fortinet.fortimanager.fmgr_vap_dynamicmapping module – Configure Virtual Access Points

Note

This module is part of the fortinet.fortimanager collection (version 2.8.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install fortinet.fortimanager.

To use it in a playbook, specify: fortinet.fortimanager.fmgr_vap_dynamicmapping.

New in fortinet.fortimanager 2.0.0

Synopsis 

This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.

Parameters 

Parameter	Comments
access_token string	The token to access FortiManager without using username and password.
adom string / required	The parameter (adom) in requested url.
bypass_validation boolean	Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. Choices: `false` ← (default) `true`
enable_log boolean	Enable/Disable logging for task. Choices: `false` ← (default) `true`
forticloud_access_token string	Authenticate Ansible client with forticloud API access token.
proposed_method string	The overridden method for the underlying Json RPC request. Choices: `"update"` `"set"` `"add"`
rc_failed list / elements=integer	The rc codes list with which the conditions to fail will be overriden.
rc_succeeded list / elements=integer	The rc codes list with which the conditions to succeed will be overriden.
state string / required	The directive to create, update or delete an object. Choices: `"present"` `"absent"`
vap string / required	The parameter (vap) in requested url.
vap_dynamicmapping dictionary	The top level parameters set.
_centmgmt string	Centmgmt. Choices: `"disable"` `"enable"`
_dhcp_svr_id string	Dhcp svr id.
_intf_allowaccess list / elements=string	Intf allowaccess. Choices: `"https"` `"ping"` `"ssh"` `"snmp"` `"http"` `"telnet"` `"fgfm"` `"auto-ipsec"` `"radius-acct"` `"probe-response"` `"capwap"` `"dnp"` `"ftm"` `"fabric"` `"speed-test"`
_intf_device_access_list string	Intf device access list.
_intf_device_identification string	Intf device identification. Choices: `"disable"` `"enable"`
_intf_device_netscan string	Intf device netscan. Choices: `"disable"` `"enable"`
_intf_dhcp6_relay_ip string	Intf dhcp6 relay ip.
_intf_dhcp6_relay_service string	Intf dhcp6 relay service. Choices: `"disable"` `"enable"`
_intf_dhcp6_relay_type string	Intf dhcp6 relay type. Choices: `"regular"`
_intf_dhcp_relay_ip any	(list) Intf dhcp relay ip.
_intf_dhcp_relay_service string	Intf dhcp relay service. Choices: `"disable"` `"enable"`
_intf_dhcp_relay_type string	Intf dhcp relay type. Choices: `"regular"` `"ipsec"`
_intf_ip string	Intf ip.
_intf_ip6_address string	Intf ip6 address.
_intf_ip6_allowaccess list / elements=string	Intf ip6 allowaccess. Choices: `"https"` `"ping"` `"ssh"` `"snmp"` `"http"` `"telnet"` `"any"` `"fgfm"` `"capwap"`
_intf_ip_managed_by_fortiipam string	Intf ip managed by fortiipam. Choices: `"disable"` `"enable"` `"inherit-global"`
_intf_listen_forticlient_connection string	Intf listen forticlient connection. Choices: `"disable"` `"enable"`
_intf_managed_subnetwork_size string	Intf managed subnetwork size. Choices: `"32"` `"64"` `"128"` `"256"` `"512"` `"1024"` `"2048"` `"4096"` `"8192"` `"16384"` `"32768"` `"65536"`
_is_factory_setting string	Is factory setting. Choices: `"disable"` `"enable"` `"ext"`
_scope list / elements=dictionary	Scope.
name string	Name.
vdom string	Vdom.
access_control_list string	Access control list.
acct_interim_interval integer	Acct interim interval.
additional_akms list / elements=string	Additional AKMs. Choices: `"akm6"` `"akm24"`
address_group string	Address group.
address_group_policy string	Configure MAC address filtering policy for MAC addresses that are in the address-group. Choices: `"disable"` `"allow"` `"deny"`
akm24_only string	WPA3 SAE using group-dependent hash only Choices: `"disable"` `"enable"`
alias string	Alias.
antivirus_profile string	AntiVirus profile name.
application_detection_engine string	Enable/disable application detection engine Choices: `"disable"` `"enable"`
application_dscp_marking string	Enable/disable application attribute based DSCP marking Choices: `"disable"` `"enable"`
