fortinet.fortios.fortios_wireless_controller_wtp_profile – Configure WTP profiles or FortiAP profiles that define radio settings for manageable FortiAP platforms in Fortinet’s FortiOS and FortiGate.

Note

This plugin is part of the fortinet.fortios collection (version 2.1.2).

To install it use: ansible-galaxy collection install fortinet.fortios.

To use it in a playbook, specify: fortinet.fortios.fortios_wireless_controller_wtp_profile.

New in version 2.10: of fortinet.fortios

Synopsis

  • This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify wireless_controller feature and wtp_profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.9.0

Parameters

Parameter Choices/Defaults Comments
access_token
string
Token-based authentication. Generated from GUI of Fortigate.
enable_log
boolean
    Choices:
  • no ←
  • yes
Enable/Disable logging for task.
state
string / required
    Choices:
  • present
  • absent
Indicates whether to create or remove the object.
vdom
string
Default:
"root"
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
wireless_controller_wtp_profile
dictionary
Configure WTP profiles or FortiAP profiles that define radio settings for manageable FortiAP platforms.
allowaccess
list / elements=string
    Choices:
  • telnet
  • http
  • https
  • ssh
  • snmp
Control management access to the managed WTP, FortiAP, or AP. Separate entries with a space.
ap_country
string
    Choices:
  • NA
  • AL
  • DZ
  • AO
  • AR
  • AM
  • AU
  • AT
  • AZ
  • BH
  • BD
  • BB
  • BY
  • BE
  • BZ
  • BO
  • BA
  • BR
  • BN
  • BG
  • KH
  • CL
  • CN
  • CO
  • CR
  • HR
  • CY
  • CZ
  • DK
  • DO
  • EC
  • EG
  • SV
  • EE
  • FI
  • FR
  • GE
  • DE
  • GR
  • GL
  • GD
  • GU
  • GT
  • HT
  • HN
  • HK
  • HU
  • IS
  • IN
  • ID
  • IR
  • IE
  • IL
  • IT
  • JM
  • JO
  • KZ
  • KE
  • KP
  • KR
  • KW
  • LV
  • LB
  • LI
  • LT
  • LU
  • MO
  • MK
  • MY
  • MT
  • MX
  • MC
  • MA
  • MZ
  • MM
  • NP
  • NL
  • AN
  • AW
  • NZ
  • False
  • OM
  • PK
  • PA
  • PG
  • PY
  • PE
  • PH
  • PL
  • PT
  • PR
  • QA
  • RO
  • RU
  • RW
  • SA
  • RS
  • ME
  • SG
  • SK
  • SI
  • ZA
  • ES
  • LK
  • SE
  • SD
  • CH
  • SY
  • TW
  • TZ
  • TH
  • TT
  • TN
  • TR
  • AE
  • UA
  • GB
  • US
  • PS
  • UY
  • UZ
  • VE
  • VN
  • YE
  • ZB
  • ZW
  • JP
  • CA
  • CF
  • BS
  • BF
  • KY
  • CX
  • GH
  • GY
  • CI
  • MW
  • MV
  • FM
  • KN
  • LC
  • VC
  • SN
  • TM
  • TC
  • UG
  • VU
  • AF
  • AS
  • BJ
  • BM
  • BT
  • BW
  • CM
  • TD
  • CG
  • CD
  • DM
  • ET
  • GF
  • PF
  • FO
  • FJ
  • GI
  • GP
  • IQ
  • IM
  • LA
  • LS
  • LY
  • MG
  • ML
  • MH
  • MQ
  • MR
  • MU
  • YT
  • MD
  • NI
  • NE
  • MP
  • PW
  • RE
  • BL
  • MF
  • PM
  • SL
  • SR
  • TG
  • VI
  • WF
  • ZM
Country in which this WTP, FortiAP or AP will operate .
ap_handoff
string
    Choices:
  • enable
  • disable
Enable/disable AP handoff of clients to other APs .
apcfg_profile
string
AP local configuration profile name. Source wireless-controller.apcfg-profile.name.
ble_profile
string
Bluetooth Low Energy profile name. Source wireless-controller.ble-profile.name.
comment
string
Comment.
control_message_offload
list / elements=string
    Choices:
  • ebp-frame
  • aeroscout-tag
  • ap-list
  • sta-list
  • sta-cap-list
  • stats
  • aeroscout-mu
  • sta-health
  • spectral-analysis
Enable/disable CAPWAP control message data channel offload.
deny_mac_list
list / elements=string
List of MAC addresses that are denied access to this WTP, FortiAP, or AP.
id
integer / required
ID.
mac
string
A WiFi device with this MAC address is denied access to this WTP, FortiAP or AP.
dtls_in_kernel
string
    Choices:
  • enable
  • disable
Enable/disable data channel DTLS in kernel.
dtls_policy
list / elements=string
    Choices:
  • clear-text
  • dtls-enabled
  • ipsec-vpn
WTP data channel DTLS policy .
energy_efficient_ethernet
string
    Choices:
  • enable
  • disable
Enable/disable use of energy efficient Ethernet on WTP.
ext_info_enable
string
    Choices:
  • enable
  • disable
Enable/disable station/VAP/radio extension information.
frequency_handoff
string
    Choices:
  • enable
  • disable
Enable/disable frequency handoff of clients to other channels .
handoff_roaming
string
    Choices:
  • enable
  • disable
Enable/disable client load balancing during roaming to avoid roaming delay .
handoff_rssi
integer
Minimum received signal strength indicator (RSSI) value for handoff (20 - 30).
handoff_sta_thresh
integer
Threshold value for AP handoff.
ip_fragment_preventing
list / elements=string
    Choices:
  • tcp-mss-adjust
  • icmp-unreachable
Select how to prevent IP fragmentation for CAPWAP tunneled control and data packets .
lan
dictionary
WTP LAN port mapping.
port1_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port 1 mode.
port1_ssid
string
Bridge LAN port 1 to SSID. Source wireless-controller.vap.name.
port2_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port 2 mode.
port2_ssid
string
Bridge LAN port 2 to SSID. Source wireless-controller.vap.name.
port3_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port 3 mode.
port3_ssid
string
Bridge LAN port 3 to SSID. Source wireless-controller.vap.name.
port4_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port 4 mode.
port4_ssid
string
Bridge LAN port 4 to SSID. Source wireless-controller.vap.name.
port5_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port 5 mode.
port5_ssid
string
Bridge LAN port 5 to SSID. Source wireless-controller.vap.name.
port6_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port 6 mode.
port6_ssid
string
Bridge LAN port 6 to SSID. Source wireless-controller.vap.name.
port7_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port 7 mode.
port7_ssid
string
Bridge LAN port 7 to SSID. Source wireless-controller.vap.name.
port8_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port 8 mode.
port8_ssid
string
Bridge LAN port 8 to SSID. Source wireless-controller.vap.name.
port_esl_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
ESL port mode.
port_esl_ssid
string
Bridge ESL port to SSID. Source system.interface.name.
port_mode
string
    Choices:
  • offline
  • nat-to-wan
  • bridge-to-wan
  • bridge-to-ssid
LAN port mode.
port_ssid
string
Bridge LAN port to SSID. Source wireless-controller.vap.name.
lbs
dictionary
Set various location based service (LBS) options.
aeroscout
string
    Choices:
  • enable
  • disable
Enable/disable AeroScout Real Time Location Service (RTLS) support .
aeroscout_ap_mac
string
    Choices:
  • bssid
  • board-mac
Use BSSID or board MAC address as AP MAC address in AeroScout AP messages .
aeroscout_mmu_report
string
    Choices:
  • enable
  • disable
Enable/disable compounded AeroScout tag and MU report .
aeroscout_mu
string
    Choices:
  • enable
  • disable
