fmgr_devprof_system_global – Configure global attributes.

Added in version 1.0.0.

Warning

Starting in version 3.0.0, all input arguments will be named using the underscore naming convention (snake_case).

  • Argument name before 3.0.0: var-name, var name, var.name

  • New argument name starting in 3.0.0: var_name

FortiManager Ansible v2.4+ supports both previous argument name and new underscore name. You will receive deprecation warnings if you keep using the previous argument name. You can ignore the warning by setting deprecation_warnings=False in ansible.cfg.

Synopsis

  • This module is able to configure a FortiManager device.

  • Examples include all parameters and values need to be adjusted to data sources before usage.

  • Tested with FortiManager v7.x.

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.15.0

FortiManager Version Compatibility

Supported Version Ranges: v6.0.0 -> v6.2.5, v6.2.7 -> v6.4.1, v6.4.3 -> latest

Parameters

  • access_token -The token to access FortiManager without using username and password. type: str required: false
  • bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool required: false default: False
  • enable_log - Enable/Disable logging for task. type: bool required: false default: False
  • forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
  • proposed_method - The overridden method for the underlying Json RPC request. type: str required: false choices: set, update, add
  • rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
  • rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
  • workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
  • workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
  • adom - The parameter in requested url type: str required: true
  • devprof - The parameter in requested url type: str required: true
  • devprof_system_global - Configure global attributes. type: dict
    • admin_https_redirect (Alias name: admin-https-redirect) Enable/disable redirection of http administration access to https. type: str choices: [disable, enable] more...
    • admin_port (Alias name: admin-port) Administrative access port for http. type: int more...
    • admin_scp (Alias name: admin-scp) Enable/disable using scp to download the system configuration. type: str choices: [disable, enable] more...
    • admin_sport (Alias name: admin-sport) Administrative access port for https. type: int more...
    • admin_ssh_port (Alias name: admin-ssh-port) Administrative access port for ssh. type: int more...
    • admin_ssh_v1 (Alias name: admin-ssh-v1) Enable/disable ssh v1 compatibility. type: str choices: [disable, enable] more...
    • admin_telnet_port (Alias name: admin-telnet-port) Administrative access port for telnet. type: int more...
    • admintimeout Number of minutes before an idle administrator session times out (5 - 480 minutes (8 hours), default = 5). type: int more...
    • gui_ipv6 (Alias name: gui-ipv6) Enable/disable ipv6 settings on the gui. type: str choices: [disable, enable] more...
    • gui_lines_per_page (Alias name: gui-lines-per-page) Number of lines to display per page for web administration. type: int more...
    • gui_theme (Alias name: gui-theme) Color scheme for the administration gui. type: str choices: [blue, green, melongene, red, mariner, neutrino, jade, graphite, dark-matter, onyx, eclipse, retro, fpx, jet-stream, security-fabric] more...
    • language Gui display language. type: str choices: [english, simch, japanese, korean, spanish, trach, french, portuguese] more...
    • switch_controller (Alias name: switch-controller) Enable/disable switch controller feature. type: str choices: [disable, enable] more...
    • gui_device_latitude (Alias name: gui-device-latitude) Support meta variable type: str more...
    • gui_device_longitude (Alias name: gui-device-longitude) Support meta variable type: str more...
    • hostname Support meta variable type: str more...
    • timezone Support meta variable type: list choices: [00, 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87] more...
    • check_reset_range (Alias name: check-reset-range) Configure icmp error message verification. type: str choices: [disable, strict] more...
    • pmtu_discovery (Alias name: pmtu-discovery) Enable/disable path mtu discovery. type: str choices: [disable, enable] more...
    • gui_allow_incompatible_fabric_fgt (Alias name: gui-allow-incompatible-fabric-fgt) Enable/disable allow fgt with incompatible firmware to be treated as compatible in security fabric on the gui. type: str choices: [disable, enable] more...
    • admin_restrict_local (Alias name: admin-restrict-local) Enable/disable local admin authentication restriction when remote authenticator is up and running (default = disable). type: str choices: [disable, enable, all, non-console-only] more...
    • gui_workflow_management (Alias name: gui-workflow-management) Enable/disable workflow management features on the gui. type: str choices: [disable, enable] more...
    • send_pmtu_icmp (Alias name: send-pmtu-icmp) Enable/disable sending of path maximum transmission unit (pmtu) - icmp destination unreachable packet and to support pmtud protocol on your network to reduce fragmentation of packets. type: str choices: [disable, enable] more...
    • tcp_halfclose_timer (Alias name: tcp-halfclose-timer) Number of seconds the fortigate unit should wait to close a session after one peer has sent a fin packet but the other has not responded (1 - 86400 sec (1 day), default = 120). type: int more...
    • admin_server_cert (Alias name: admin-server-cert) Server certificate that the fortigate uses for https administrative connections. type: list more...
    • dnsproxy_worker_count (Alias name: dnsproxy-worker-count) Dns proxy worker count. type: int more...
    • show_backplane_intf (Alias name: show-backplane-intf) Show/hide backplane interfaces type: str choices: [disable, enable] more...
    • gui_custom_language (Alias name: gui-custom-language) Enable/disable custom languages in gui. type: str choices: [disable, enable] more...
    • ldapconntimeout Global timeout for connections with remote ldap servers in milliseconds (1 - 300000, default 500). type: int more...
    • auth_https_port (Alias name: auth-https-port) User authentication https port. type: int more...
    • revision_backup_on_logout (Alias name: revision-backup-on-logout) Enable/disable back-up of the latest configuration revision when an administrator logs out of the cli or gui. type: str choices: [disable, enable] more...
    • arp_max_entry (Alias name: arp-max-entry) Maximum number of dynamically learned mac addresses that can be added to the arp table (131072 - 2147483647, default = 131072). type: int more...
    • long_vdom_name (Alias name: long-vdom-name) Enable/disable long vdom name support. type: str choices: [disable, enable] more...
    • pre_login_banner (Alias name: pre-login-banner) Enable/disable displaying the administrator access disclaimer message on the login page before an administrator logs in. type: str choices: [disable, enable] more...
    • qsfpdd_split8_port (Alias name: qsfpdd-split8-port) Split qsfpddd port(s) as 8 ports type: list more...
    • max_route_cache_size (Alias name: max-route-cache-size) Maximum number of ip route cache entries (0 - 2147483647). type: int more...
    • fortitoken_cloud_push_status (Alias name: fortitoken-cloud-push-status) Enable/disable ftm push service of fortitoken cloud. type: str choices: [disable, enable] more...
    • ssh_hostkey_override (Alias name: ssh-hostkey-override) Enable/disable ssh host key override in ssh daemon. type: str choices: [disable, enable] more...
    • proxy_hardware_acceleration (Alias name: proxy-hardware-acceleration) Enable/disable email proxy hardware acceleration. type: str choices: [disable, enable] more...
    • switch_controller_reserved_network (Alias name: switch-controller-reserved-network) Configure reserved network subnet for managed switches. type: list more...
    • ssd_trim_date (Alias name: ssd-trim-date) Date within a month to run ssd trim. type: int more...
    • wad_worker_count (Alias name: wad-worker-count) Number of explicit proxy wan optimization daemon (wad) processes. type: int more...
    • ssh_hostkey (Alias name: ssh-hostkey) Config ssh host key. type: str more...
    • wireless_controller_port (Alias name: wireless-controller-port) Port used for the control channel in wireless controller mode (wireless-mode is ac). type: int more...
    • fgd_alert_subscription (Alias name: fgd-alert-subscription) Type of alert to retrieve from fortiguard. type: list choices: [advisory, latest-threat, latest-virus, latest-attack, new-antivirus-db, new-attack-db] more...
    • forticontroller_proxy_port (Alias name: forticontroller-proxy-port) Forticontroller proxy port (1024 - 49150). type: int more...