application_list string	Application control list name.
application_report_intv integer	Application report interval
atf_weight integer	Atf weight.
auth string	Auth. Choices: `"PSK"` `"psk"` `"RADIUS"` `"radius"` `"usergroup"`
auth_cert string	HTTPS server certificate.
auth_portal_addr string	Address of captive portal.
beacon_advertising list / elements=string	Fortinet beacon advertising IE data Choices: `"name"` `"model"` `"serial-number"`
beacon_protection string	Enable/disable beacon protection support Choices: `"disable"` `"enable"`
broadcast_ssid string	Broadcast ssid. Choices: `"disable"` `"enable"`
broadcast_suppression list / elements=string	Broadcast suppression. Choices: `"dhcp"` `"arp"` `"dhcp2"` `"arp2"` `"netbios-ns"` `"netbios-ds"` `"arp3"` `"dhcp-up"` `"dhcp-down"` `"arp-known"` `"arp-unknown"` `"arp-reply"` `"ipv6"` `"dhcp-starvation"` `"arp-poison"` `"all-other-mc"` `"all-other-bc"` `"arp-proxy"` `"dhcp-ucast"`
bss_color_partial string	Bss color partial. Choices: `"disable"` `"enable"`
bstm_disassociation_imminent string	Enable/disable forcing of disassociation after the BSTM request timer has been reached Choices: `"disable"` `"enable"`
bstm_load_balancing_disassoc_timer integer	Time interval for client to voluntarily leave AP before forcing a disassociation due to AP load-balancing
bstm_rssi_disassoc_timer integer	Time interval for client to voluntarily leave AP before forcing a disassociation due to low RSSI
captive_portal string	Enable/disable captive portal. Choices: `"disable"` `"enable"`
captive_portal_ac_name string	Captive portal ac name.
captive_portal_auth_timeout integer	Captive portal auth timeout.
captive_portal_fw_accounting string	Enable/disable RADIUS accounting for captive portal firewall authentication session. Choices: `"disable"` `"enable"`
captive_portal_macauth_radius_secret any	(list) Captive portal macauth radius secret.
captive_portal_macauth_radius_server string	Captive portal macauth radius server.
captive_portal_radius_secret any	(list) Captive portal radius secret.
captive_portal_radius_server string	Captive portal radius server.
captive_portal_session_timeout_interval integer	Captive portal session timeout interval.
client_count integer	Client count.
d80211k string	Enable/disable 802. Choices: `"disable"` `"enable"`
d80211v string	Enable/disable 802. Choices: `"disable"` `"enable"`
dhcp_address_enforcement string	Enable/disable DHCP address enforcement Choices: `"disable"` `"enable"`
dhcp_lease_time integer	Dhcp lease time.
dhcp_option43_insertion string	Dhcp option43 insertion. Choices: `"disable"` `"enable"`
dhcp_option82_circuit_id_insertion string	Dhcp option82 circuit id insertion. Choices: `"disable"` `"style-1"` `"style-2"` `"style-3"`
dhcp_option82_insertion string	Dhcp option82 insertion. Choices: `"disable"` `"enable"`
dhcp_option82_remote_id_insertion string	Dhcp option82 remote id insertion. Choices: `"disable"` `"style-1"`
domain_name_stripping string	Enable/disable stripping domain name from identity Choices: `"disable"` `"enable"`
dynamic_vlan string	Dynamic vlan. Choices: `"disable"` `"enable"`
eap_reauth string	Eap reauth. Choices: `"disable"` `"enable"`
eap_reauth_intv integer	Eap reauth intv.
eapol_key_retries string	Eapol key retries. Choices: `"disable"` `"enable"`
encrypt string	Encrypt. Choices: `"TKIP"` `"AES"` `"TKIP-AES"`
external_fast_roaming string	External fast roaming. Choices: `"disable"` `"enable"`
external_logout string	External logout.
external_web string	External web.
external_web_format string	External web format. Choices: `"auto-detect"` `"no-query-string"` `"partial-query-string"`
fast_bss_transition string	Fast bss transition. Choices: `"disable"` `"enable"`
fast_roaming string	Fast roaming. Choices: `"disable"` `"enable"`
ft_mobility_domain integer	Ft mobility domain.
ft_over_ds string	Ft over ds. Choices: `"disable"` `"enable"`
ft_r0_key_lifetime integer	Ft r0 key lifetime.
gas_comeback_delay integer	GAS comeback delay