Enable/disable AeroScout Mobile Unit (MU) support .
aeroscout_mu_factor
integer
AeroScout MU mode dilution factor .
aeroscout_mu_timeout
integer
AeroScout MU mode timeout (0 - 65535 sec).
aeroscout_server_ip
string
IP address of AeroScout server.
aeroscout_server_port
integer
AeroScout server UDP listening port.
ekahau_blink_mode
string
    Choices:
  • enable
  • disable
Enable/disable Ekahau blink mode (now known as AiRISTA Flow) to track and locate WiFi tags .
ekahau_tag
string
WiFi frame MAC address or WiFi Tag.
erc_server_ip
string
IP address of Ekahau RTLS Controller (ERC).
erc_server_port
integer
Ekahau RTLS Controller (ERC) UDP listening port.
fortipresence
string
    Choices:
  • foreign
  • both
  • disable
Enable/disable FortiPresence to monitor the location and activity of WiFi clients even if they don"t connect to this WiFi network .
fortipresence_ble
string
    Choices:
  • enable
  • disable
Enable/disable FortiPresence finding and reporting BLE devices.
fortipresence_frequency
integer
FortiPresence report transmit frequency (5 - 65535 sec).
fortipresence_port
integer
FortiPresence server UDP listening port .
fortipresence_project
string
FortiPresence project name (max. 16 characters).
fortipresence_rogue
string
    Choices:
  • enable
  • disable
Enable/disable FortiPresence finding and reporting rogue APs.
fortipresence_secret
string
FortiPresence secret password (max. 16 characters).
fortipresence_server
string
FortiPresence server IP address.
fortipresence_unassoc
string
    Choices:
  • enable
  • disable
Enable/disable FortiPresence finding and reporting unassociated stations.
station_locate
string
    Choices:
  • enable
  • disable
Enable/disable client station locating services for all clients, whether associated or not .
led_schedules
list / elements=string
Recurring firewall schedules for illuminating LEDs on the FortiAP. If led-state is enabled, LEDs will be visible when at least one of the schedules is valid. Separate multiple schedule names with a space.
name
string / required
LED schedule name. Source firewall.schedule.group.name firewall.schedule.recurring.name.
led_state
string
    Choices:
  • enable
  • disable
Enable/disable use of LEDs on WTP .
lldp
string
    Choices:
  • enable
  • disable
Enable/disable Link Layer Discovery Protocol (LLDP) for the WTP, FortiAP, or AP .
login_passwd
string
Set the managed WTP, FortiAP, or AP"s administrator password.
login_passwd_change
string
    Choices:
  • True
  • default
  • False
Change or reset the administrator password of a managed WTP, FortiAP or AP (yes, default, or no).
max_clients
integer
Maximum number of stations (STAs) supported by the WTP .
name
string / required
WTP (or FortiAP or AP) profile name.
platform
dictionary
WTP, FortiAP, or AP platform.
ddscan
string
    Choices:
  • enable
  • disable
Enable/disable use of one radio for dedicated dual-band scanning to detect RF characterization and wireless threat management.
mode
string
    Choices:
  • single-5G
  • dual-5G
Configure operation mode of 5G radios .
type
string
    Choices:
  • AP-11N
  • 220B
  • 210B
  • 222B
  • 112B
  • 320B
  • 11C
  • 14C
  • 223B
  • 28C
  • 320C
  • 221C
  • 25D
  • 222C
  • 224D
  • 214B
  • 21D
  • 24D
  • 112D
  • 223C
  • 321C
  • C220C
  • C225C
  • C23JD
  • C24JE
  • S321C
  • S322C
  • S323C
  • S311C
  • S313C
  • S321CR
  • S322CR
  • S323CR
  • S421E
  • S422E
  • S423E
  • 421E
  • 423E
  • 221E
  • 222E
  • 223E
  • 224E
  • S221E
  • S223E
  • U421E
  • U422EV
  • U423E
  • U221EV
  • U223EV
  • U24JEV
  • U321EV
  • U323EV
  • 231E
  • 321E
  • 431F
  • 432F
  • 433F
  • 231F
  • 234F
  • 23JF
  • U431F
  • U433F
  • 831F
  • U231F
  • U234F
  • U432F
WTP, FortiAP or AP platform type. There are built-in WTP profiles for all supported FortiAP models. You can select a built-in profile and customize it or create a new profile.
poe_mode
string
    Choices:
  • auto
  • 8023af
  • 8023at
  • power-adapter
  • full
  • high
  • low
Set the WTP, FortiAP, or AP"s PoE mode.
radio_1
dictionary
Configuration options for radio 1.
airtime_fairness
string
    Choices:
  • enable
  • disable
Enable/disable airtime fairness .
amsdu
string
    Choices:
  • enable
  • disable
Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported by your WiFi clients .
ap_handoff
string
    Choices:
  • enable
  • disable
Enable/disable AP handoff of clients to other APs .
ap_sniffer_addr
string
MAC address to monitor.
ap_sniffer_bufsize
integer
Sniffer buffer size (1 - 32 MB).
ap_sniffer_chan
integer
Channel on which to operate the sniffer .
ap_sniffer_ctl
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi control frame .
ap_sniffer_data
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi data frame .
ap_sniffer_mgmt_beacon
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management Beacon frames .
ap_sniffer_mgmt_other
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management other frames .
ap_sniffer_mgmt_probe
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management probe frames .
auto_power_high
integer
Automatic transmit power high limit in dBm (the actual range of transmit power depends on the AP platform type).
auto_power_level
string
    Choices:
  • enable
  • disable
Enable/disable automatic power-level adjustment to prevent co-channel interference .
auto_power_low
integer
Automatic transmission power low limit in dBm (the actual range of transmit power depends on the AP platform type).
auto_power_target
string
The target of automatic transmit power adjustment in dBm. (-95 to -20).
band
string
    Choices:
  • 802.11a
  • 802.11b
  • 802.11g
  • 802.11n
  • 802.11n-5G
  • 802.11ac
  • 802.11n,g-only
  • 802.11g-only
  • 802.11n-only
  • 802.11n-5G-only
  • 802.11ac,n-only
  • 802.11ac-only
  • 802.11ax-5G
  • 802.11ax
  • 802.11ax,ac-only
  • 802.11ax,ac,n-only
  • 802.11ax-5G-only
  • 802.11ax,n-only
  • 802.11ax,n,g-only
  • 802.11ax-only
  • 802.11ac-2G
WiFi band that Radio 1 operates on.
band_5g_type
string
    Choices:
  • 5g-full
  • 5g-high
  • 5g-low
WiFi 5G band type.
bandwidth_admission_control
string
    Choices:
  • enable
  • disable
Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize WiFi bandwidth use. A request to join the wireless network is only allowed if the access point has enough bandwidth to support it.
bandwidth_capacity
integer
Maximum bandwidth capacity allowed (1 - 600000 Kbps).
beacon_interval
integer
Beacon interval. The time between beacon frames in msec (the actual range of beacon interval depends on the AP platform type).
bss_color
integer
BSS color value for this 11ax radio (0 - 63, 0 means disable. ).
call_admission_control
string
    Choices:
  • enable
  • disable
Enable/disable WiFi multimedia (WMM) call admission control to optimize WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there is enough bandwidth available to support them.