    • dh_params (Alias name: dh-params) Number of bits to use in the diffie-hellman exchange for https/ssh protocols. type: str choices: [1024, 1536, 2048, 3072, 4096, 6144, 8192] more...
    • memory_use_threshold_green (Alias name: memory-use-threshold-green) Threshold at which memory usage forces the fortigate to exit conserve mode (% of total ram, default = 82). type: int more...
    • proxy_cert_use_mgmt_vdom (Alias name: proxy-cert-use-mgmt-vdom) Enable/disable using management vdom to send requests. type: str choices: [disable, enable] more...
    • proxy_auth_lifetime_timeout (Alias name: proxy-auth-lifetime-timeout) Lifetime timeout in minutes for authenticated users (5 - 65535 min, default=480 (8 hours)). type: int more...
    • gui_auto_upgrade_setup_warning (Alias name: gui-auto-upgrade-setup-warning) Enable/disable the automatic patch upgrade setup prompt on the gui. type: str choices: [disable, enable] more...
    • gui_cdn_usage (Alias name: gui-cdn-usage) Enable/disable load gui static files from a cdn. type: str choices: [disable, enable] more...
    • two_factor_email_expiry (Alias name: two-factor-email-expiry) Email-based two-factor authentication session timeout (30 - 300 seconds (5 minutes), default = 60). type: int more...
    • udp_idle_timer (Alias name: udp-idle-timer) Udp connection session timeout. type: int more...
    • interface_subnet_usage (Alias name: interface-subnet-usage) Enable/disable allowing use of interface-subnet setting in firewall addresses (default = enable). type: str choices: [disable, enable] more...
    • forticontroller_proxy (Alias name: forticontroller-proxy) Enable/disable forticontroller proxy. type: str choices: [disable, enable] more...
    • ssh_enc_algo (Alias name: ssh-enc-algo) Select one or more ssh ciphers. type: list choices: [chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, arcfour256, arcfour128, aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc, aes192-cbc, aes256-cbc, arcfour, rijndael-cbc@lysator.liu.se, aes128-gcm@openssh.com, aes256-gcm@openssh.com] more...
    • block_session_timer (Alias name: block-session-timer) Duration in seconds for blocked sessions (1 - 300 sec (5 minutes), default = 30). type: int more...
    • quic_pmtud (Alias name: quic-pmtud) Enable/disable path mtu discovery (default = enable). type: str choices: [disable, enable] more...
    • admin_https_ssl_ciphersuites (Alias name: admin-https-ssl-ciphersuites) Select one or more tls 1. type: list choices: [TLS-AES-128-GCM-SHA256, TLS-AES-256-GCM-SHA384, TLS-CHACHA20-POLY1305-SHA256, TLS-AES-128-CCM-SHA256, TLS-AES-128-CCM-8-SHA256] more...
    • security_rating_result_submission (Alias name: security-rating-result-submission) Enable/disable the submission of security rating results to fortiguard. type: str choices: [disable, enable] more...
    • user_device_store_max_unified_mem (Alias name: user-device-store-max-unified-mem) Maximum unified memory allowed in user device store. type: int more...
    • management_port (Alias name: management-port) Overriding port for management connection (overrides admin port). type: int more...
    • fortigslb_integration (Alias name: fortigslb-integration) Enable/disable integration with the fortigslb cloud service. type: str choices: [disable, enable] more...
    • admin_https_ssl_versions (Alias name: admin-https-ssl-versions) Allowed tls versions for web administration. type: list choices: [tlsv1-0, tlsv1-1, tlsv1-2, sslv3, tlsv1-3] more...
    • cert_chain_max (Alias name: cert-chain-max) Maximum number of certificates that can be traversed in a certificate chain. type: int more...
    • qsfp28_40g_port (Alias name: qsfp28-40g-port) Set port(s) to 40gbps type: list more...
    • strong_crypto (Alias name: strong-crypto) Enable to use strong encryption and only allow strong ciphers and digest for https/ssh/tls/ssl functions. type: str choices: [disable, enable] more...
    • multi_factor_authentication (Alias name: multi-factor-authentication) Enforce all login methods to require an additional authentication factor (default = optional). type: str choices: [optional, mandatory] more...
    • fds_statistics (Alias name: fds-statistics) Enable/disable sending ips, application control, and antivirus data to fortiguard. type: str choices: [disable, enable] more...
    • gui_display_hostname (Alias name: gui-display-hostname) Enable/disable displaying the fortigates hostname on the gui login page. type: str choices: [disable, enable] more...
    • two_factor_ftk_expiry (Alias name: two-factor-ftk-expiry) Fortitoken authentication session timeout (60 - 600 sec (10 minutes), default = 60). type: int more...
    • wad_source_affinity (Alias name: wad-source-affinity) Enable/disable dispatching traffic to wad workers based on source affinity. type: str choices: [disable, enable] more...
    • ssl_static_key_ciphers (Alias name: ssl-static-key-ciphers) Enable/disable static key ciphers in ssl/tls connections (e. type: str choices: [disable, enable] more...
    • daily_restart (Alias name: daily-restart) Enable/disable daily restart of fortigate unit. type: str choices: [disable, enable] more...
    • snat_route_change (Alias name: snat-route-change) Enable/disable the ability to change the source nat route. type: str choices: [disable, enable] more...
    • tcp_rst_timer (Alias name: tcp-rst-timer) Length of the tcp close state in seconds (5 - 300 sec, default = 5). type: int more...
    • anti_replay (Alias name: anti-replay) Level of checking for packet replay and tcp sequence checking. type: str choices: [disable, loose, strict] more...
    • ssl_min_proto_version (Alias name: ssl-min-proto-version) Minimum supported protocol version for ssl/tls connections (default = tlsv1. type: str choices: [TLSv1, TLSv1-1, TLSv1-2, SSLv3, TLSv1-3] more...
    • speedtestd_server_port (Alias name: speedtestd-server-port) Speedtest server port number. type: int more...
    • cpu_use_threshold (Alias name: cpu-use-threshold) Threshold at which cpu usage is reported (% of total cpu, default = 90). type: int more...
    • admin_host (Alias name: admin-host) Administrative host for http and https. type: str more...
    • csr_ca_attribute (Alias name: csr-ca-attribute) Enable/disable the ca attribute in certificates. type: str choices: [disable, enable] more...
    • fortiservice_port (Alias name: fortiservice-port) Fortiservice port (1 - 65535, default = 8013). type: int more...
    • ssd_trim_hour (Alias name: ssd-trim-hour) Hour of the day on which to run ssd trim (0 - 23, default = 1). type: int more...
    • purdue_level (Alias name: purdue-level) Purdue level of this fortigate. type: str choices: [1, 2, 3, 4, 5, 1.5, 2.5, 3.5, 5.5] more...
    • management_vdom (Alias name: management-vdom) Management virtual domain name. type: list more...
    • quic_ack_thresold (Alias name: quic-ack-thresold) Maximum number of unacknowledged packets before sending ack (2 - 5, default = 3). type: int more...
    • qsfpdd_100g_port (Alias name: qsfpdd-100g-port) Split qsfpddd port(s) as 100g ports type: list more...
    • ips_affinity (Alias name: ips-affinity) Affinity setting for ips (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx; allowed cpus must be less than total number of ips engine daemons). type: str more...
    • vip_arp_range (Alias name: vip-arp-range) Controls the number of arps that the fortigate sends for a virtual ip (vip) address range. type: str choices: [restricted, unlimited] more...
    • internet_service_database (Alias name: internet-service-database) Configure which internet service database size to download from fortiguard and use. type: str choices: [mini, standard, full, on-demand] more...
    • revision_image_auto_backup (Alias name: revision-image-auto-backup) Enable/disable back-up of the latest image revision after the firmware is upgraded. type: str choices: [disable, enable] more...
    • sflowd_max_children_num (Alias name: sflowd-max-children-num) Maximum number of sflowd child processes allowed to run. type: int more...
    • admin_https_pki_required (Alias name: admin-https-pki-required) Enable/disable admin login method. type: str choices: [disable, enable] more...
    • special_file_23_support (Alias name: special-file-23-support) Enable/disable detection of those special format files when using data loss prevention. type: str choices: [disable, enable] more...
    • npu_neighbor_update (Alias name: npu-neighbor-update) Enable/disable sending of arp/icmp6 probing packets to update neighbors for offloaded sessions. type: str choices: [disable, enable] more...
    • log_single_cpu_high (Alias name: log-single-cpu-high) Enable/disable logging the event of a single cpu core reaching cpu usage threshold. type: str choices: [disable, enable] more...
    • management_ip (Alias name: management-ip) Management ip address of this fortigate. type: str more...