gas_fragmentation_limit integer	GAS fragmentation limit
gtk_rekey string	Gtk rekey. Choices: `"disable"` `"enable"`
gtk_rekey_intv integer	Gtk rekey intv.
high_efficiency string	High efficiency. Choices: `"disable"` `"enable"`
hotspot20_profile string	Hotspot20 profile.
igmp_snooping string	Enable/disable IGMP snooping. Choices: `"disable"` `"enable"`
intra_vap_privacy string	Intra vap privacy. Choices: `"disable"` `"enable"`
ip string	Ip.
ips_sensor string	IPS sensor name.
ipv6_rules list / elements=string	Ipv6 rules. Choices: `"drop-icmp6ra"` `"drop-icmp6rs"` `"drop-llmnr6"` `"drop-icmp6mld2"` `"drop-dhcp6s"` `"drop-dhcp6c"` `"ndp-proxy"` `"drop-ns-dad"` `"drop-ns-nondad"`
key any	(list) Key.
keyindex integer	Keyindex.
l3_roaming string	Enable/disable layer 3 roaming Choices: `"disable"` `"enable"`
l3_roaming_mode string	Select the way that layer 3 roaming traffic is passed Choices: `"direct"` `"indirect"`
ldpc string	Ldpc. Choices: `"disable"` `"tx"` `"rx"` `"rxtx"`
local_authentication string	Local authentication. Choices: `"disable"` `"enable"`
local_bridging string	Local bridging. Choices: `"disable"` `"enable"`
local_lan string	Local lan. Choices: `"deny"` `"allow"`
local_lan_partition string	Enable/disable segregating client traffic to local LAN side Choices: `"disable"` `"enable"`
local_standalone string	Local standalone. Choices: `"disable"` `"enable"`
local_standalone_dns string	Enable/disable AP local standalone DNS. Choices: `"disable"` `"enable"`
local_standalone_dns_ip any	(list) IPv4 addresses for the local standalone DNS.
local_standalone_nat string	Local standalone nat. Choices: `"disable"` `"enable"`
local_switching string	Local switching. Choices: `"disable"` `"enable"`
mac_auth_bypass string	Mac auth bypass. Choices: `"disable"` `"enable"`
mac_called_station_delimiter string	MAC called station delimiter Choices: `"hyphen"` `"single-hyphen"` `"colon"` `"none"`
mac_calling_station_delimiter string	MAC calling station delimiter Choices: `"hyphen"` `"single-hyphen"` `"colon"` `"none"`
mac_case string	MAC case Choices: `"uppercase"` `"lowercase"`
mac_filter string	Mac filter. Choices: `"disable"` `"enable"`
mac_filter_policy_other string	Mac filter policy other. Choices: `"deny"` `"allow"`
mac_password_delimiter string	MAC authentication password delimiter Choices: `"hyphen"` `"single-hyphen"` `"colon"` `"none"`
mac_username_delimiter string	MAC authentication username delimiter Choices: `"hyphen"` `"single-hyphen"` `"colon"` `"none"`
max_clients integer	Max clients.
max_clients_ap integer	Max clients ap.
mbo string	Enable/disable Multiband Operation Choices: `"disable"` `"enable"`
mbo_cell_data_conn_pref string	MBO cell data connection preference Choices: `"excluded"` `"prefer-not"` `"prefer-use"`
me_disable_thresh integer	Me disable thresh.
mesh_backhaul string	Mesh backhaul. Choices: `"disable"` `"enable"`
mpsk string	Mpsk. Choices: `"disable"` `"enable"`
mpsk_concurrent_clients integer	Mpsk concurrent clients.
mpsk_profile string	Mpsk profile.
mu_mimo string	Mu mimo. Choices: `"disable"` `"enable"`
multicast_enhance string	Multicast enhance. Choices: `"disable"` `"enable"`
multicast_rate string	Multicast rate. Choices: `"0"` `"6000"` `"12000"` `"24000"`
nac string	Enable/disable network access control. Choices: `"disable"` `"enable"`
nac_profile string	NAC profile name.
nas_filter_rule string	Enable/disable NAS filter rule support Choices: `"disable"` `"enable"`
neighbor_report_dual_band string	Enable/disable dual-band neighbor report Choices: `"disable"` `"enable"`
okc string	Okc. Choices: `"disable"` `"enable"`
osen string	Enable/disable OSEN as part of key management Choices: `"disable"` `"enable"`
owe_groups list / elements=string	Owe groups. Choices: `"19"` `"20"` `"21"`
owe_transition string	Owe transition. Choices: `"disable"` `"enable"`
owe_transition_ssid string	Owe transition ssid.
passphrase any	(list) Passphrase.
pmf string	Pmf. Choices: `"disable"` `"enable"` `"optional"`
pmf_assoc_comeback_timeout integer	Pmf assoc comeback timeout.