call_capacity
integer
Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio (0 - 60).
channel
list / elements=string
Selected list of wireless radio channels.
chan
string / required
Channel number.
channel_bonding
string
    Choices:
  • 80MHz
  • 40MHz
  • 20MHz
  • 160MHz
Channel bandwidth: 80, 40, or 20MHz. Channels may use both 20 and 40 by enabling coexistence.
channel_utilization
string
    Choices:
  • enable
  • disable
Enable/disable measuring channel utilization.
coexistence
string
    Choices:
  • enable
  • disable
Enable/disable allowing both HT20 and HT40 on the same radio .
darrp
string
    Choices:
  • enable
  • disable
Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP) to make sure the radio is always using the most optimal channel .
drma
string
    Choices:
  • disable
  • enable
Enable/disable dynamic radio mode assignment (DRMA) .
drma_sensitivity
string
    Choices:
  • low
  • medium
  • high
Network Coverage Factor (NCF) percentage required to consider a radio as redundant .
dtim
integer
DTIM interval. The frequency to transmit Delivery Traffic Indication Message (or Map) (DTIM) messages (1 - 255). Set higher to save client battery life.
frag_threshold
integer
Maximum packet size that can be sent without fragmentation (800 - 2346 bytes).
frequency_handoff
string
    Choices:
  • enable
  • disable
Enable/disable frequency handoff of clients to other channels .
iperf_protocol
string
    Choices:
  • udp
  • tcp
Iperf test protocol .
iperf_server_port
integer
Iperf service port number.
max_clients
integer
Maximum number of stations (STAs) or WiFi clients supported by the radio. Range depends on the hardware.
max_distance
integer
Maximum expected distance between the AP and clients (0 - 54000 m).
mode
string
    Choices:
  • disabled
  • ap
  • monitor
  • sniffer
  • sam
Mode of radio 1. Radio 1 can be disabled, configured as an access point, a rogue AP monitor, or a sniffer.
power_level
integer
Radio power level as a percentage of the maximum transmit power (0 - 100).
power_mode
string
    Choices:
  • dBm
  • percentage
Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities.
power_value
integer
Radio EIRP power in dBm (1 - 33).
powersave_optimize
string
    Choices:
  • tim
  • ac-vo
  • no-obss-scan
  • no-11b-rate
  • client-rate-follow
Enable client power-saving features such as TIM, AC VO, and OBSS etc.
protection_mode
string
    Choices:
  • rtscts
  • ctsonly
  • disable
Enable/disable 802.11g protection modes to support backwards compatibility with older clients (rtscts, ctsonly, disable).
radio_id
integer
radio-id
rts_threshold
integer
Maximum packet size for RTS transmissions, specifying the maximum size of a data packet before RTS/CTS (256 - 2346 bytes).
sam_bssid
string
BSSID for WiFi network.
sam_captive_portal
string
    Choices:
  • enable
  • disable
Enable/disable Captive Portal Authentication .
sam_password
string
Passphrase for WiFi network connection.
sam_report_intv
integer
SAM report interval (sec), 0 for a one-time report.
sam_security_type
string
    Choices:
  • open
  • wpa-personal
  • wpa-enterprise
Select WiFi network security type .
sam_server
string
SAM test server IP address or domain name.
sam_ssid
string
SSID for WiFi network.
sam_test
string
    Choices:
  • ping
  • iperf
Select SAM test type .
sam_username
string
Username for WiFi network connection.
short_guard_interval
string
    Choices:
  • enable
  • disable
Use either the short guard interval (Short GI) of 400 ns or the long guard interval (Long GI) of 800 ns.
spectrum_analysis
string
    Choices:
  • enable
  • disable
  • scan-only
Enable/disable spectrum analysis to find interference that would negatively impact wireless performance.
transmit_optimize
string
    Choices:
  • disable
  • power-save
  • aggr-limit
  • retry-limit
  • send-bar
Packet transmission optimization options including power saving, aggregation limiting, retry limiting, etc. All are enabled by default.
vap_all
string
    Choices:
  • enable
  • disable
  • tunnel
  • bridge
  • manual
Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) .
vaps
list / elements=string
Manually selected list of Virtual Access Points (VAPs).
name
string / required
Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name wireless-controller.vap.name.
wids_profile
string
Wireless Intrusion Detection System (WIDS) profile name to assign to the radio. Source wireless-controller.wids-profile.name.
zero_wait_dfs
string
    Choices:
  • enable
  • disable
Enable/disable zero wait DFS on radio .
radio_2
dictionary
Configuration options for radio 2.
airtime_fairness
string
    Choices:
  • enable
  • disable
Enable/disable airtime fairness .
amsdu
string
    Choices:
  • enable
  • disable
Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported by your WiFi clients .
ap_handoff
string
    Choices:
  • enable
  • disable
Enable/disable AP handoff of clients to other APs .
ap_sniffer_addr
string
MAC address to monitor.
ap_sniffer_bufsize
integer
Sniffer buffer size (1 - 32 MB).
ap_sniffer_chan
integer
Channel on which to operate the sniffer .
ap_sniffer_ctl
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi control frame .
ap_sniffer_data
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi data frame .
ap_sniffer_mgmt_beacon
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management Beacon frames .
ap_sniffer_mgmt_other
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management other frames .
ap_sniffer_mgmt_probe
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management probe frames .
auto_power_high
integer
Automatic transmit power high limit in dBm (the actual range of transmit power depends on the AP platform type).
auto_power_level
string
    Choices:
  • enable
  • disable
Enable/disable automatic power-level adjustment to prevent co-channel interference .
auto_power_low
integer
Automatic transmission power low limit in dBm (the actual range of transmit power depends on the AP platform type).
auto_power_target
string
The target of automatic transmit power adjustment in dBm. (-95 to -20).
band
string
    Choices:
  • 802.11a
  • 802.11b
  • 802.11g
  • 802.11n
  • 802.11n-5G
  • 802.11ac
  • 802.11n,g-only
  • 802.11g-only
  • 802.11n-only
  • 802.11n-5G-only
  • 802.11ac,n-only
  • 802.11ac-only
  • 802.11ax-5G
  • 802.11ax
  • 802.11ax,ac-only
  • 802.11ax,ac,n-only
  • 802.11ax-5G-only
  • 802.11ax,n-only
  • 802.11ax,n,g-only
  • 802.11ax-only
  • 802.11ac-2G
WiFi band that Radio 2 operates on.
band_5g_type
string
    Choices:
  • 5g-full
  • 5g-high
  • 5g-low
WiFi 5G band type.
bandwidth_admission_control
string
    Choices:
  • enable
  • disable
Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize WiFi bandwidth use. A request to join the wireless network is only allowed if the access point has enough bandwidth to support it.
bandwidth_capacity
integer
Maximum bandwidth capacity allowed (1 - 600000 Kbps).
beacon_interval
integer
Beacon interval. The time between beacon frames in msec (the actual range of beacon interval depends on the AP platform type).
bss_color
integer
BSS color value for this 11ax radio (0 - 63, 0 means disable. ).
call_admission_control
string
    Choices:
  • enable
  • disable
Enable/disable WiFi multimedia (WMM) call admission control to optimize WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there is enough bandwidth available to support them.
call_capacity
integer
Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio (0 - 60).
channel
list / elements=string
Selected list of wireless radio channels.
chan
string / required
Channel number.
channel_bonding
string
    Choices:
  • 80MHz
  • 40MHz
  • 20MHz
  • 160MHz
Channel bandwidth: 80, 40, or 20MHz. Channels may use both 20 and 40 by enabling coexistence.
channel_utilization
string
    Choices:
  • enable
  • disable
Enable/disable measuring channel utilization.
coexistence
string
    Choices:
  • enable
  • disable
Enable/disable allowing both HT20 and HT40 on the same radio .
darrp
string
    Choices:
  • enable
  • disable
Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP) to make sure the radio is always using the most optimal channel .
drma
string
    Choices:
  • disable
  • enable
Enable/disable dynamic radio mode assignment (DRMA) .
drma_sensitivity
string
    Choices:
  • low
  • medium
  • high
Network Coverage Factor (NCF) percentage required to consider a radio as redundant .
dtim
integer
DTIM interval. The frequency to transmit Delivery Traffic Indication Message (or Map) (DTIM) messages (1 - 255). Set higher to save client battery life.
frag_threshold
integer
Maximum packet size that can be sent without fragmentation (800 - 2346 bytes).
frequency_handoff
string
    Choices:
  • enable
  • disable
Enable/disable frequency handoff of clients to other channels .
iperf_protocol
string
    Choices:
  • udp
  • tcp
Iperf test protocol .
iperf_server_port
integer
Iperf service port number.
max_clients
integer
Maximum number of stations (STAs) or WiFi clients supported by the radio. Range depends on the hardware.
max_distance
integer
Maximum expected distance between the AP and clients (0 - 54000 m).
mode
string
    Choices:
  • disabled
  • ap
  • monitor
  • sniffer
  • sam
Mode of radio 2. Radio 2 can be disabled, configured as an access point, a rogue AP monitor, or a sniffer.
power_level
integer
Radio power level as a percentage of the maximum transmit power (0 - 100).
power_mode
string
    Choices:
  • dBm
  • percentage
Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities.
power_value
integer
Radio EIRP power in dBm (1 - 33).
powersave_optimize
string
    Choices:
  • tim
  • ac-vo
  • no-obss-scan
  • no-11b-rate
  • client-rate-follow
Enable client power-saving features such as TIM, AC VO, and OBSS etc.
protection_mode
string
    Choices:
  • rtscts
  • ctsonly
  • disable
Enable/disable 802.11g protection modes to support backwards compatibility with older clients (rtscts, ctsonly, disable).
radio_id
integer
radio-id
rts_threshold
integer
Maximum packet size for RTS transmissions, specifying the maximum size of a data packet before RTS/CTS (256 - 2346 bytes).
sam_bssid
string
BSSID for WiFi network.
sam_captive_portal
string
    Choices:
  • enable
  • disable
Enable/disable Captive Portal Authentication .
sam_password
string
Passphrase for WiFi network connection.
sam_report_intv
integer
SAM report interval (sec), 0 for a one-time report.
sam_security_type
string
    Choices:
  • open
  • wpa-personal
  • wpa-enterprise
Select WiFi network security type .
sam_server
string
SAM test server IP address or domain name.
sam_ssid
string
SSID for WiFi network.
sam_test
string
    Choices:
  • ping
  • iperf
Select SAM test type .
sam_username
string
Username for WiFi network connection.
short_guard_interval
string
    Choices:
  • enable
  • disable
Use either the short guard interval (Short GI) of 400 ns or the long guard interval (Long GI) of 800 ns.
spectrum_analysis
string
    Choices:
  • enable
  • disable
  • scan-only
Enable/disable spectrum analysis to find interference that would negatively impact wireless performance.
transmit_optimize
string
    Choices:
  • disable
  • power-save
  • aggr-limit
  • retry-limit
  • send-bar
Packet transmission optimization options including power saving, aggregation limiting, retry limiting, etc. All are enabled by default.
vap_all
string
    Choices:
  • enable
  • disable
  • tunnel
  • bridge
  • manual
Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) .
vaps
list / elements=string
Manually selected list of Virtual Access Points (VAPs).
name
string / required
Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name wireless-controller.vap.name.
wids_profile
string
Wireless Intrusion Detection System (WIDS) profile name to assign to the radio. Source wireless-controller.wids-profile.name.
zero_wait_dfs
string
    Choices:
  • enable
  • disable
Enable/disable zero wait DFS on radio .
radio_3
dictionary
Configuration options for radio 3.
airtime_fairness
string
    Choices:
  • enable
  • disable
Enable/disable airtime fairness .
amsdu
string
    Choices:
  • enable
  • disable
Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported by your WiFi clients .
ap_handoff
string
    Choices:
  • enable
  • disable
Enable/disable AP handoff of clients to other APs .
ap_sniffer_addr
string
MAC address to monitor.
ap_sniffer_bufsize
integer
Sniffer buffer size (1 - 32 MB).
ap_sniffer_chan
integer
Channel on which to operate the sniffer .
ap_sniffer_ctl
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi control frame .
ap_sniffer_data
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi data frame .
ap_sniffer_mgmt_beacon
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management Beacon frames .
ap_sniffer_mgmt_other
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management other frames .
ap_sniffer_mgmt_probe
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management probe frames .
auto_power_high
integer
The upper bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type).
auto_power_level
string
    Choices:
  • enable
  • disable
Enable/disable automatic power-level adjustment to prevent co-channel interference .
auto_power_low
integer
The lower bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type).
auto_power_target
string
The target of automatic transmit power adjustment in dBm. (-95 to -20).
band
string
    Choices:
  • 802.11a
  • 802.11b
  • 802.11g
  • 802.11n
  • 802.11n-5G
  • 802.11ac
  • 802.11ax-5G
  • 802.11ax
  • 802.11n,g-only
