan_tx_op: <value in [pass-through, replace, remove]>
reachable_time: <integer>
select_profile_30a_35b: <value in [30A, 35B]>
sfp_dsl: <value in [disable, enable]>
sfp_dsl_adsl_fallback: <value in [disable, enable]>
sfp_dsl_autodetect: <value in [disable, enable]>
sfp_dsl_mac: <string>
sw_algorithm: <value in [l2, l3, eh, ...]>
system_id: <string>
system_id_type: <value in [auto, user]>
vlan_id: <integer>
vlan_op_mode: <value in [tag, untag, passthrough]>
generic_receive_offload: <value in [disable, enable]>
interconnect_profile: <value in [default, profile1, profile2]>
large_receive_offload: <value in [disable, enable]>
annex: <value in [a, b, j, ...]>
aggregate_type: <value in [physical, vxlan]>
switch_controller_netflow_collect: <value in [disable, enable]>
wifi_dns_server1: <string>
wifi_dns_server2: <string>
wifi_gateway: <string>
default_purdue_level: <value in [1, 2, 3, ...]>
dhcp_broadcast_flag: <value in [disable, enable]>
dhcp_smart_relay: <value in [disable, enable]>
switch_controller_offloading: <value in [disable, enable]>
switch_controller_offloading_gw: <value in [disable, enable]>
switch_controller_offloading_ip: <string>
dhcp_relay_circuit_id: <string>
dhcp_relay_source_ip: <string>
switch_controller_offload: <value in [disable, enable]>
switch_controller_offload_gw: <value in [disable, enable]>
switch_controller_offload_ip: <string>
mirroring_direction: <value in [rx, tx, both]>
mirroring_port: <string>
port_mirroring: <value in [disable, enable]>
security_8021x_member_mode: <value in [disable, switch]>
stp_edge: <value in [disable, enable]>
dhcp_relay_allow_no_end_option: <value in [disable, enable]>
netflow_sample_rate: <integer>
netflow_sampler_id: <integer>
pppoe_egress_cos: <value in [cos0, cos1, cos2, ...]>
security_ip_auth_bypass: <value in [disable, enable]>
virtual_mac: <string>
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
The result of the request. Returned: always |
|
The full url requested. Returned: always Sample: |
|
The status of api request. Returned: always Sample: |
|
The api response. Returned: always |
|
The descriptive message of the api response. Returned: always Sample: |
|
The information of the target system. Returned: always |
|
The status the request. Returned: always Sample: |
|
Warning if the parameters used in the playbook are not supported by the current FortiManager version. Returned: complex |