pmf_sa_query_retry_timeout integer	Pmf sa query retry timeout.
port_macauth string	Enable/disable LAN port MAC authentication Choices: `"disable"` `"radius"` `"address-group"`
port_macauth_reauth_timeout integer	LAN port MAC authentication re-authentication timeout value
port_macauth_timeout integer	LAN port MAC authentication idle timeout value
portal_message_override_group string	Portal message override group.
portal_type string	Portal type. Choices: `"auth"` `"auth+disclaimer"` `"disclaimer"` `"email-collect"` `"cmcc"` `"cmcc-macauth"` `"auth-mac"` `"external-auth"` `"external-macauth"`
primary_wag_profile string	Primary wag profile.
probe_resp_suppression string	Probe resp suppression. Choices: `"disable"` `"enable"`
probe_resp_threshold string	Probe resp threshold.
ptk_rekey string	Ptk rekey. Choices: `"disable"` `"enable"`
ptk_rekey_intv integer	Ptk rekey intv.
qos_profile string	Qos profile.
quarantine string	Quarantine. Choices: `"disable"` `"enable"`
radio_2g_threshold string	Radio 2g threshold.
radio_5g_threshold string	Radio 5g threshold.
radio_sensitivity string	Radio sensitivity. Choices: `"disable"` `"enable"`
radius_mac_auth string	Radius mac auth. Choices: `"disable"` `"enable"`
radius_mac_auth_block_interval integer	Dont send RADIUS MAC auth request again if the client has been rejected within specific interval
radius_mac_auth_server string	Radius mac auth server.
radius_mac_auth_usergroups any	(list) Radius mac auth usergroups.
radius_mac_mpsk_auth string	Enable/disable RADIUS-based MAC authentication of clients for MPSK authentication Choices: `"disable"` `"enable"`
radius_mac_mpsk_timeout integer	RADIUS MAC MPSK cache timeout interval
radius_server string	Radius server.
rates_11a list / elements=string	Rates 11a. Choices: `"1"` `"1-basic"` `"2"` `"2-basic"` `"5.5"` `"5.5-basic"` `"6"` `"6-basic"` `"9"` `"9-basic"` `"12"` `"12-basic"` `"18"` `"18-basic"` `"24"` `"24-basic"` `"36"` `"36-basic"` `"48"` `"48-basic"` `"54"` `"54-basic"` `"11"` `"11-basic"`
rates_11ac_mcs_map string	Comma separated list of max supported VHT MCS for spatial streams 1 through 8.
rates_11ac_ss12 list / elements=string	Rates 11ac ss12. Choices: `"mcs0/1"` `"mcs1/1"` `"mcs2/1"` `"mcs3/1"` `"mcs4/1"` `"mcs5/1"` `"mcs6/1"` `"mcs7/1"` `"mcs8/1"` `"mcs9/1"` `"mcs0/2"` `"mcs1/2"` `"mcs2/2"` `"mcs3/2"` `"mcs4/2"` `"mcs5/2"` `"mcs6/2"` `"mcs7/2"` `"mcs8/2"` `"mcs9/2"` `"mcs10/1"` `"mcs11/1"` `"mcs10/2"` `"mcs11/2"`
rates_11ac_ss34 list / elements=string	Rates 11ac ss34. Choices: `"mcs0/3"` `"mcs1/3"` `"mcs2/3"` `"mcs3/3"` `"mcs4/3"` `"mcs5/3"` `"mcs6/3"` `"mcs7/3"` `"mcs8/3"` `"mcs9/3"` `"mcs0/4"` `"mcs1/4"` `"mcs2/4"` `"mcs3/4"` `"mcs4/4"` `"mcs5/4"` `"mcs6/4"` `"mcs7/4"` `"mcs8/4"` `"mcs9/4"` `"mcs10/3"` `"mcs11/3"` `"mcs10/4"` `"mcs11/4"`
rates_11ax_mcs_map string	Comma separated list of max supported HE MCS for spatial streams 1 through 8.
rates_11ax_ss12 list / elements=string	Allowed data rates for 802. Choices: `"mcs0/1"` `"mcs1/1"` `"mcs2/1"` `"mcs3/1"` `"mcs4/1"` `"mcs5/1"` `"mcs6/1"` `"mcs7/1"` `"mcs8/1"` `"mcs9/1"` `"mcs10/1"` `"mcs11/1"` `"mcs0/2"` `"mcs1/2"` `"mcs2/2"` `"mcs3/2"` `"mcs4/2"` `"mcs5/2"` `"mcs6/2"` `"mcs7/2"` `"mcs8/2"` `"mcs9/2"` `"mcs10/2"` `"mcs11/2"`
rates_11ax_ss34 list / elements=string	Allowed data rates for 802. Choices: `"mcs0/3"` `"mcs1/3"` `"mcs2/3"` `"mcs3/3"` `"mcs4/3"` `"mcs5/3"` `"mcs6/3"` `"mcs7/3"` `"mcs8/3"` `"mcs9/3"` `"mcs10/3"` `"mcs11/3"` `"mcs0/4"` `"mcs1/4"` `"mcs2/4"` `"mcs3/4"` `"mcs4/4"` `"mcs5/4"` `"mcs6/4"` `"mcs7/4"` `"mcs8/4"` `"mcs9/4"` `"mcs10/4"` `"mcs11/4"`
rates_11be_mcs_map string	Comma separated list of max nss that supports EHT-MCS 0-9, 10-11, 12-13 for 20MHz/40MHz/80MHz bandwidth.
rates_11be_mcs_map_160 string	Comma separated list of max nss that supports EHT-MCS 0-9, 10-11, 12-13 for 160MHz bandwidth.
rates_11be_mcs_map_320 string	Comma separated list of max nss that supports EHT-MCS 0-9, 10-11, 12-13 for 320MHz bandwidth.