  • 802.11g-only
  • 802.11n-only
  • 802.11n-5G-only
  • 802.11ac,n-only
  • 802.11ac-only
  • 802.11ax,ac-only
  • 802.11ax,ac,n-only
  • 802.11ax-5G-only
  • 802.11ax,n-only
  • 802.11ax,n,g-only
  • 802.11ax-only
  • 802.11ac-2G
WiFi band that Radio 3 operates on.
band_5g_type
string
    Choices:
  • 5g-full
  • 5g-high
  • 5g-low
WiFi 5G band type.
bandwidth_admission_control
string
    Choices:
  • enable
  • disable
Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize WiFi bandwidth use. A request to join the wireless network is only allowed if the access point has enough bandwidth to support it.
bandwidth_capacity
integer
Maximum bandwidth capacity allowed (1 - 600000 Kbps).
beacon_interval
integer
Beacon interval. The time between beacon frames in msec (the actual range of beacon interval depends on the AP platform type).
bss_color
integer
BSS color value for this 11ax radio (0 - 63, 0 means disable. ).
call_admission_control
string
    Choices:
  • enable
  • disable
Enable/disable WiFi multimedia (WMM) call admission control to optimize WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there is enough bandwidth available to support them.
call_capacity
integer
Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio (0 - 60).
channel
list / elements=string
Selected list of wireless radio channels.
chan
string / required
Channel number.
channel_bonding
string
    Choices:
  • 160MHz
  • 80MHz
  • 40MHz
  • 20MHz
Channel bandwidth: 160,80, 40, or 20MHz. Channels may use both 20 and 40 by enabling coexistence.
channel_utilization
string
    Choices:
  • enable
  • disable
Enable/disable measuring channel utilization.
coexistence
string
    Choices:
  • enable
  • disable
Enable/disable allowing both HT20 and HT40 on the same radio .
darrp
string
    Choices:
  • enable
  • disable
Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP) to make sure the radio is always using the most optimal channel .
drma
string
    Choices:
  • disable
  • enable
Enable/disable dynamic radio mode assignment (DRMA) .
drma_sensitivity
string
    Choices:
  • low
  • medium
  • high
Network Coverage Factor (NCF) percentage required to consider a radio as redundant .
dtim
integer
Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save battery life of WiFi client in power-save mode.
frag_threshold
integer
Maximum packet size that can be sent without fragmentation (800 - 2346 bytes).
frequency_handoff
string
    Choices:
  • enable
  • disable
Enable/disable frequency handoff of clients to other channels .
iperf_protocol
string
    Choices:
  • udp
  • tcp
Iperf test protocol .
iperf_server_port
integer
Iperf service port number.
max_clients
integer
Maximum number of stations (STAs) or WiFi clients supported by the radio. Range depends on the hardware.
max_distance
integer
Maximum expected distance between the AP and clients (0 - 54000 m).
mode
string
    Choices:
  • disabled
  • ap
  • monitor
  • sniffer
  • sam
Mode of radio 3. Radio 3 can be disabled, configured as an access point, a rogue AP monitor, or a sniffer.
power_level
integer
Radio power level as a percentage of the maximum transmit power (0 - 100).
power_mode
string
    Choices:
  • dBm
  • percentage
Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities.
power_value
integer
Radio EIRP power in dBm (1 - 33).
powersave_optimize
string
    Choices:
  • tim
  • ac-vo
  • no-obss-scan
  • no-11b-rate
  • client-rate-follow
Enable client power-saving features such as TIM, AC VO, and OBSS etc.
protection_mode
string
    Choices:
  • rtscts
  • ctsonly
  • disable
Enable/disable 802.11g protection modes to support backwards compatibility with older clients (rtscts, ctsonly, disable).
radio_id
integer
radio-id
rts_threshold
integer
Maximum packet size for RTS transmissions, specifying the maximum size of a data packet before RTS/CTS (256 - 2346 bytes).
sam_bssid
string
BSSID for WiFi network.
sam_captive_portal
string
    Choices:
  • enable
  • disable
Enable/disable Captive Portal Authentication .
sam_password
string
Passphrase for WiFi network connection.
sam_report_intv
integer
SAM report interval (sec), 0 for a one-time report.
sam_security_type
string
    Choices:
  • open
  • wpa-personal
  • wpa-enterprise
Select WiFi network security type .
sam_server
string
SAM test server IP address or domain name.
sam_ssid
string
SSID for WiFi network.
sam_test
string
    Choices:
  • ping
  • iperf
Select SAM test type .
sam_username
string
Username for WiFi network connection.
short_guard_interval
string
    Choices:
  • enable
  • disable
Use either the short guard interval (Short GI) of 400 ns or the long guard interval (Long GI) of 800 ns.
spectrum_analysis
string
    Choices:
  • enable
  • disable
  • scan-only
Enable/disable spectrum analysis to find interference that would negatively impact wireless performance.
transmit_optimize
string
    Choices:
  • disable
  • power-save
  • aggr-limit
  • retry-limit
  • send-bar
Packet transmission optimization options including power saving, aggregation limiting, retry limiting, etc. All are enabled by default.
vap_all
string
    Choices:
  • enable
  • disable
  • tunnel
  • bridge
  • manual
Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) .
vaps
list / elements=string
Manually selected list of Virtual Access Points (VAPs).
name
string / required
Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name system.interface.name.
wids_profile
string
Wireless Intrusion Detection System (WIDS) profile name to assign to the radio. Source wireless-controller.wids-profile.name.
zero_wait_dfs
string
    Choices:
  • enable
  • disable
Enable/disable zero wait DFS on radio .
radio_4
dictionary
Configuration options for radio 4.
airtime_fairness
string
    Choices:
  • enable
  • disable
Enable/disable airtime fairness .
amsdu
string
    Choices:
  • enable
  • disable
Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported by your WiFi clients .
ap_handoff
string
    Choices:
  • enable
  • disable
Enable/disable AP handoff of clients to other APs .
ap_sniffer_addr
string
MAC address to monitor.
ap_sniffer_bufsize
integer
Sniffer buffer size (1 - 32 MB).
ap_sniffer_chan
integer
Channel on which to operate the sniffer .
ap_sniffer_ctl
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi control frame .
ap_sniffer_data
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi data frame .
ap_sniffer_mgmt_beacon
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management Beacon frames .
ap_sniffer_mgmt_other
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management other frames .
ap_sniffer_mgmt_probe
string
    Choices:
  • enable
  • disable
Enable/disable sniffer on WiFi management probe frames .
auto_power_high
integer
The upper bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type).
auto_power_level