    • proxy_resource_mode (Alias name: proxy-resource-mode) Enable/disable use of the maximum memory usage on the fortigate units proxy processing of resources, such as block lists, allow lists, and external resources. type: str choices: [disable, enable] more...
    • admin_ble_button (Alias name: admin-ble-button) Press the ble button can enable ble function type: str choices: [disable, enable] more...
    • gui_firmware_upgrade_warning (Alias name: gui-firmware-upgrade-warning) Enable/disable the firmware upgrade warning on the gui. type: str choices: [disable, enable] more...
    • dp_tcp_normal_timer (Alias name: dp-tcp-normal-timer) Dp tcp normal timeout (1 - 65535 sec, default = 3605). type: int more...
    • ipv6_allow_traffic_redirect (Alias name: ipv6-allow-traffic-redirect) Disable to prevent ipv6 traffic with same local ingress and egress interface from being forwarded without policy check. type: str choices: [disable, enable] more...
    • cli_audit_log (Alias name: cli-audit-log) Enable/disable cli audit log. type: str choices: [disable, enable] more...
    • memory_use_threshold_extreme (Alias name: memory-use-threshold-extreme) Threshold at which memory usage is considered extreme (new sessions are dropped) (% of total ram, default = 95). type: int more...
    • ha_affinity (Alias name: ha-affinity) Affinity setting for ha daemons (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). type: str more...
    • restart_time (Alias name: restart-time) Daily restart time (hh:mm). type: str more...
    • speedtestd_ctrl_port (Alias name: speedtestd-ctrl-port) Speedtest server controller port number. type: int more...
    • gui_wireless_opensecurity (Alias name: gui-wireless-opensecurity) Enable/disable wireless open security option on the gui. type: str choices: [disable, enable] more...
    • memory_use_threshold_red (Alias name: memory-use-threshold-red) Threshold at which memory usage forces the fortigate to enter conserve mode (% of total ram, default = 88). type: int more...
    • dp_fragment_timer (Alias name: dp-fragment-timer) Dp fragment session timeout (1 - 65535 sec, default = 120). type: int more...
    • wad_restart_start_time (Alias name: wad-restart-start-time) Wad workers daily restart time (hh:mm). type: str more...
    • proxy_re_authentication_time (Alias name: proxy-re-authentication-time) The time limit that users must re-authenticate if proxy-keep-alive-mode is set to re-authenticate (1 - 86400 sec, default=30s. type: int more...
    • gui_app_detection_sdwan (Alias name: gui-app-detection-sdwan) Enable/disable allow app-detection based sd-wan. type: str choices: [disable, enable] more...
    • scanunit_count (Alias name: scanunit-count) Number of scanunits. type: int more...
    • tftp Enable/disable tftp. type: str choices: [disable, enable] more...
    • xstools_update_frequency (Alias name: xstools-update-frequency) Xenserver tools daemon update frequency (30 - 300 sec, default = 60). type: int more...
    • clt_cert_req (Alias name: clt-cert-req) Enable/disable requiring administrators to have a client certificate to log into the gui using https. type: str choices: [disable, enable] more...
    • fortiextender_vlan_mode (Alias name: fortiextender-vlan-mode) Enable/disable fortiextender vlan mode. type: str choices: [disable, enable] more...
    • auth_http_port (Alias name: auth-http-port) User authentication http port. type: int more...
    • per_user_bal (Alias name: per-user-bal) Enable/disable per-user block/allow list filter. type: str choices: [disable, enable] more...
    • gui_date_format (Alias name: gui-date-format) Default date format used throughout gui. type: str choices: [yyyy/MM/dd, dd/MM/yyyy, MM/dd/yyyy, yyyy-MM-dd, dd-MM-yyyy, MM-dd-yyyy] more...
    • log_uuid_address (Alias name: log-uuid-address) Enable/disable insertion of address uuids to traffic logs. type: str choices: [disable, enable] more...
    • cloud_communication (Alias name: cloud-communication) Enable/disable all cloud communication. type: str choices: [disable, enable] more...
    • lldp_reception (Alias name: lldp-reception) Enable/disable link layer discovery protocol (lldp) reception. type: str choices: [disable, enable] more...
    • two_factor_ftm_expiry (Alias name: two-factor-ftm-expiry) Fortitoken mobile session timeout (1 - 168 hours (7 days), default = 72). type: int more...
    • quic_udp_payload_size_shaping_per_cid (Alias name: quic-udp-payload-size-shaping-per-cid) Enable/disable udp payload size shaping per connection id (default = enable). type: str choices: [disable, enable] more...
    • autorun_log_fsck (Alias name: autorun-log-fsck) Enable/disable automatic log partition check after ungraceful shutdown. type: str choices: [disable, enable] more...
    • vpn_ems_sn_check (Alias name: vpn-ems-sn-check) Enable/disable verification of ems serial number in ssl-vpn connection. type: str choices: [disable, enable] more...
    • admin_ssh_password (Alias name: admin-ssh-password) Enable/disable password authentication for ssh admin access. type: str choices: [disable, enable] more...
    • airplane_mode (Alias name: airplane-mode) Enable/disable airplane mode. type: str choices: [disable, enable] more...
    • batch_cmdb (Alias name: batch-cmdb) Enable/disable batch mode, allowing you to enter a series of cli commands that will execute as a group once they are loaded. type: str choices: [disable, enable] more...
    • ip_src_port_range (Alias name: ip-src-port-range) Ip source port range used for traffic originating from the fortigate unit. type: list more...
    • strict_dirty_session_check (Alias name: strict-dirty-session-check) Enable to check the session against the original policy when revalidating. type: str choices: [disable, enable] more...
    • user_device_store_max_devices (Alias name: user-device-store-max-devices) Maximum number of devices allowed in user device store. type: int more...
    • dp_udp_idle_timer (Alias name: dp-udp-idle-timer) Dp udp idle timer (0 - 86400 sec, default = 0). type: int more...
    • internal_switch_speed (Alias name: internal-switch-speed) Internal port speed. type: list choices: [auto, 10full, 10half, 100full, 100half, 1000full, 1000auto] more...
    • forticonverter_config_upload (Alias name: forticonverter-config-upload) Enable/disable config upload to forticonverter. type: str choices: [disable, once] more...
    • ipsec_round_robin (Alias name: ipsec-round-robin) Enable/disable round-robin redistribution to multiple cpus for ipsec vpn traffic. type: str choices: [disable, enable] more...
    • wad_affinity (Alias name: wad-affinity) Affinity setting for wad (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). type: str more...
    • wifi_ca_certificate (Alias name: wifi-ca-certificate) Ca certificate that verifies the wifi certificate. type: list more...
    • wimax_4g_usb (Alias name: wimax-4g-usb) Enable/disable comparability with wimax 4g usb devices. type: str choices: [disable, enable] more...
    • miglog_affinity (Alias name: miglog-affinity) Affinity setting for logging (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). type: str more...
    • faz_disk_buffer_size (Alias name: faz-disk-buffer-size) Maximum disk buffer size to temporarily store logs destined for fortianalyzer. type: int more...
    • ssh_kex_algo (Alias name: ssh-kex-algo) Select one or more ssh kex algorithms. type: list choices: [diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1, diffie-hellman-group-exchange-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, diffie-hellman-group18-sha512] more...
    • auto_auth_extension_device (Alias name: auto-auth-extension-device) Enable/disable automatic authorization of dedicated fortinet extension devices. type: str choices: [disable, enable] more...
    • forticarrier_bypass (Alias name: forticarrier-bypass) Forticarrier bypass. type: str choices: [disable, enable] more...
    • reset_sessionless_tcp (Alias name: reset-sessionless-tcp) Action to perform if the fortigate receives a tcp packet but cannot find a corresponding session in its session table. type: str choices: [disable, enable] more...
    • early_tcp_npu_session (Alias name: early-tcp-npu-session) Enable/disable early tcp npu session. type: str choices: [disable, enable] more...
    • http_unauthenticated_request_limit (Alias name: http-unauthenticated-request-limit) Http request body size limit before authentication. type: int more...
    • gui_local_out (Alias name: gui-local-out) Enable/disable local-out traffic on the gui. type: str choices: [disable, enable] more...
    • tcp_option (Alias name: tcp-option) Enable sack, timestamp and mss tcp options. type: str choices: [disable, enable] more...
    • proxy_auth_timeout (Alias name: proxy-auth-timeout) Authentication timeout in minutes for authenticated users (1 - 300 min, default = 10). type: int more...
    • fortiextender_discovery_lockdown (Alias name: fortiextender-discovery-lockdown) Enable/disable fortiextender capwap lockdown. type: str choices: [disable, enable] more...