rates_11bg list / elements=string	Rates 11bg. Choices: `"1"` `"1-basic"` `"2"` `"2-basic"` `"5.5"` `"5.5-basic"` `"6"` `"6-basic"` `"9"` `"9-basic"` `"12"` `"12-basic"` `"18"` `"18-basic"` `"24"` `"24-basic"` `"36"` `"36-basic"` `"48"` `"48-basic"` `"54"` `"54-basic"` `"11"` `"11-basic"`
rates_11n_ss12 list / elements=string	Rates 11n ss12. Choices: `"mcs0/1"` `"mcs1/1"` `"mcs2/1"` `"mcs3/1"` `"mcs4/1"` `"mcs5/1"` `"mcs6/1"` `"mcs7/1"` `"mcs8/2"` `"mcs9/2"` `"mcs10/2"` `"mcs11/2"` `"mcs12/2"` `"mcs13/2"` `"mcs14/2"` `"mcs15/2"`
rates_11n_ss34 list / elements=string	Rates 11n ss34. Choices: `"mcs16/3"` `"mcs17/3"` `"mcs18/3"` `"mcs19/3"` `"mcs20/3"` `"mcs21/3"` `"mcs22/3"` `"mcs23/3"` `"mcs24/4"` `"mcs25/4"` `"mcs26/4"` `"mcs27/4"` `"mcs28/4"` `"mcs29/4"` `"mcs30/4"` `"mcs31/4"`
roaming_acct_interim_update string	Enable/disable using accounting interim update instead of accounting start/stop on roaming for WPA-Enterprise security. Choices: `"disable"` `"enable"`
sae_groups list / elements=string	Sae groups. Choices: `"1"` `"2"` `"5"` `"14"` `"15"` `"16"` `"17"` `"18"` `"19"` `"20"` `"21"` `"27"` `"28"` `"29"` `"30"` `"31"`
sae_h2e_only string	Use hash-to-element-only mechanism for PWE derivation Choices: `"disable"` `"enable"`
sae_hnp_only string	Use hunting-and-pecking-only mechanism for PWE derivation Choices: `"disable"` `"enable"`
sae_password any	(list) Sae password.
sae_pk string	Enable/disable WPA3 SAE-PK Choices: `"disable"` `"enable"`
sae_private_key string	Private key used for WPA3 SAE-PK authentication.
scan_botnet_connections string	Block or monitor connections to Botnet servers or disable Botnet scanning. Choices: `"disable"` `"block"` `"monitor"`
schedule any	(list or str) Schedule.
secondary_wag_profile string	Secondary wag profile.
security string	Security. Choices: `"None"` `"WEP64"` `"wep64"` `"WEP128"` `"wep128"` `"WPA_PSK"` `"WPA_RADIUS"` `"WPA"` `"WPA2"` `"WPA2_AUTO"` `"open"` `"wpa-personal"` `"wpa-enterprise"` `"captive-portal"` `"wpa-only-personal"` `"wpa-only-enterprise"` `"wpa2-only-personal"` `"wpa2-only-enterprise"` `"wpa-personal+captive-portal"` `"wpa-only-personal+captive-portal"` `"wpa2-only-personal+captive-portal"` `"osen"` `"wpa3-enterprise"` `"sae"` `"sae-transition"` `"owe"` `"wpa3-sae"` `"wpa3-sae-transition"` `"wpa3-only-enterprise"` `"wpa3-enterprise-transition"`
security_exempt_list string	Security exempt list.
security_obsolete_option string	Security obsolete option. Choices: `"disable"` `"enable"`
security_redirect_url string	Security redirect url.
selected_usergroups any	(list or str) Selected usergroups.
split_tunneling string	Split tunneling. Choices: `"disable"` `"enable"`
ssid string	Ssid.
sticky_client_remove string	Sticky client remove. Choices: `"disable"` `"enable"`
sticky_client_threshold_2g string	Sticky client threshold 2g.
sticky_client_threshold_5g string	Sticky client threshold 5g.
sticky_client_threshold_6g string	Minimum signal level/threshold in dBm required for the 6G client to be serviced by the AP
target_wake_time string	Target wake time. Choices: `"disable"` `"enable"`
tkip_counter_measure string	Tkip counter measure. Choices: `"disable"` `"enable"`
tunnel_echo_interval integer	Tunnel echo interval.
tunnel_fallback_interval integer	Tunnel fallback interval.
usergroup any	(list or str) Usergroup.
utm_log string	Enable/disable UTM logging. Choices: `"disable"` `"enable"`
utm_profile string	Utm profile.
utm_status string	Enable to add one or more security profiles Choices: `"disable"` `"enable"`
vdom any	(list or str) Vdom.
vlan_auto string	Vlan auto. Choices: `"disable"` `"enable"`
vlan_pooling string	Vlan pooling. Choices: `"wtp-group"` `"round-robin"` `"hash"` `"disable"`
vlanid integer	Vlanid.
voice_enterprise string	Voice enterprise. Choices: `"disable"` `"enable"`
webfilter_profile string	WebFilter profile name.
workspace_locking_adom string	The adom to lock for FortiManager running in workspace mode, the value can be global and others including root.
workspace_locking_timeout integer	The maximum time in seconds to wait for other user to release the workspace lock. Default: `300`