string
    Choices:
  • enable
  • disable
Enable/disable automatic power-level adjustment to prevent co-channel interference .
auto_power_low
integer
The lower bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type).
auto_power_target
string
The target of automatic transmit power adjustment in dBm. (-95 to -20).
band
string
    Choices:
  • 802.11a
  • 802.11b
  • 802.11g
  • 802.11n
  • 802.11n-5G
  • 802.11ac
  • 802.11ax-5G
  • 802.11ax
  • 802.11n,g-only
  • 802.11g-only
  • 802.11n-only
  • 802.11n-5G-only
  • 802.11ac,n-only
  • 802.11ac-only
  • 802.11ax,ac-only
  • 802.11ax,ac,n-only
  • 802.11ax-5G-only
  • 802.11ax,n-only
  • 802.11ax,n,g-only
  • 802.11ax-only
  • 802.11ac-2G
WiFi band that Radio 3 operates on.
band_5g_type
string
    Choices:
  • 5g-full
  • 5g-high
  • 5g-low
WiFi 5G band type.
bandwidth_admission_control
string
    Choices:
  • enable
  • disable
Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize WiFi bandwidth use. A request to join the wireless network is only allowed if the access point has enough bandwidth to support it.
bandwidth_capacity
integer
Maximum bandwidth capacity allowed (1 - 600000 Kbps).
beacon_interval
integer
Beacon interval. The time between beacon frames in msec (the actual range of beacon interval depends on the AP platform type).
bss_color
integer
BSS color value for this 11ax radio (0 - 63, 0 means disable. ).
call_admission_control
string
    Choices:
  • enable
  • disable
Enable/disable WiFi multimedia (WMM) call admission control to optimize WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there is enough bandwidth available to support them.
call_capacity
integer
Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio (0 - 60).
channel
list / elements=string
Selected list of wireless radio channels.
chan
string / required
Channel number.
channel_bonding
string
    Choices:
  • 160MHz
  • 80MHz
  • 40MHz
  • 20MHz
Channel bandwidth: 160,80, 40, or 20MHz. Channels may use both 20 and 40 by enabling coexistence.
channel_utilization
string
    Choices:
  • enable
  • disable
Enable/disable measuring channel utilization.
coexistence
string
    Choices:
  • enable
  • disable
Enable/disable allowing both HT20 and HT40 on the same radio .
darrp
string
    Choices:
  • enable
  • disable
Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP) to make sure the radio is always using the most optimal channel .
drma
string
    Choices:
  • disable
  • enable
Enable/disable dynamic radio mode assignment (DRMA) .
drma_sensitivity
string
    Choices:
  • low
  • medium
  • high
Network Coverage Factor (NCF) percentage required to consider a radio as redundant .
dtim
integer
Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save battery life of WiFi client in power-save mode.
frag_threshold
integer
Maximum packet size that can be sent without fragmentation (800 - 2346 bytes).
frequency_handoff
string
    Choices:
  • enable
  • disable
Enable/disable frequency handoff of clients to other channels .
iperf_protocol
string
    Choices:
  • udp
  • tcp
Iperf test protocol .
iperf_server_port
integer
Iperf service port number.
max_clients
integer
Maximum number of stations (STAs) or WiFi clients supported by the radio. Range depends on the hardware.
max_distance
integer
Maximum expected distance between the AP and clients (0 - 54000 m).
mode
string
    Choices:
  • disabled
  • ap
  • monitor
  • sniffer
  • sam
Mode of radio 3. Radio 3 can be disabled, configured as an access point, a rogue AP monitor, or a sniffer.
power_level
integer
Radio power level as a percentage of the maximum transmit power (0 - 100).
power_mode
string
    Choices:
  • dBm
  • percentage
Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities.
power_value
integer
Radio EIRP power in dBm (1 - 33).
powersave_optimize
string
    Choices:
  • tim
  • ac-vo
  • no-obss-scan
  • no-11b-rate
  • client-rate-follow
Enable client power-saving features such as TIM, AC VO, and OBSS etc.
protection_mode
string
    Choices:
  • rtscts
  • ctsonly
  • disable
Enable/disable 802.11g protection modes to support backwards compatibility with older clients (rtscts, ctsonly, disable).
rts_threshold
integer
Maximum packet size for RTS transmissions, specifying the maximum size of a data packet before RTS/CTS (256 - 2346 bytes).
sam_bssid
string
BSSID for WiFi network.
sam_captive_portal
string
    Choices:
  • enable
  • disable
Enable/disable Captive Portal Authentication .
sam_password
string
Passphrase for WiFi network connection.
sam_report_intv
integer
SAM report interval (sec), 0 for a one-time report.
sam_security_type
string
    Choices:
  • open
  • wpa-personal
  • wpa-enterprise
Select WiFi network security type .
sam_server
string
SAM test server IP address or domain name.
sam_ssid
string
SSID for WiFi network.
sam_test
string
    Choices:
  • ping
  • iperf
Select SAM test type .
sam_username
string
Username for WiFi network connection.
short_guard_interval
string
    Choices:
  • enable
  • disable
Use either the short guard interval (Short GI) of 400 ns or the long guard interval (Long GI) of 800 ns.
spectrum_analysis
string
    Choices:
  • enable
  • disable
  • scan-only
Enable/disable spectrum analysis to find interference that would negatively impact wireless performance.
transmit_optimize
string
    Choices:
  • disable
  • power-save
  • aggr-limit
  • retry-limit
  • send-bar
Packet transmission optimization options including power saving, aggregation limiting, retry limiting, etc. All are enabled by default.
vap_all
string
    Choices:
  • enable
  • disable
  • tunnel
  • bridge
  • manual
Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) .
vaps
list / elements=string
Manually selected list of Virtual Access Points (VAPs).
name
string / required
Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name system.interface.name.
wids_profile
string
Wireless Intrusion Detection System (WIDS) profile name to assign to the radio. Source wireless-controller.wids-profile.name.
zero_wait_dfs
string
    Choices:
  • enable
  • disable
Enable/disable zero wait DFS on radio .
split_tunneling_acl
list / elements=string
Split tunneling ACL filter list.
dest_ip
string
Destination IP and mask for the split-tunneling subnet.
id
integer / required
ID.
split_tunneling_acl_local_ap_subnet
string
    Choices:
  • enable
  • disable
Enable/disable automatically adding local subnetwork of FortiAP to split-tunneling ACL .
split_tunneling_acl_path
string
    Choices:
  • tunnel
  • local
Split tunneling ACL path is local/tunnel.
tun_mtu_downlink
integer
Downlink CAPWAP tunnel MTU (0, 576, or 1500 bytes).
tun_mtu_uplink
integer
Uplink CAPWAP tunnel MTU (0, 576, or 1500 bytes).
wan_port_mode
string
    Choices:
  • wan-lan
  • wan-only
Enable/disable using a WAN port as a LAN port.