    • lldp_transmission (Alias name: lldp-transmission) Enable/disable link layer discovery protocol (lldp) transmission. type: str choices: [disable, enable] more...
    • split_port (Alias name: split-port) Split port(s) to multiple 10gbps ports. type: list more...
    • gui_certificates (Alias name: gui-certificates) Enable/disable the system > certificate gui page, allowing you to add and configure certificates from the gui. type: str choices: [disable, enable] more...
    • cfg_save (Alias name: cfg-save) Configuration file save mode for cli changes. type: str choices: [automatic, manual, revert] more...
    • auth_keepalive (Alias name: auth-keepalive) Enable to prevent user authentication sessions from timing out when idle. type: str choices: [disable, enable] more...
    • split_port_mode (Alias name: split-port-mode) Split port mode. type: list more...
      • interface Split port interface. type: str more...
      • split_mode (Alias name: split-mode) The configuration mode for the split port interface. type: str choices: [disable, 4x10G, 4x25G, 4x50G, 8x50G, 4x100G, 2x200G, 8x25G] more...
    • admin_forticloud_sso_login (Alias name: admin-forticloud-sso-login) Enable/disable forticloud admin login via sso. type: str choices: [disable, enable] more...
    • post_login_banner (Alias name: post-login-banner) Enable/disable displaying the administrator access disclaimer message after an administrator successfully logs in. type: str choices: [disable, enable] more...
    • br_fdb_max_entry (Alias name: br-fdb-max-entry) Maximum number of bridge forwarding database (fdb) entries. type: int more...
    • ip_fragment_mem_thresholds (Alias name: ip-fragment-mem-thresholds) Maximum memory (mb) used to reassemble ipv4/ipv6 fragments. type: int more...
    • fortiextender_provision_on_authorization (Alias name: fortiextender-provision-on-authorization) Enable/disable automatic provisioning of latest fortiextender firmware on authorization. type: str choices: [disable, enable] more...
    • reboot_upon_config_restore (Alias name: reboot-upon-config-restore) Enable/disable reboot of system upon restoring configuration. type: str choices: [disable, enable] more...
    • syslog_affinity (Alias name: syslog-affinity) Affinity setting for syslog (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). type: str more...
    • fortiextender_data_port (Alias name: fortiextender-data-port) Fortiextender data port (1024 - 49150, default = 25246). type: int more...
    • quic_tls_handshake_timeout (Alias name: quic-tls-handshake-timeout) Time-to-live (ttl) for tls handshake in seconds (1 - 60, default = 5). type: int more...
    • forticonverter_integration (Alias name: forticonverter-integration) Enable/disable forticonverter integration service. type: str choices: [disable, enable] more...
    • proxy_keep_alive_mode (Alias name: proxy-keep-alive-mode) Control if users must re-authenticate after a session is closed, traffic has been idle, or from the point at which the user was authenticated. type: str choices: [session, traffic, re-authentication] more...
    • cmdbsvr_affinity (Alias name: cmdbsvr-affinity) Affinity setting for cmdbsvr (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). type: str more...
    • wad_memory_change_granularity (Alias name: wad-memory-change-granularity) Minimum percentage change in system memory usage detected by the wad daemon prior to adjusting tcp window size for any active connection. type: int more...
    • dhcp_lease_backup_interval (Alias name: dhcp-lease-backup-interval) Dhcp leases backup interval in seconds (10 - 3600, default = 60). type: int more...
    • check_protocol_header (Alias name: check-protocol-header) Level of checking performed on protocol headers. type: str choices: [loose, strict] more...
    • av_failopen_session (Alias name: av-failopen-session) When enabled and a proxy for a protocol runs out of room in its session table, that protocol goes into failopen mode and enacts the action specified by av-failopen. type: str choices: [disable, enable] more...
    • ipsec_ha_seqjump_rate (Alias name: ipsec-ha-seqjump-rate) Esp jump ahead rate (1g - 10g pps equivalent). type: int more...
    • admin_hsts_max_age (Alias name: admin-hsts-max-age) Https strict-transport-security header max-age in seconds. type: int more...
    • igmp_state_limit (Alias name: igmp-state-limit) Maximum number of igmp memberships (96 - 64000, default = 3200). type: int more...
    • admin_login_max (Alias name: admin-login-max) Maximum number of administrators who can be logged in at the same time (1 - 100, default = 100). type: int more...
    • ipv6_allow_multicast_probe (Alias name: ipv6-allow-multicast-probe) Enable/disable ipv6 address probe through multicast. type: str choices: [disable, enable] more...
    • virtual_switch_vlan (Alias name: virtual-switch-vlan) Enable/disable virtual switch vlan. type: str choices: [disable, enable] more...
    • admin_lockout_threshold (Alias name: admin-lockout-threshold) Number of failed login attempts before an administrator account is locked out for the admin-lockout-duration. type: int more...
    • dp_pinhole_timer (Alias name: dp-pinhole-timer) Dp pinhole session timeout (30 - 120 sec, default = 120). type: int more...
    • wireless_controller (Alias name: wireless-controller) Enable/disable the wireless controller feature to use the fortigate unit to manage fortiaps. type: str choices: [disable, enable] more...
    • bfd_affinity (Alias name: bfd-affinity) Affinity setting for bfd daemon (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). type: str more...
    • ssd_trim_freq (Alias name: ssd-trim-freq) How often to run ssd trim (default = weekly). type: str choices: [daily, weekly, monthly, hourly, never] more...
    • two_factor_sms_expiry (Alias name: two-factor-sms-expiry) Sms-based two-factor authentication session timeout (30 - 300 sec, default = 60). type: int more...
    • traffic_priority (Alias name: traffic-priority) Choose type of service (tos) or differentiated services code point (dscp) for traffic prioritization in traffic shaping. type: str choices: [tos, dscp] more...
    • proxy_and_explicit_proxy (Alias name: proxy-and-explicit-proxy) Proxy and explicit proxy. type: str choices: [disable, enable] more...
    • sslvpn_web_mode (Alias name: sslvpn-web-mode) Enable/disable ssl-vpn web mode. type: str choices: [disable, enable] more...
    • ssh_hostkey_password (Alias name: ssh-hostkey-password) Password for ssh-hostkey. type: list more...
    • wad_csvc_db_count (Alias name: wad-csvc-db-count) Number of concurrent wad-cache-service byte-cache processes. type: int more...
    • ipv6_allow_anycast_probe (Alias name: ipv6-allow-anycast-probe) Enable/disable ipv6 address probe through anycast. type: str choices: [disable, enable] more...
    • honor_df (Alias name: honor-df) Enable/disable honoring of dont-fragment (df) flag. type: str choices: [disable, enable] more...
    • hyper_scale_vdom_num (Alias name: hyper-scale-vdom-num) Number of vdoms for hyper scale license. type: int more...
    • wad_csvc_cs_count (Alias name: wad-csvc-cs-count) Number of concurrent wad-cache-service object-cache processes. type: int more...
    • internal_switch_mode (Alias name: internal-switch-mode) Internal switch mode. type: str choices: [switch, interface, hub] more...
    • cfg_revert_timeout (Alias name: cfg-revert-timeout) Time-out for reverting to the last saved configuration. type: int more...
    • admin_concurrent (Alias name: admin-concurrent) Enable/disable concurrent administrator logins. type: str choices: [disable, enable] more...
    • ipv6_allow_local_in_silent_drop (Alias name: ipv6-allow-local-in-silent-drop) Enable/disable silent drop of ipv6 local-in traffic. type: str choices: [disable, enable] more...
    • tcp_halfopen_timer (Alias name: tcp-halfopen-timer) Number of seconds the fortigate unit should wait to close a session after one peer has sent an open session packet but the other has not responded (1 - 86400 sec (1 day), default = 10). type: int more...
    • dp_rsync_timer (Alias name: dp-rsync-timer) Dp rsync session timeout (1 - 65535 sec, default = 300). type: int more...
    • management_port_use_admin_sport (Alias name: management-port-use-admin-sport) Enable/disable use of the admin-sport setting for the management port. type: str choices: [disable, enable] more...
    • gui_forticare_registration_setup_warning (Alias name: gui-forticare-registration-setup-warning) Enable/disable the forticare registration setup warning on the gui. type: str choices: [disable, enable] more...
    • gui_replacement_message_groups (Alias name: gui-replacement-message-groups) Enable/disable replacement message groups on the gui. type: str choices: [disable, enable] more...
    • security_rating_run_on_schedule (Alias name: security-rating-run-on-schedule) Enable/disable scheduled runs of security rating. type: str choices: [disable, enable] more...