Notes 

Note

Starting in version 2.4.0, all input arguments are named using the underscore naming convention (snake_case). Please change the arguments such as “var-name” to “var_name”. Old argument names are still available yet you will receive deprecation warnings. You can ignore this warning by setting deprecation_warnings=False in ansible.cfg.
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state present directive.
To delete an object, use state absent directive.
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples 

- name: Example playbook (generated based on argument schema)
  hosts: fortimanagers
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Configure Virtual Access Points
      fortinet.fortimanager.fmgr_vap_dynamicmapping:
        # bypass_validation: false
        workspace_locking_adom: <value in [global, custom adom including root]>
        workspace_locking_timeout: 300
        # rc_succeeded: [0, -2, -3, ...]
        # rc_failed: [-2, -3, ...]
        adom: <your own value>
        vap: <your own value>
        state: present # <value in [present, absent]>
        vap_dynamicmapping:
          _centmgmt: <value in [disable, enable]>
          _dhcp_svr_id: <string>
          _intf_allowaccess:
            - "https"
            - "ping"
            - "ssh"
            - "snmp"
            - "http"
            - "telnet"
            - "fgfm"
            - "auto-ipsec"
            - "radius-acct"
            - "probe-response"
            - "capwap"
            - "dnp"
            - "ftm"
            - "fabric"
            - "speed-test"
          _intf_device_identification: <value in [disable, enable]>
          _intf_device_netscan: <value in [disable, enable]>
          _intf_dhcp_relay_ip: <list or string>
          _intf_dhcp_relay_service: <value in [disable, enable]>
          _intf_dhcp_relay_type: <value in [regular, ipsec]>
          _intf_dhcp6_relay_ip: <string>
          _intf_dhcp6_relay_service: <value in [disable, enable]>
          _intf_dhcp6_relay_type: <value in [regular]>
          _intf_ip: <string>
          _intf_ip6_address: <string>
          _intf_ip6_allowaccess:
            - "https"
            - "ping"
            - "ssh"
            - "snmp"
            - "http"
            - "telnet"
            - "any"
            - "fgfm"
            - "capwap"
          _intf_listen_forticlient_connection: <value in [disable, enable]>
          _scope:
            -
              name: <string>
              vdom: <string>
          acct_interim_interval: <integer>
          address_group: <string>
          alias: <string>
          atf_weight: <integer>
          auth: <value in [PSK, psk, RADIUS, ...]>
          broadcast_ssid: <value in [disable, enable]>
          broadcast_suppression:
            - "dhcp"
            - "arp"
            - "dhcp2"
            - "arp2"
            - "netbios-ns"
            - "netbios-ds"
            - "arp3"
            - "dhcp-up"
            - "dhcp-down"
            - "arp-known"
            - "arp-unknown"
            - "arp-reply"
            - "ipv6"
            - "dhcp-starvation"
            - "arp-poison"
            - "all-other-mc"
            - "all-other-bc"
            - "arp-proxy"
            - "dhcp-ucast"
          captive_portal_ac_name: <string>
          captive_portal_macauth_radius_secret: <list or string>
          captive_portal_macauth_radius_server: <string>
          captive_portal_radius_secret: <list or string>
          captive_portal_radius_server: <string>
          captive_portal_session_timeout_interval: <integer>
          client_count: <integer>
          dhcp_lease_time: <integer>
          dhcp_option82_circuit_id_insertion: <value in [disable, style-1, style-2, ...]>
          dhcp_option82_insertion: <value in [disable, enable]>
          dhcp_option82_remote_id_insertion: <value in [disable, style-1]>
          dynamic_vlan: <value in [disable, enable]>
          eap_reauth: <value in [disable, enable]>
          eap_reauth_intv: <integer>
          eapol_key_retries: <value in [disable, enable]>
          encrypt: <value in [TKIP, AES, TKIP-AES]>
          external_fast_roaming: <value in [disable, enable]>
          external_logout: <string>
          external_web: <string>
          fast_bss_transition: <value in [disable, enable]>
          fast_roaming: <value in [disable, enable]>
          ft_mobility_domain: <integer>
          ft_over_ds: <value in [disable, enable]>
          ft_r0_key_lifetime: <integer>
          gtk_rekey: <value in [disable, enable]>
          gtk_rekey_intv: <integer>
          hotspot20_profile: <string>
          intra_vap_privacy: <value in [disable, enable]>
          ip: <string>
          key: <list or string>
          keyindex: <integer>
          ldpc: <value in [disable, tx, rx, ...]>
          local_authentication: <value in [disable, enable]>
          local_bridging: <value in [disable, enable]>
          local_lan: <value in [deny, allow]>
          local_standalone: <value in [disable, enable]>
          local_standalone_nat: <value in [disable, enable]>
          local_switching: <value in [disable, enable]>
          mac_auth_bypass: <value in [disable, enable]>
          mac_filter: <value in [disable, enable]>
          mac_filter_policy_other: <value in [deny, allow]>
          max_clients: <integer>
          max_clients_ap: <integer>
          me_disable_thresh: <integer>
          mesh_backhaul: <value in [disable, enable]>
          mpsk: <value in [disable, enable]>
          mpsk_concurrent_clients: <integer>
          multicast_enhance: <value in [disable, enable]>
          multicast_rate: <value in [0, 6000, 12000, ...]>
          okc: <value in [disable, enable]>
          owe_groups:
            - "19"
            - "20"
            - "21"
          owe_transition: <value in [disable, enable]>
          owe_transition_ssid: <string>
          passphrase: <list or string>
          pmf: <value in [disable, enable, optional]>