Notes

Note

  • Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- hosts: fortigates
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:
  - name: Configure WTP profiles or FortiAP profiles that define radio settings for manageable FortiAP platforms.
    fortios_wireless_controller_wtp_profile:
      vdom:  "{{ vdom }}"
      state: "present"
      access_token: "<your_own_value>"
      wireless_controller_wtp_profile:
        allowaccess: "telnet"
        ap_country: "NA"
        ap_handoff: "enable"
        apcfg_profile: "<your_own_value> (source wireless-controller.apcfg-profile.name)"
        ble_profile: "<your_own_value> (source wireless-controller.ble-profile.name)"
        comment: "Comment."
        control_message_offload: "ebp-frame"
        deny_mac_list:
         -
            id:  "11"
            mac: "<your_own_value>"
        dtls_in_kernel: "enable"
        dtls_policy: "clear-text"
        energy_efficient_ethernet: "enable"
        ext_info_enable: "enable"
        frequency_handoff: "enable"
        handoff_roaming: "enable"
        handoff_rssi: "19"
        handoff_sta_thresh: "20"
        ip_fragment_preventing: "tcp-mss-adjust"
        lan:
            port_esl_mode: "offline"
            port_esl_ssid: "<your_own_value> (source system.interface.name)"
            port_mode: "offline"
            port_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port1_mode: "offline"
            port1_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port2_mode: "offline"
            port2_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port3_mode: "offline"
            port3_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port4_mode: "offline"
            port4_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port5_mode: "offline"
            port5_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port6_mode: "offline"
            port6_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port7_mode: "offline"
            port7_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port8_mode: "offline"
            port8_ssid: "<your_own_value> (source wireless-controller.vap.name)"
        lbs:
            aeroscout: "enable"
            aeroscout_ap_mac: "bssid"
            aeroscout_mmu_report: "enable"
            aeroscout_mu: "enable"
            aeroscout_mu_factor: "48"
            aeroscout_mu_timeout: "49"
            aeroscout_server_ip: "<your_own_value>"
            aeroscout_server_port: "51"
            ekahau_blink_mode: "enable"
            ekahau_tag: "<your_own_value>"
            erc_server_ip: "<your_own_value>"
            erc_server_port: "55"
            fortipresence: "foreign"
            fortipresence_ble: "enable"
            fortipresence_frequency: "58"
            fortipresence_port: "59"
            fortipresence_project: "<your_own_value>"
            fortipresence_rogue: "enable"
            fortipresence_secret: "<your_own_value>"
            fortipresence_server: "<your_own_value>"
            fortipresence_unassoc: "enable"
            station_locate: "enable"
        led_schedules:
         -
            name: "default_name_67 (source firewall.schedule.group.name firewall.schedule.recurring.name)"
        led_state: "enable"
        lldp: "enable"
        login_passwd: "<your_own_value>"
        login_passwd_change: "yes"
        max_clients: "72"
        name: "default_name_73"
        platform:
            ddscan: "enable"
            mode: "single-5G"
            type: "AP-11N"
        poe_mode: "auto"
        radio_1:
            airtime_fairness: "enable"
            amsdu: "enable"
            ap_handoff: "enable"
            ap_sniffer_addr: "<your_own_value>"
            ap_sniffer_bufsize: "84"
            ap_sniffer_chan: "85"
            ap_sniffer_ctl: "enable"
            ap_sniffer_data: "enable"
            ap_sniffer_mgmt_beacon: "enable"
            ap_sniffer_mgmt_other: "enable"
            ap_sniffer_mgmt_probe: "enable"
            auto_power_high: "91"
            auto_power_level: "enable"
            auto_power_low: "93"
            auto_power_target: "<your_own_value>"
            band: "802.11a"
            band_5g_type: "5g-full"
            bandwidth_admission_control: "enable"
            bandwidth_capacity: "98"
            beacon_interval: "99"
            bss_color: "100"
            call_admission_control: "enable"
            call_capacity: "102"
            channel:
             -
                chan: "<your_own_value>"
            channel_bonding: "80MHz"
            channel_utilization: "enable"
            coexistence: "enable"
            darrp: "enable"
            drma: "disable"
            drma_sensitivity: "low"
            dtim: "111"
            frag_threshold: "112"
            frequency_handoff: "enable"
            iperf_protocol: "udp"
            iperf_server_port: "115"
            max_clients: "116"
            max_distance: "117"
            mode: "disabled"
            power_level: "119"
            power_mode: "dBm"
            power_value: "121"
            powersave_optimize: "tim"
            protection_mode: "rtscts"
            radio_id: "124"
            rts_threshold: "125"
            sam_bssid: "<your_own_value>"
            sam_captive_portal: "enable"
            sam_password: "<your_own_value>"
            sam_report_intv: "129"
            sam_security_type: "open"
            sam_server: "<your_own_value>"
            sam_ssid: "<your_own_value>"
            sam_test: "ping"
            sam_username: "<your_own_value>"
            short_guard_interval: "enable"
            spectrum_analysis: "enable"
            transmit_optimize: "disable"
            vap_all: "enable"
            vaps:
             -
                name: "default_name_140 (source wireless-controller.vap-group.name wireless-controller.vap.name)"
            wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
            zero_wait_dfs: "enable"
        radio_2:
            airtime_fairness: "enable"
            amsdu: "enable"
            ap_handoff: "enable"
            ap_sniffer_addr: "<your_own_value>"
            ap_sniffer_bufsize: "148"
            ap_sniffer_chan: "149"
            ap_sniffer_ctl: "enable"
            ap_sniffer_data: "enable"
            ap_sniffer_mgmt_beacon: "enable"
            ap_sniffer_mgmt_other: "enable"
            ap_sniffer_mgmt_probe: "enable"
            auto_power_high: "155"
            auto_power_level: "enable"
            auto_power_low: "157"
            auto_power_target: "<your_own_value>"
            band: "802.11a"
            band_5g_type: "5g-full"
            bandwidth_admission_control: "enable"
            bandwidth_capacity: "162"
            beacon_interval: "163"
            bss_color: "164"
            call_admission_control: "enable"
            call_capacity: "166"
            channel:
             -
                chan: "<your_own_value>"
            channel_bonding: "80MHz"
            channel_utilization: "enable"
            coexistence: "enable"
            darrp: "enable"
            drma: "disable"
            drma_sensitivity: "low"
            dtim: "175"
            frag_threshold: "176"
            frequency_handoff: "enable"
            iperf_protocol: "udp"
            iperf_server_port: "179"