    • admin_lockout_duration (Alias name: admin-lockout-duration) Amount of time in seconds that an administrator account is locked out after reaching the admin-lockout-threshold for repeated failed login attempts. type: int more...
    • optimize_flow_mode (Alias name: optimize-flow-mode) Flow mode optimization option. type: str choices: [disable, enable] more...
    • private_data_encryption (Alias name: private-data-encryption) Enable/disable private data encryption using an aes 128-bit key or passpharse. type: str choices: [disable, enable] more...
    • wireless_mode (Alias name: wireless-mode) Wireless mode setting. type: str choices: [ac, client, wtp, fwfap] more...
    • alias Alias for your fortigate unit. type: str more...
    • ssh_hostkey_algo (Alias name: ssh-hostkey-algo) Select one or more ssh hostkey algorithms. type: list choices: [ssh-rsa, ecdsa-sha2-nistp521, rsa-sha2-256, rsa-sha2-512, ssh-ed25519, ecdsa-sha2-nistp384, ecdsa-sha2-nistp256] more...
    • fortitoken_cloud (Alias name: fortitoken-cloud) Enable/disable fortitoken cloud service. type: str choices: [disable, enable] more...
    • av_affinity (Alias name: av-affinity) Affinity setting for av scanning (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). type: str more...
    • proxy_worker_count (Alias name: proxy-worker-count) Proxy worker count. type: int more...
    • ipsec_asic_offload (Alias name: ipsec-asic-offload) Enable/disable asic offloading (hardware acceleration) for ipsec vpn traffic. type: str choices: [disable, enable] more...
    • miglogd_children (Alias name: miglogd-children) Number of logging (miglogd) processes to be allowed to run. type: int more...
    • sslvpn_max_worker_count (Alias name: sslvpn-max-worker-count) Maximum number of ssl-vpn processes. type: int more...
    • ssh_mac_algo (Alias name: ssh-mac-algo) Select one or more ssh mac algorithms. type: list choices: [hmac-md5, hmac-md5-etm@openssh.com, hmac-md5-96, hmac-md5-96-etm@openssh.com, hmac-sha1, hmac-sha1-etm@openssh.com, hmac-sha2-256, hmac-sha2-256-etm@openssh.com, hmac-sha2-512, hmac-sha2-512-etm@openssh.com, hmac-ripemd160, hmac-ripemd160@openssh.com, hmac-ripemd160-etm@openssh.com, umac-64@openssh.com, umac-128@openssh.com, umac-64-etm@openssh.com, umac-128-etm@openssh.com] more...
    • url_filter_count (Alias name: url-filter-count) Url filter daemon count. type: int more...
    • wifi_certificate (Alias name: wifi-certificate) Certificate to use for wifi authentication. type: list more...
    • radius_port (Alias name: radius-port) Radius service port number. type: int more...
    • sys_perf_log_interval (Alias name: sys-perf-log-interval) Time in minutes between updates of performance statistics logging. type: int more...
    • gui_fortigate_cloud_sandbox (Alias name: gui-fortigate-cloud-sandbox) Enable/disable displaying fortigate cloud sandbox on the gui. type: str choices: [disable, enable] more...
    • auth_cert (Alias name: auth-cert) Server certificate that the fortigate uses for https firewall authentication connections. type: list more...
    • fortiextender Enable/disable fortiextender. type: str choices: [disable, enable] more...
    • admin_reset_button (Alias name: admin-reset-button) Press the reset button can reset to factory default. type: str choices: [disable, enable] more...
    • av_failopen (Alias name: av-failopen) Set the action to take if the fortigate is running low on memory or the proxy connection limit has been reached. type: str choices: [off, pass, one-shot, idledrop] more...
    • user_device_store_max_users (Alias name: user-device-store-max-users) Maximum number of users allowed in user device store. type: int more...
    • auth_session_limit (Alias name: auth-session-limit) Action to take when the number of allowed user authenticated sessions is reached. type: str choices: [block-new, logout-inactive] more...
    • ipv6_allow_local_in_slient_drop (Alias name: ipv6-allow-local-in-slient-drop) Enable/disable silent drop of ipv6 local-in traffic. type: str choices: [disable, enable] more...
    • quic_congestion_control_algo (Alias name: quic-congestion-control-algo) Quic congestion control algorithm (default = cubic). type: str choices: [cubic, bbr, bbr2, reno] more...
    • auth_ike_saml_port (Alias name: auth-ike-saml-port) User ike saml authentication port (0 - 65535, default = 1001). type: int more...
    • wad_restart_end_time (Alias name: wad-restart-end-time) Wad workers daily restart end time (hh:mm). type: str more...
    • http_request_limit (Alias name: http-request-limit) Http request body size limit. type: int more...
    • irq_time_accounting (Alias name: irq-time-accounting) Configure cpu irq time accounting mode. type: str choices: [auto, force] more...
    • remoteauthtimeout Number of seconds that the fortigate waits for responses from remote radius, ldap, or tacacs+ authentication servers. type: int more...
    • admin_https_ssl_banned_ciphers (Alias name: admin-https-ssl-banned-ciphers) Select one or more cipher technologies that cannot be used in gui https negotiations. type: list choices: [RSA, DHE, ECDHE, DSS, ECDSA, AES, AESGCM, CAMELLIA, 3DES, SHA1, SHA256, SHA384, STATIC, CHACHA20, ARIA, AESCCM] more...
    • allow_traffic_redirect (Alias name: allow-traffic-redirect) Disable to prevent traffic with same local ingress and egress interface from being forwarded without policy check. type: str choices: [disable, enable] more...
    • legacy_poe_device_support (Alias name: legacy-poe-device-support) Enable/disable legacy poe device support. type: str choices: [disable, enable] more...
    • wad_restart_mode (Alias name: wad-restart-mode) Wad worker restart mode (default = none). type: str choices: [none, time, memory] more...
    • fds_statistics_period (Alias name: fds-statistics-period) Fortiguard statistics collection period in minutes. type: int more...
    • admin_telnet (Alias name: admin-telnet) Enable/disable telnet service. type: str choices: [disable, enable] more...
    • ipv6_accept_dad (Alias name: ipv6-accept-dad) Enable/disable acceptance of ipv6 duplicate address detection (dad). type: int more...
    • tcp_timewait_timer (Alias name: tcp-timewait-timer) Length of the tcp time-wait state in seconds (1 - 300 sec, default = 1). type: int more...
    • admin_console_timeout (Alias name: admin-console-timeout) Console login timeout that overrides the admin timeout value (15 - 300 seconds, default = 0, which disables the timeout). type: int more...
    • default_service_source_port (Alias name: default-service-source-port) Default service source port range (default = 1 - 65535). type: str more...
    • quic_max_datagram_size (Alias name: quic-max-datagram-size) Maximum transmit datagram size (1200 - 1500, default = 1500). type: int more...
    • refresh Statistics refresh interval second(s) in gui. type: int more...
    • extender_controller_reserved_network (Alias name: extender-controller-reserved-network) Configure reserved network subnet for managed lan extension fortiextender units. type: list more...
    • url_filter_affinity (Alias name: url-filter-affinity) Url filter cpu affinity. type: str more...
    • policy_auth_concurrent (Alias name: policy-auth-concurrent) Number of concurrent firewall use logins from the same user (1 - 100, default = 0 means no limit). type: int more...
    • ipsec_hmac_offload (Alias name: ipsec-hmac-offload) Enable/disable offloading (hardware acceleration) of hmac processing for ipsec vpn. type: str choices: [disable, enable] more...
    • traffic_priority_level (Alias name: traffic-priority-level) Default system-wide level of priority for traffic prioritization. type: str choices: [high, medium, low] more...
    • ipsec_qat_offload (Alias name: ipsec-qat-offload) Enable/disable qat offloading (intel quickassist) for ipsec vpn traffic. type: str choices: [disable, enable] more...
    • ssd_trim_min (Alias name: ssd-trim-min) Minute of the hour on which to run ssd trim (0 - 59, 60 for random). type: int more...
    • gui_date_time_source (Alias name: gui-date-time-source) Source from which the fortigate gui uses to display date and time entries. type: str choices: [system, browser] more...
    • log_ssl_connection (Alias name: log-ssl-connection) Enable/disable logging of ssl connection events. type: str choices: [disable, enable] more...
    • ndp_max_entry (Alias name: ndp-max-entry) Maximum number of ndp table entries (set to 65,536 or higher; if set to 0, kernel holds 65,536 entries). type: int more...
    • vdom_mode (Alias name: vdom-mode) Enable/disable support for multiple virtual domains (vdoms). type: str choices: [no-vdom, multi-vdom, split-vdom] more...
    • internet_service_download_list (Alias name: internet-service-download-list) Configure which on-demand internet service ids are to be downloaded. type: list more...