          pmf_assoc_comeback_timeout: <integer>
          pmf_sa_query_retry_timeout: <integer>
          portal_message_override_group: <string>
          portal_type: <value in [auth, auth+disclaimer, disclaimer, ...]>
          probe_resp_suppression: <value in [disable, enable]>
          probe_resp_threshold: <string>
          ptk_rekey: <value in [disable, enable]>
          ptk_rekey_intv: <integer>
          qos_profile: <string>
          quarantine: <value in [disable, enable]>
          radio_2g_threshold: <string>
          radio_5g_threshold: <string>
          radio_sensitivity: <value in [disable, enable]>
          radius_mac_auth: <value in [disable, enable]>
          radius_mac_auth_server: <string>
          radius_mac_auth_usergroups: <list or string>
          radius_server: <string>
          rates_11a:
            - "1"
            - "1-basic"
            - "2"
            - "2-basic"
            - "5.5"
            - "5.5-basic"
            - "6"
            - "6-basic"
            - "9"
            - "9-basic"
            - "12"
            - "12-basic"
            - "18"
            - "18-basic"
            - "24"
            - "24-basic"
            - "36"
            - "36-basic"
            - "48"
            - "48-basic"
            - "54"
            - "54-basic"
            - "11"
            - "11-basic"
          rates_11ac_ss12:
            - "mcs0/1"
            - "mcs1/1"
            - "mcs2/1"
            - "mcs3/1"
            - "mcs4/1"
            - "mcs5/1"
            - "mcs6/1"
            - "mcs7/1"
            - "mcs8/1"
            - "mcs9/1"
            - "mcs0/2"
            - "mcs1/2"
            - "mcs2/2"
            - "mcs3/2"
            - "mcs4/2"
            - "mcs5/2"
            - "mcs6/2"
            - "mcs7/2"
            - "mcs8/2"
            - "mcs9/2"
            - "mcs10/1"
            - "mcs11/1"
            - "mcs10/2"
            - "mcs11/2"
          rates_11ac_ss34:
            - "mcs0/3"
            - "mcs1/3"
            - "mcs2/3"
            - "mcs3/3"
            - "mcs4/3"
            - "mcs5/3"
            - "mcs6/3"
            - "mcs7/3"
            - "mcs8/3"
            - "mcs9/3"
            - "mcs0/4"
            - "mcs1/4"
            - "mcs2/4"
            - "mcs3/4"
            - "mcs4/4"
            - "mcs5/4"
            - "mcs6/4"
            - "mcs7/4"
            - "mcs8/4"
            - "mcs9/4"
            - "mcs10/3"
            - "mcs11/3"
            - "mcs10/4"
            - "mcs11/4"
          rates_11bg:
            - "1"
            - "1-basic"
            - "2"
            - "2-basic"
            - "5.5"
            - "5.5-basic"
            - "6"
            - "6-basic"
            - "9"
            - "9-basic"
            - "12"
            - "12-basic"
            - "18"
            - "18-basic"
            - "24"
            - "24-basic"
            - "36"
            - "36-basic"
            - "48"
            - "48-basic"
            - "54"
            - "54-basic"
            - "11"
            - "11-basic"
          rates_11n_ss12:
            - "mcs0/1"
            - "mcs1/1"
            - "mcs2/1"
            - "mcs3/1"
            - "mcs4/1"
            - "mcs5/1"
            - "mcs6/1"
            - "mcs7/1"
            - "mcs8/2"
            - "mcs9/2"
            - "mcs10/2"
            - "mcs11/2"
            - "mcs12/2"
            - "mcs13/2"
            - "mcs14/2"
            - "mcs15/2"
          rates_11n_ss34:
            - "mcs16/3"
            - "mcs17/3"
            - "mcs18/3"
            - "mcs19/3"
            - "mcs20/3"
            - "mcs21/3"
            - "mcs22/3"
            - "mcs23/3"
            - "mcs24/4"
            - "mcs25/4"
            - "mcs26/4"
            - "mcs27/4"
            - "mcs28/4"
            - "mcs29/4"
            - "mcs30/4"
            - "mcs31/4"
          sae_groups:
            - "1"
            - "2"
            - "5"
            - "14"
            - "15"
            - "16"
            - "17"
            - "18"
            - "19"
            - "20"
            - "21"
            - "27"
            - "28"
            - "29"
            - "30"
            - "31"
          sae_password: <list or string>
          schedule: <list or string>
          security: <value in [None, WEP64, wep64, ...]>
          security_exempt_list: <string>
          security_obsolete_option: <value in [disable, enable]>
          security_redirect_url: <string>
          selected_usergroups: <list or string>
          split_tunneling: <value in [disable, enable]>
          ssid: <string>
          tkip_counter_measure: <value in [disable, enable]>
          usergroup: <list or string>
          utm_profile: <string>
          vdom: <list or string>
          vlan_auto: <value in [disable, enable]>
          vlan_pooling: <value in [wtp-group, round-robin, hash, ...]>
          vlanid: <integer>
          voice_enterprise: <value in [disable, enable]>
          mu_mimo: <value in [disable, enable]>
          _intf_device_access_list: <string>
          external_web_format: <value in [auto-detect, no-query-string, partial-query-string]>
          high_efficiency: <value in [disable, enable]>
          primary_wag_profile: <string>
          secondary_wag_profile: <string>
          target_wake_time: <value in [disable, enable]>
          tunnel_echo_interval: <integer>
          tunnel_fallback_interval: <integer>
          access_control_list: <string>
          captive_portal_auth_timeout: <integer>
          ipv6_rules:
            - "drop-icmp6ra"
            - "drop-icmp6rs"
            - "drop-llmnr6"
            - "drop-icmp6mld2"
            - "drop-dhcp6s"
            - "drop-dhcp6c"
            - "ndp-proxy"
            - "drop-ns-dad"
            - "drop-ns-nondad"
          sticky_client_remove: <value in [disable, enable]>
          sticky_client_threshold_2g: <string>
          sticky_client_threshold_5g: <string>