            max_clients: "180"
            max_distance: "181"
            mode: "disabled"
            power_level: "183"
            power_mode: "dBm"
            power_value: "185"
            powersave_optimize: "tim"
            protection_mode: "rtscts"
            radio_id: "188"
            rts_threshold: "189"
            sam_bssid: "<your_own_value>"
            sam_captive_portal: "enable"
            sam_password: "<your_own_value>"
            sam_report_intv: "193"
            sam_security_type: "open"
            sam_server: "<your_own_value>"
            sam_ssid: "<your_own_value>"
            sam_test: "ping"
            sam_username: "<your_own_value>"
            short_guard_interval: "enable"
            spectrum_analysis: "enable"
            transmit_optimize: "disable"
            vap_all: "enable"
            vaps:
             -
                name: "default_name_204 (source wireless-controller.vap-group.name wireless-controller.vap.name)"
            wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
            zero_wait_dfs: "enable"
        radio_3:
            airtime_fairness: "enable"
            amsdu: "enable"
            ap_handoff: "enable"
            ap_sniffer_addr: "<your_own_value>"
            ap_sniffer_bufsize: "212"
            ap_sniffer_chan: "213"
            ap_sniffer_ctl: "enable"
            ap_sniffer_data: "enable"
            ap_sniffer_mgmt_beacon: "enable"
            ap_sniffer_mgmt_other: "enable"
            ap_sniffer_mgmt_probe: "enable"
            auto_power_high: "219"
            auto_power_level: "enable"
            auto_power_low: "221"
            auto_power_target: "<your_own_value>"
            band: "802.11a"
            band_5g_type: "5g-full"
            bandwidth_admission_control: "enable"
            bandwidth_capacity: "226"
            beacon_interval: "227"
            bss_color: "228"
            call_admission_control: "enable"
            call_capacity: "230"
            channel:
             -
                chan: "<your_own_value>"
            channel_bonding: "160MHz"
            channel_utilization: "enable"
            coexistence: "enable"
            darrp: "enable"
            drma: "disable"
            drma_sensitivity: "low"
            dtim: "239"
            frag_threshold: "240"
            frequency_handoff: "enable"
            iperf_protocol: "udp"
            iperf_server_port: "243"
            max_clients: "244"
            max_distance: "245"
            mode: "disabled"
            power_level: "247"
            power_mode: "dBm"
            power_value: "249"
            powersave_optimize: "tim"
            protection_mode: "rtscts"
            radio_id: "252"
            rts_threshold: "253"
            sam_bssid: "<your_own_value>"
            sam_captive_portal: "enable"
            sam_password: "<your_own_value>"
            sam_report_intv: "257"
            sam_security_type: "open"
            sam_server: "<your_own_value>"
            sam_ssid: "<your_own_value>"
            sam_test: "ping"
            sam_username: "<your_own_value>"
            short_guard_interval: "enable"
            spectrum_analysis: "enable"
            transmit_optimize: "disable"
            vap_all: "enable"
            vaps:
             -
                name: "default_name_268 (source wireless-controller.vap-group.name system.interface.name)"
            wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
            zero_wait_dfs: "enable"
        radio_4:
            airtime_fairness: "enable"
            amsdu: "enable"
            ap_handoff: "enable"
            ap_sniffer_addr: "<your_own_value>"
            ap_sniffer_bufsize: "276"
            ap_sniffer_chan: "277"
            ap_sniffer_ctl: "enable"
            ap_sniffer_data: "enable"
            ap_sniffer_mgmt_beacon: "enable"
            ap_sniffer_mgmt_other: "enable"
            ap_sniffer_mgmt_probe: "enable"
            auto_power_high: "283"
            auto_power_level: "enable"
            auto_power_low: "285"
            auto_power_target: "<your_own_value>"
            band: "802.11a"
            band_5g_type: "5g-full"
            bandwidth_admission_control: "enable"
            bandwidth_capacity: "290"
            beacon_interval: "291"
            bss_color: "292"
            call_admission_control: "enable"
            call_capacity: "294"
            channel:
             -
                chan: "<your_own_value>"
            channel_bonding: "160MHz"
            channel_utilization: "enable"
            coexistence: "enable"
            darrp: "enable"
            drma: "disable"
            drma_sensitivity: "low"
            dtim: "303"
            frag_threshold: "304"
            frequency_handoff: "enable"
            iperf_protocol: "udp"
            iperf_server_port: "307"
            max_clients: "308"
            max_distance: "309"
            mode: "disabled"
            power_level: "311"
            power_mode: "dBm"
            power_value: "313"
            powersave_optimize: "tim"
            protection_mode: "rtscts"
            rts_threshold: "316"
            sam_bssid: "<your_own_value>"
            sam_captive_portal: "enable"
            sam_password: "<your_own_value>"
            sam_report_intv: "320"
            sam_security_type: "open"
            sam_server: "<your_own_value>"
            sam_ssid: "<your_own_value>"
            sam_test: "ping"
            sam_username: "<your_own_value>"
            short_guard_interval: "enable"
            spectrum_analysis: "enable"
            transmit_optimize: "disable"
            vap_all: "enable"
            vaps:
             -
                name: "default_name_331 (source wireless-controller.vap-group.name system.interface.name)"
            wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
            zero_wait_dfs: "enable"
        split_tunneling_acl:
         -
            dest_ip: "<your_own_value>"
            id:  "336"
        split_tunneling_acl_local_ap_subnet: "enable"
        split_tunneling_acl_path: "tunnel"
        tun_mtu_downlink: "339"
        tun_mtu_uplink: "340"
        wan_port_mode: "wan-lan"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
build
string
always
Build number of the fortigate image

Sample:
1547
http_method
string
always
Last method used to provision the content into FortiGate

Sample:
PUT
http_status
string
always
Last result given by FortiGate on last operation applied

Sample:
200
mkey
string
success
Master key (id) used in the last call to FortiGate

Sample:
id
name
string
always
Name of the table used to fulfill the request

Sample:
urlfilter
path
string
always
Path of the table used to fulfill the request

Sample:
webfilter
revision
string
always
Internal revision number

Sample:
17.0.2.10658
serial
string
always
Serial number of the unit

Sample:
FGVMEVYYQT3AB5352
status
string
always
Indication of the operation's result

Sample:
success
vdom
string
always
Virtual domain used

Sample:
root
version
string
always
Version of the FortiGate

Sample:
v5.6.3


Authors

  • Link Zheng (@chillancezen)

  • Jie Xue (@JieX19)

  • Hongbin Lu (@fgtdev-hblu)

  • Frank Shen (@frankshen01)

  • Miguel Angel Munoz (@mamunozgonzalez)

  • Nicolas Thomas (@thomnico)