    • fortitoken_cloud_sync_interval (Alias name: fortitoken-cloud-sync-interval) Interval in which to clean up remote users in fortitoken cloud (0 - 336 hours (14 days), default = 24, disable = 0). type: int more...
    • ssd_trim_weekday (Alias name: ssd-trim-weekday) Day of week to run ssd trim. type: str choices: [sunday, monday, tuesday, wednesday, thursday, friday, saturday] more...
    • two_factor_fac_expiry (Alias name: two-factor-fac-expiry) Fortiauthenticator token authentication session timeout (10 - 3600 seconds (1 hour), default = 60). type: int more...
    • gui_rest_api_cache (Alias name: gui-rest-api-cache) Enable/disable rest api result caching on fortigate. type: str choices: [disable, enable] more...
    • admin_forticloud_sso_default_profile (Alias name: admin-forticloud-sso-default-profile) Override access profile. type: list more...
    • proxy_auth_lifetime (Alias name: proxy-auth-lifetime) Enable/disable authenticated users lifetime control. type: str choices: [disable, enable] more...
    • device_idle_timeout (Alias name: device-idle-timeout) Time in seconds that a device must be idle to automatically log the device user out. type: int more...
    • login_timestamp (Alias name: login-timestamp) Enable/disable login time recording. type: str choices: [disable, enable] more...
    • speedtest_server (Alias name: speedtest-server) Enable/disable speed test server. type: str choices: [disable, enable] more...
    • edit_vdom_prompt (Alias name: edit-vdom-prompt) Enable/disable edit new vdom prompt. type: str choices: [disable, enable] more...
    • gui_cdn_domain_override (Alias name: gui-cdn-domain-override) Domain of cdn server. type: str more...
    • admin_ssh_grace_time (Alias name: admin-ssh-grace-time) Maximum time in seconds permitted between making an ssh connection to the fortigate unit and authenticating (10 - 3600 sec (1 hour), default 120). type: int more...
    • sslvpn_ems_sn_check (Alias name: sslvpn-ems-sn-check) Enable/disable verification of ems serial number in ssl-vpn connection. type: str choices: [disable, enable] more...
    • user_server_cert (Alias name: user-server-cert) Certificate to use for https user authentication. type: list more...
    • gui_allow_default_hostname (Alias name: gui-allow-default-hostname) Enable/disable the factory default hostname warning on the gui setup wizard. type: str choices: [disable, enable] more...
    • proxy_re_authentication_mode (Alias name: proxy-re-authentication-mode) Control if users must re-authenticate after a session is closed, traffic has been idle, or from the point at which the user was first created. type: str choices: [session, traffic, absolute] more...
    • ipsec_soft_dec_async (Alias name: ipsec-soft-dec-async) Enable/disable software decryption asynchronization (using multiple cpus to do decryption) for ipsec vpn traffic. type: str choices: [disable, enable] more...
    • admin_maintainer (Alias name: admin-maintainer) Enable/disable maintainer administrator login. type: str choices: [disable, enable] more...
    • dst Enable/disable daylight saving time. type: str choices: [disable, enable] more...
    • fec_port (Alias name: fec-port) Local udp port for forward error correction (49152 - 65535). type: int more...
    • ssh_kex_sha1 (Alias name: ssh-kex-sha1) Enable/disable sha1 key exchange for ssh access. type: str choices: [disable, enable] more...
    • ssh_mac_weak (Alias name: ssh-mac-weak) Enable/disable hmac-sha1 and umac-64-etm for ssh access. type: str choices: [disable, enable] more...
    • sslvpn_cipher_hardware_acceleration (Alias name: sslvpn-cipher-hardware-acceleration) Enable/disable ssl-vpn hardware acceleration. type: str choices: [disable, enable] more...
    • sys_file_check_interval (Alias name: sys-file-check-interval) Set scheduled system file checking interval in minutes (10 - 10080 min, default = 60, 0 = disabled). type: int more...
    • ssh_hmac_md5 (Alias name: ssh-hmac-md5) Enable/disable hmac-md5 for ssh access. type: str choices: [disable, enable] more...
    • ssh_cbc_cipher (Alias name: ssh-cbc-cipher) Enable/disable cbc cipher for ssh access. type: str choices: [disable, enable] more...
    • gui_fortiguard_resource_fetch (Alias name: gui-fortiguard-resource-fetch) Enable/disable retrieving static gui resources from fortiguard. type: str choices: [disable, enable] more...
    • sslvpn_kxp_hardware_acceleration (Alias name: sslvpn-kxp-hardware-acceleration) Enable/disable ssl-vpn kxp hardware acceleration. type: str choices: [disable, enable] more...
    • sslvpn_plugin_version_check (Alias name: sslvpn-plugin-version-check) Enable/disable checking browsers plugin version by ssl-vpn. type: str choices: [disable, enable] more...
    • fortiipam_integration (Alias name: fortiipam-integration) Enable/disable integration with the fortiipam cloud service. type: str choices: [disable, enable] more...
    • gui_firmware_upgrade_setup_warning (Alias name: gui-firmware-upgrade-setup-warning) Gui firmware upgrade setup warning. type: str choices: [disable, enable] more...
    • log_uuid_policy (Alias name: log-uuid-policy) Enable/disable insertion of policy uuids to traffic logs. type: str choices: [disable, enable] more...
    • per_user_bwl (Alias name: per-user-bwl) Enable/disable per-user black/white list filter. type: str choices: [disable, enable] more...
    • gui_fortisandbox_cloud (Alias name: gui-fortisandbox-cloud) Enable/disable displaying fortisandbox cloud on the gui. type: str choices: [disable, enable] more...
    • fortitoken_cloud_service (Alias name: fortitoken-cloud-service) Fortitoken cloud service. type: str choices: [disable, enable] more...
    • hw_switch_ether_filter (Alias name: hw-switch-ether-filter) Enable/disable hardware filter for certain ethernet packet types. type: str choices: [disable, enable] more...
    • virtual_server_count (Alias name: virtual-server-count) Maximum number of virtual server processes to create. type: int more...
    • endpoint_control_fds_access (Alias name: endpoint-control-fds-access) Endpoint control fds access. type: str choices: [disable, enable] more...
    • proxy_cipher_hardware_acceleration (Alias name: proxy-cipher-hardware-acceleration) Enable/disable using content processor (cp8 or cp9) hardware acceleration to encrypt and decrypt ipsec and ssl traffic. type: str choices: [disable, enable] more...
    • proxy_kxp_hardware_acceleration (Alias name: proxy-kxp-hardware-acceleration) Enable/disable using the content processor to accelerate kxp traffic. type: str choices: [disable, enable] more...
    • virtual_server_hardware_acceleration (Alias name: virtual-server-hardware-acceleration) Enable/disable virtual server hardware acceleration. type: str choices: [disable, enable] more...
    • user_history_password_threshold (Alias name: user-history-password-threshold) Maximum number of previous passwords saved per admin/user (3 - 15, default = 3). type: int more...
    • delay_tcp_npu_session (Alias name: delay-tcp-npu-session) Enable tcp npu session delay to guarantee packet order of 3-way handshake. type: str choices: [disable, enable] more...
    • auth_session_auto_backup_interval (Alias name: auth-session-auto-backup-interval) Configure automatic authentication session backup interval in minutes (default = 15). type: str choices: [1min, 5min, 15min, 30min, 1hr] more...
    • ip_conflict_detection (Alias name: ip-conflict-detection) Enable/disable logging of ipv4 address conflict detection. type: str choices: [disable, enable] more...
    • gtpu_dynamic_source_port (Alias name: gtpu-dynamic-source-port) Enable/disable gtp-u dynamic source port support. type: str choices: [disable, enable] more...
    • ip_fragment_timeout (Alias name: ip-fragment-timeout) Timeout value in seconds for any fragment not being reassembled type: int more...
    • ipv6_fragment_timeout (Alias name: ipv6-fragment-timeout) Timeout value in seconds for any ipv6 fragment not being reassembled type: int more...
    • scim_server_cert (Alias name: scim-server-cert) Server certificate that the fortigate uses for scim connections. type: list more...
    • scim_http_port (Alias name: scim-http-port) Scim http port (0 - 65535, default = 44558). type: int more...
    • auth_session_auto_backup (Alias name: auth-session-auto-backup) Enable/disable automatic and periodic backup of authentication sessions (default = disable). type: str choices: [disable, enable] more...
    • scim_https_port (Alias name: scim-https-port) Scim port (0 - 65535, default = 44559). type: int more...
    • httpd_max_worker_count (Alias name: httpd-max-worker-count) Maximum number of simultaneous http requests that will be served. type: int more...
    • rest_api_key_url_query (Alias name: rest-api-key-url-query) Enable/disable support for passing rest api keys through url query parameters. type: str choices: [disable, enable] more...