          bss_color_partial: <value in [disable, enable]>
          dhcp_option43_insertion: <value in [disable, enable]>
          mpsk_profile: <string>
          igmp_snooping: <value in [disable, enable]>
          port_macauth: <value in [disable, radius, address-group]>
          port_macauth_reauth_timeout: <integer>
          port_macauth_timeout: <integer>
          additional_akms:
            - "akm6"
            - "akm24"
          bstm_disassociation_imminent: <value in [disable, enable]>
          bstm_load_balancing_disassoc_timer: <integer>
          bstm_rssi_disassoc_timer: <integer>
          dhcp_address_enforcement: <value in [disable, enable]>
          gas_comeback_delay: <integer>
          gas_fragmentation_limit: <integer>
          mac_called_station_delimiter: <value in [hyphen, single-hyphen, colon, ...]>
          mac_calling_station_delimiter: <value in [hyphen, single-hyphen, colon, ...]>
          mac_case: <value in [uppercase, lowercase]>
          mac_password_delimiter: <value in [hyphen, single-hyphen, colon, ...]>
          mac_username_delimiter: <value in [hyphen, single-hyphen, colon, ...]>
          mbo: <value in [disable, enable]>
          mbo_cell_data_conn_pref: <value in [excluded, prefer-not, prefer-use]>
          nac: <value in [disable, enable]>
          nac_profile: <string>
          neighbor_report_dual_band: <value in [disable, enable]>
          address_group_policy: <value in [disable, allow, deny]>
          antivirus_profile: <string>
          application_detection_engine: <value in [disable, enable]>
          application_list: <string>
          application_report_intv: <integer>
          auth_cert: <string>
          auth_portal_addr: <string>
          beacon_advertising:
            - "name"
            - "model"
            - "serial-number"
          ips_sensor: <string>
          l3_roaming: <value in [disable, enable]>
          local_standalone_dns: <value in [disable, enable]>
          local_standalone_dns_ip: <list or string>
          osen: <value in [disable, enable]>
          radius_mac_mpsk_auth: <value in [disable, enable]>
          radius_mac_mpsk_timeout: <integer>
          rates_11ax_ss12:
            - "mcs0/1"
            - "mcs1/1"
            - "mcs2/1"
            - "mcs3/1"
            - "mcs4/1"
            - "mcs5/1"
            - "mcs6/1"
            - "mcs7/1"
            - "mcs8/1"
            - "mcs9/1"
            - "mcs10/1"
            - "mcs11/1"
            - "mcs0/2"
            - "mcs1/2"
            - "mcs2/2"
            - "mcs3/2"
            - "mcs4/2"
            - "mcs5/2"
            - "mcs6/2"
            - "mcs7/2"
            - "mcs8/2"
            - "mcs9/2"
            - "mcs10/2"
            - "mcs11/2"
          rates_11ax_ss34:
            - "mcs0/3"
            - "mcs1/3"
            - "mcs2/3"
            - "mcs3/3"
            - "mcs4/3"
            - "mcs5/3"
            - "mcs6/3"
            - "mcs7/3"
            - "mcs8/3"
            - "mcs9/3"
            - "mcs10/3"
            - "mcs11/3"
            - "mcs0/4"
            - "mcs1/4"
            - "mcs2/4"
            - "mcs3/4"
            - "mcs4/4"
            - "mcs5/4"
            - "mcs6/4"
            - "mcs7/4"
            - "mcs8/4"
            - "mcs9/4"
            - "mcs10/4"
            - "mcs11/4"
          scan_botnet_connections: <value in [disable, block, monitor]>
          utm_log: <value in [disable, enable]>
          utm_status: <value in [disable, enable]>
          webfilter_profile: <string>
          sae_h2e_only: <value in [disable, enable]>
          sae_pk: <value in [disable, enable]>
          sae_private_key: <string>
          sticky_client_threshold_6g: <string>
          application_dscp_marking: <value in [disable, enable]>
          l3_roaming_mode: <value in [direct, indirect]>
          rates_11ac_mcs_map: <string>
          rates_11ax_mcs_map: <string>
          captive_portal_fw_accounting: <value in [disable, enable]>
          radius_mac_auth_block_interval: <integer>
          _is_factory_setting: <value in [disable, enable, ext]>
          d80211k: <value in [disable, enable]>
          d80211v: <value in [disable, enable]>
          roaming_acct_interim_update: <value in [disable, enable]>
          sae_hnp_only: <value in [disable, enable]>
          akm24_only: <value in [disable, enable]>
          beacon_protection: <value in [disable, enable]>
          captive_portal: <value in [disable, enable]>
          nas_filter_rule: <value in [disable, enable]>
          rates_11be_mcs_map: <string>
          rates_11be_mcs_map_160: <string>
          rates_11be_mcs_map_320: <string>
          _intf_ip_managed_by_fortiipam: <value in [disable, enable, inherit-global]>
          _intf_managed_subnetwork_size: <value in [32, 64, 128, ...]>
          domain_name_stripping: <value in [disable, enable]>
          local_lan_partition: <value in [disable, enable]>

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
meta dictionary	The result of the request. Returned: always
request_url string	The full url requested. Returned: always Sample: `"/sys/login/user"`
response_code integer	The status of api request. Returned: always Sample: `0`
response_data list / elements=string	The api response. Returned: always
response_message string	The descriptive message of the api response. Returned: always Sample: `"OK."`
system_information dictionary	The information of the target system. Returned: always
rc integer	The status the request. Returned: always Sample: `0`
version_check_warning list / elements=string	Warning if the parameters used in the playbook are not supported by the current FortiManager version. Returned: complex

Authors

Xinwei Du (@dux-fortinet)
Xing Li (@lix-fortinet)
Jie Xue (@JieX19)
Link Zheng (@chillancezen)
Frank Shen (@fshen01)
Hongbin Lu (@fgtdev-hblu)

fortinet.fortimanager.fmgr_vap_dynamicmapping module – Configure Virtual Access Points

Synopsis

Parameters

Notes

Examples

Return Values