Notes

Note

  • Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.

  • To create or update an object, use state: present directive.

  • To delete an object, use state: absent directive

  • Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples

- name: Example playbook (generated based on argument schema)
  hosts: fortimanagers
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Configure global attributes.
      fortinet.fortimanager.fmgr_devprof_system_global:
        # bypass_validation: false
        workspace_locking_adom: <value in [global, custom adom including root]>
        workspace_locking_timeout: 300
        # rc_succeeded: [0, -2, -3, ...]
        # rc_failed: [-2, -3, ...]
        adom: <your own value>
        devprof: <your own value>
        devprof_system_global:
          admin_https_redirect: <value in [disable, enable]>
          admin_port: <integer>
          admin_scp: <value in [disable, enable]>
          admin_sport: <integer>
          admin_ssh_port: <integer>
          admin_ssh_v1: <value in [disable, enable]>
          admin_telnet_port: <integer>
          admintimeout: <integer>
          gui_ipv6: <value in [disable, enable]>
          gui_lines_per_page: <integer>
          gui_theme: <value in [blue, green, melongene, ...]>
          language: <value in [english, simch, japanese, ...]>
          switch_controller: <value in [disable, enable]>
          gui_device_latitude: <string>
          gui_device_longitude: <string>
          hostname: <string>
          timezone:
            - "00"
            - "01"
            - "02"
            - "03"
            - "04"
            - "05"
            - "06"
            - "07"
            - "08"
            - "09"
            - "10"
            - "11"
            - "12"
            - "13"
            - "14"
            - "15"
            - "16"
            - "17"
            - "18"
            - "19"
            - "20"
            - "21"
            - "22"
            - "23"
            - "24"
            - "25"
            - "26"
            - "27"
            - "28"
            - "29"
            - "30"
            - "31"
            - "32"
            - "33"
            - "34"
            - "35"
            - "36"
            - "37"
            - "38"
            - "39"
            - "40"
            - "41"
            - "42"
            - "43"
            - "44"
            - "45"
            - "46"
            - "47"
            - "48"
            - "49"
            - "50"
            - "51"
            - "52"
            - "53"
            - "54"
            - "55"
            - "56"
            - "57"
            - "58"
            - "59"
            - "60"
            - "61"
            - "62"
            - "63"
            - "64"
            - "65"
            - "66"
            - "67"
            - "68"
            - "69"
            - "70"
            - "71"
            - "72"
            - "73"
            - "74"
            - "75"
            - "76"
            - "77"
            - "78"
            - "79"
            - "80"
            - "81"
            - "82"
            - "83"
            - "84"
            - "85"
            - "86"
            - "87"
          check_reset_range: <value in [disable, strict]>
          pmtu_discovery: <value in [disable, enable]>
          gui_allow_incompatible_fabric_fgt: <value in [disable, enable]>
          admin_restrict_local: <value in [disable, enable, all, ...]>
          gui_workflow_management: <value in [disable, enable]>
          send_pmtu_icmp: <value in [disable, enable]>
          tcp_halfclose_timer: <integer>
          admin_server_cert: <list or string>
          dnsproxy_worker_count: <integer>
          show_backplane_intf: <value in [disable, enable]>
          gui_custom_language: <value in [disable, enable]>
          ldapconntimeout: <integer>
          auth_https_port: <integer>
          revision_backup_on_logout: <value in [disable, enable]>
          arp_max_entry: <integer>
          long_vdom_name: <value in [disable, enable]>
          pre_login_banner: <value in [disable, enable]>
          qsfpdd_split8_port: <list or string>
          max_route_cache_size: <integer>
          fortitoken_cloud_push_status: <value in [disable, enable]>
          ssh_hostkey_override: <value in [disable, enable]>
          proxy_hardware_acceleration: <value in [disable, enable]>
          switch_controller_reserved_network: <list or string>
          ssd_trim_date: <integer>
          wad_worker_count: <integer>
          ssh_hostkey: <string>
          wireless_controller_port: <integer>
          fgd_alert_subscription:
            - "advisory"
            - "latest-threat"
            - "latest-virus"
            - "latest-attack"
            - "new-antivirus-db"
            - "new-attack-db"
          forticontroller_proxy_port: <integer>
          dh_params: <value in [1024, 1536, 2048, ...]>
          memory_use_threshold_green: <integer>
          proxy_cert_use_mgmt_vdom: <value in [disable, enable]>
          proxy_auth_lifetime_timeout: <integer>
          gui_auto_upgrade_setup_warning: <value in [disable, enable]>
          gui_cdn_usage: <value in [disable, enable]>
          two_factor_email_expiry: <integer>
          udp_idle_timer: <integer>
          interface_subnet_usage: <value in [disable, enable]>
          forticontroller_proxy: <value in [disable, enable]>
          ssh_enc_algo:
            - "chacha20-poly1305@openssh.com"
            - "aes128-ctr"
            - "aes192-ctr"
            - "aes256-ctr"
            - "arcfour256"
            - "arcfour128"
            - "aes128-cbc"
            - "3des-cbc"
            - "blowfish-cbc"
            - "cast128-cbc"
            - "aes192-cbc"
            - "aes256-cbc"
            - "arcfour"
            - "rijndael-cbc@lysator.liu.se"
            - "aes128-gcm@openssh.com"
            - "aes256-gcm@openssh.com"
          block_session_timer: <integer>
          quic_pmtud: <value in [disable, enable]>
          admin_https_ssl_ciphersuites:
            - "TLS-AES-128-GCM-SHA256"
            - "TLS-AES-256-GCM-SHA384"
            - "TLS-CHACHA20-POLY1305-SHA256"
            - "TLS-AES-128-CCM-SHA256"
            - "TLS-AES-128-CCM-8-SHA256"
          security_rating_result_submission: <value in [disable, enable]>
          user_device_store_max_unified_mem: <integer>
          management_port: <integer>
          fortigslb_integration: <value in [disable, enable]>
          admin_https_ssl_versions:
            - "tlsv1-0"
            - "tlsv1-1"
            - "tlsv1-2"
            - "sslv3"
            - "tlsv1-3"
          cert_chain_max: <integer>
          qsfp28_40g_port: <list or string>
          strong_crypto: <value in [disable, enable]>
          multi_factor_authentication: <value in [optional, mandatory]>
          fds_statistics: <value in [disable, enable]>
          gui_display_hostname: <value in [disable, enable]>
          two_factor_ftk_expiry: <integer>
          wad_source_affinity: <value in [disable, enable]>
          ssl_static_key_ciphers: <value in [disable, enable]>
          daily_restart: <value in [disable, enable]>
          snat_route_change: <value in [disable, enable]>
          tcp_rst_timer: <integer>
          anti_replay: <value in [disable, loose, strict]>
          ssl_min_proto_version: <value in [TLSv1, TLSv1-1, TLSv1-2, ...]>
          speedtestd_server_port: <integer>
          cpu_use_threshold: <integer>
          admin_host: <string>
          csr_ca_attribute: <value in [disable, enable]>
          fortiservice_port: <integer>
          ssd_trim_hour: <integer>
          purdue_level: <value in [1, 2, 3, ...]>
          management_vdom: <list or string>
          quic_ack_thresold: <integer>
          qsfpdd_100g_port: <list or string>
          ips_affinity: <string>
          vip_arp_range: <value in [restricted, unlimited]>
          internet_service_database: <value in [mini, standard, full, ...]>
          revision_image_auto_backup: <value in [disable, enable]>
          sflowd_max_children_num: <integer>
          admin_https_pki_required: <value in [disable, enable]>
          special_file_23_support: <value in [disable, enable]>
          npu_neighbor_update: <value in [disable, enable]>
          log_single_cpu_high: <value in [disable, enable]>
          management_ip: <string>
          proxy_resource_mode: <value in [disable, enable]>
          admin_ble_button: <value in [disable, enable]>
          gui_firmware_upgrade_warning: <value in [disable, enable]>
          dp_tcp_normal_timer: <integer>
          ipv6_allow_traffic_redirect: <value in [disable, enable]>
          cli_audit_log: <value in [disable, enable]>
          memory_use_threshold_extreme: <integer>
          ha_affinity: <string>
          restart_time: <string>
          speedtestd_ctrl_port: <integer>
          gui_wireless_opensecurity: <value in [disable, enable]>
          memory_use_threshold_red: <integer>
          dp_fragment_timer: <integer>
          wad_restart_start_time: <string>
          proxy_re_authentication_time: <integer>
          gui_app_detection_sdwan: <value in [disable, enable]>
          scanunit_count: <integer>
          tftp: <value in [disable, enable]>
          xstools_update_frequency: <integer>
          clt_cert_req: <value in [disable, enable]>
          fortiextender_vlan_mode: <value in [disable, enable]>
          auth_http_port: <integer>
          per_user_bal: <value in [disable, enable]>
          gui_date_format: <value in [yyyy/MM/dd, dd/MM/yyyy, MM/dd/yyyy, ...]>
          log_uuid_address: <value in [disable, enable]>
          cloud_communication: <value in [disable, enable]>
          lldp_reception: <value in [disable, enable]>
          two_factor_ftm_expiry: <integer>
          quic_udp_payload_size_shaping_per_cid: <value in [disable, enable]>
          autorun_log_fsck: <value in [disable, enable]>
          vpn_ems_sn_check: <value in [disable, enable]>
          admin_ssh_password: <value in [disable, enable]>
          airplane_mode: <value in [disable, enable]>
          batch_cmdb: <value in [disable, enable]>
          ip_src_port_range: <list or string>
          strict_dirty_session_check: <value in [disable, enable]>
          user_device_store_max_devices: <integer>
          dp_udp_idle_timer: <integer>
          internal_switch_speed:
            - "auto"
            - "10full"
            - "10half"
            - "100full"
            - "100half"
            - "1000full"
            - "1000auto"
          forticonverter_config_upload: <value in [disable, once]>
          ipsec_round_robin: <value in [disable, enable]>
          wad_affinity: <string>
          wifi_ca_certificate: <list or string>
          wimax_4g_usb: <value in [disable, enable]>
          miglog_affinity: <string>
          faz_disk_buffer_size: <integer>
          ssh_kex_algo:
            - "diffie-hellman-group1-sha1"
            - "diffie-hellman-group14-sha1"
            - "diffie-hellman-group-exchange-sha1"
            - "diffie-hellman-group-exchange-sha256"
            - "curve25519-sha256@libssh.org"
            - "ecdh-sha2-nistp256"
            - "ecdh-sha2-nistp384"
            - "ecdh-sha2-nistp521"
            - "diffie-hellman-group14-sha256"
            - "diffie-hellman-group16-sha512"
            - "diffie-hellman-group18-sha512"
          auto_auth_extension_device: <value in [disable, enable]>
          forticarrier_bypass: <value in [disable, enable]>
          reset_sessionless_tcp: <value in [disable, enable]>
          early_tcp_npu_session: <value in [disable, enable]>
          http_unauthenticated_request_limit: <integer>
          gui_local_out: <value in [disable, enable]>
          tcp_option: <value in [disable, enable]>
          proxy_auth_timeout: <integer>
          fortiextender_discovery_lockdown: <value in [disable, enable]>
          lldp_transmission: <value in [disable, enable]>
          split_port: <list or string>
          gui_certificates: <value in [disable, enable]>
          cfg_save: <value in [automatic, manual, revert]>
          auth_keepalive: <value in [disable, enable]>
          split_port_mode:
            -
              interface: <string>
              split_mode: <value in [disable, 4x10G, 4x25G, ...]>
          admin_forticloud_sso_login: <value in [disable, enable]>
          post_login_banner: <value in [disable, enable]>
          br_fdb_max_entry: <integer>
          ip_fragment_mem_thresholds: <integer>
          fortiextender_provision_on_authorization: <value in [disable, enable]>
          reboot_upon_config_restore: <value in [disable, enable]>
          syslog_affinity: <string>
          fortiextender_data_port: <integer>
          quic_tls_handshake_timeout: <integer>
          forticonverter_integration: <value in [disable, enable]>
          proxy_keep_alive_mode: <value in [session, traffic, re-authentication]>
          cmdbsvr_affinity: <string>
          wad_memory_change_granularity: <integer>
          dhcp_lease_backup_interval: <integer>
          check_protocol_header: <value in [loose, strict]>
          av_failopen_session: <value in [disable, enable]>
          ipsec_ha_seqjump_rate: <integer>
          admin_hsts_max_age: <integer>
          igmp_state_limit: <integer>
          admin_login_max: <integer>
          ipv6_allow_multicast_probe: <value in [disable, enable]>
          virtual_switch_vlan: <value in [disable, enable]>
          admin_lockout_threshold: <integer>
          dp_pinhole_timer: <integer>
          wireless_controller: <value in [disable, enable]>
          bfd_affinity: <string>
          ssd_trim_freq: <value in [daily, weekly, monthly, ...]>
          two_factor_sms_expiry: <integer>
          traffic_priority: <value in [tos, dscp]>
          proxy_and_explicit_proxy: <value in [disable, enable]>
          sslvpn_web_mode: <value in [disable, enable]>
          ssh_hostkey_password: <list or string>
          wad_csvc_db_count: <integer>
          ipv6_allow_anycast_probe: <value in [disable, enable]>
          honor_df: <value in [disable, enable]>
          hyper_scale_vdom_num: <integer>
          wad_csvc_cs_count: <integer>
          internal_switch_mode: <value in [switch, interface, hub]>
          cfg_revert_timeout: <integer>
          admin_concurrent: <value in [disable, enable]>
          ipv6_allow_local_in_silent_drop: <value in [disable, enable]>
          tcp_halfopen_timer: <integer>
          dp_rsync_timer: <integer>
          management_port_use_admin_sport: <value in [disable, enable]>
          gui_forticare_registration_setup_warning: <value in [disable, enable]>
          gui_replacement_message_groups: <value in [disable, enable]>
          security_rating_run_on_schedule: <value in [disable, enable]>
          admin_lockout_duration: <integer>
          optimize_flow_mode: <value in [disable, enable]>
          private_data_encryption: <value in [disable, enable]>
          wireless_mode: <value in [ac, client, wtp, ...]>
          alias: <string>
          ssh_hostkey_algo:
            - "ssh-rsa"
            - "ecdsa-sha2-nistp521"
            - "rsa-sha2-256"
            - "rsa-sha2-512"
            - "ssh-ed25519"
            - "ecdsa-sha2-nistp384"
            - "ecdsa-sha2-nistp256"
          fortitoken_cloud: <value in [disable, enable]>
          av_affinity: <string>
          proxy_worker_count: <integer>
          ipsec_asic_offload: <value in [disable, enable]>
          miglogd_children: <integer>
          sslvpn_max_worker_count: <integer>
          ssh_mac_algo:
            - "hmac-md5"
            - "hmac-md5-etm@openssh.com"
            - "hmac-md5-96"
            - "hmac-md5-96-etm@openssh.com"
            - "hmac-sha1"
            - "hmac-sha1-etm@openssh.com"
            - "hmac-sha2-256"
            - "hmac-sha2-256-etm@openssh.com"
            - "hmac-sha2-512"
            - "hmac-sha2-512-etm@openssh.com"
            - "hmac-ripemd160"
            - "hmac-ripemd160@openssh.com"
            - "hmac-ripemd160-etm@openssh.com"
            - "umac-64@openssh.com"
            - "umac-128@openssh.com"
            - "umac-64-etm@openssh.com"
            - "umac-128-etm@openssh.com"
          url_filter_count: <integer>
          wifi_certificate: <list or string>
          radius_port: <integer>
          sys_perf_log_interval: <integer>
          gui_fortigate_cloud_sandbox: <value in [disable, enable]>
          auth_cert: <list or string>
          fortiextender: <value in [disable, enable]>
          admin_reset_button: <value in [disable, enable]>
          av_failopen: <value in [off, pass, one-shot, ...]>
          user_device_store_max_users: <integer>
          auth_session_limit: <value in [block-new, logout-inactive]>
          ipv6_allow_local_in_slient_drop: <value in [disable, enable]>
          quic_congestion_control_algo: <value in [cubic, bbr, bbr2, ...]>
          auth_ike_saml_port: <integer>
          wad_restart_end_time: <string>
          http_request_limit: <integer>
          irq_time_accounting: <value in [auto, force]>
          remoteauthtimeout: <integer>
          admin_https_ssl_banned_ciphers:
            - "RSA"
            - "DHE"
            - "ECDHE"
            - "DSS"
            - "ECDSA"
            - "AES"
            - "AESGCM"
            - "CAMELLIA"
            - "3DES"
            - "SHA1"
            - "SHA256"
            - "SHA384"
            - "STATIC"
            - "CHACHA20"
            - "ARIA"
            - "AESCCM"
          allow_traffic_redirect: <value in [disable, enable]>
          legacy_poe_device_support: <value in [disable, enable]>
          wad_restart_mode: <value in [none, time, memory]>
          fds_statistics_period: <integer>
          admin_telnet: <value in [disable, enable]>
          ipv6_accept_dad: <integer>
          tcp_timewait_timer: <integer>
          admin_console_timeout: <integer>
          default_service_source_port: <string>
          quic_max_datagram_size: <integer>
          refresh: <integer>
          extender_controller_reserved_network: <list or string>
          url_filter_affinity: <string>
          policy_auth_concurrent: <integer>
          ipsec_hmac_offload: <value in [disable, enable]>
          traffic_priority_level: <value in [high, medium, low]>
          ipsec_qat_offload: <value in [disable, enable]>
          ssd_trim_min: <integer>
          gui_date_time_source: <value in [system, browser]>
          log_ssl_connection: <value in [disable, enable]>
          ndp_max_entry: <integer>
          vdom_mode: <value in [no-vdom, multi-vdom, split-vdom]>
          internet_service_download_list: <list or string>
          fortitoken_cloud_sync_interval: <integer>
          ssd_trim_weekday: <value in [sunday, monday, tuesday, ...]>
          two_factor_fac_expiry: <integer>
          gui_rest_api_cache: <value in [disable, enable]>
          admin_forticloud_sso_default_profile: <list or string>
          proxy_auth_lifetime: <value in [disable, enable]>
          device_idle_timeout: <integer>
          login_timestamp: <value in [disable, enable]>
          speedtest_server: <value in [disable, enable]>
          edit_vdom_prompt: <value in [disable, enable]>
          gui_cdn_domain_override: <string>
          admin_ssh_grace_time: <integer>
          sslvpn_ems_sn_check: <value in [disable, enable]>
          user_server_cert: <list or string>
          gui_allow_default_hostname: <value in [disable, enable]>
          proxy_re_authentication_mode: <value in [session, traffic, absolute]>
          ipsec_soft_dec_async: <value in [disable, enable]>
          admin_maintainer: <value in [disable, enable]>
          dst: <value in [disable, enable]>
          fec_port: <integer>
          ssh_kex_sha1: <value in [disable, enable]>
          ssh_mac_weak: <value in [disable, enable]>
          sslvpn_cipher_hardware_acceleration: <value in [disable, enable]>
          sys_file_check_interval: <integer>
          ssh_hmac_md5: <value in [disable, enable]>
          ssh_cbc_cipher: <value in [disable, enable]>
          gui_fortiguard_resource_fetch: <value in [disable, enable]>
          sslvpn_kxp_hardware_acceleration: <value in [disable, enable]>
          sslvpn_plugin_version_check: <value in [disable, enable]>
          fortiipam_integration: <value in [disable, enable]>
          gui_firmware_upgrade_setup_warning: <value in [disable, enable]>
          log_uuid_policy: <value in [disable, enable]>
          per_user_bwl: <value in [disable, enable]>
          gui_fortisandbox_cloud: <value in [disable, enable]>
          fortitoken_cloud_service: <value in [disable, enable]>
          hw_switch_ether_filter: <value in [disable, enable]>
          virtual_server_count: <integer>
          endpoint_control_fds_access: <value in [disable, enable]>
          proxy_cipher_hardware_acceleration: <value in [disable, enable]>
          proxy_kxp_hardware_acceleration: <value in [disable, enable]>
          virtual_server_hardware_acceleration: <value in [disable, enable]>
          user_history_password_threshold: <integer>
          delay_tcp_npu_session: <value in [disable, enable]>
          auth_session_auto_backup_interval: <value in [1min, 5min, 15min, ...]>
          ip_conflict_detection: <value in [disable, enable]>
          gtpu_dynamic_source_port: <value in [disable, enable]>
          ip_fragment_timeout: <integer>
          ipv6_fragment_timeout: <integer>
          scim_server_cert: <list or string>
          scim_http_port: <integer>
          auth_session_auto_backup: <value in [disable, enable]>
          scim_https_port: <integer>
          httpd_max_worker_count: <integer>
          rest_api_key_url_query: <value in [disable, enable]>

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

  • meta - The result of the request.returned: always type: dict
    • request_url - The full url requested. returned: always type: str sample: /sys/login/user
    • response_code - The status of api request. returned: always type: int sample: 0
    • response_data - The data body of the api response. returned: optional type: list or dict
    • response_message - The descriptive message of the api response. returned: always type: str sample: OK
    • system_information - The information of the target system. returned: always type: dict
  • rc - The status the request. returned: always type: int sample: 0
  • version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list

Status

  • This module is not guaranteed to have a backwards compatible interface.

Authors

  • Xinwei Du (@dux-fortinet)

  • Xing Li (@lix-fortinet)

  • Jie Xue (@JieX19)

  • Link Zheng (@chillancezen)

  • Frank Shen (@fshen01)

  • Hongbin Lu (@fgtdev-hblu)