fmgr_fsp_vlan_interface

New in version 2.10.

Synopsis

• This module is able to configure a FortiManager device.
• Examples include all parameters and values need to be adjusted to data sources before usage.
• Tested with FortiManager v6.0.0.

Requirements

The below requirements are needed on the host that executes this module.

• ansible>=2.9.0

Parameters

• bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters type: bool required: false default: False
• workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode type: str required: false choices: global, custom adom including root
• workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock type: integer required: false default: 300
• rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
• rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
• adom - The parameter in requested url type: str required: true
• vlan - The parameter in requested url type: str required: true
• fsp_vlan_interface - no description type: dict
• ac-name - No description for the parameter type: str
• aggregate - No description for the parameter type: str
• algorithm - No description for the parameter type: str choices: [L2, L3, L4]
• alias - No description for the parameter type: str
• allowaccess - No description for the parameter type: array choices: [https, ping, ssh, snmp, http, telnet, fgfm, auto-ipsec, radius-acct, probe-response, capwap, dnp, ftm]
• ap-discover - No description for the parameter type: str choices: [disable, enable]
• arpforward - No description for the parameter type: str choices: [disable, enable]
• atm-protocol - No description for the parameter type: str choices: [none, ipoa]
• auth-type - No description for the parameter type: str choices: [auto, pap, chap, mschapv1, mschapv2]
• auto-auth-extension-device - No description for the parameter type: str choices: [disable, enable]
• bfd - No description for the parameter type: str choices: [global, enable, disable]
• bfd-desired-min-tx - No description for the parameter type: int
• bfd-detect-mult - No description for the parameter type: int
• bfd-required-min-rx - No description for the parameter type: int
• broadcast-forticlient-discovery - No description for the parameter type: str choices: [disable, enable]
• broadcast-forward - No description for the parameter type: str choices: [disable, enable]
• captive-portal - No description for the parameter type: int
• cli-conn-status - No description for the parameter type: int
• color - No description for the parameter type: int
• ddns - No description for the parameter type: str choices: [disable, enable]
• ddns-auth - No description for the parameter type: str choices: [disable, tsig]
• ddns-domain - No description for the parameter type: str
• ddns-key - No description for the parameter type: str
• ddns-keyname - No description for the parameter type: str
• ddns-password - No description for the parameter type: str
• ddns-server - No description for the parameter type: str choices: [dhs.org, dyndns.org, dyns.net, tzo.com, ods.org, vavic.com, now.net.cn, dipdns.net, easydns.com, genericDDNS]
• ddns-server-ip - No description for the parameter type: str
• ddns-sn - No description for the parameter type: str
• ddns-ttl - No description for the parameter type: int
• ddns-username - No description for the parameter type: str
• ddns-zone - No description for the parameter type: str
• dedicated-to - No description for the parameter type: str choices: [none, management]
• defaultgw - No description for the parameter type: str choices: [disable, enable]
• description - No description for the parameter type: str
• detected-peer-mtu - No description for the parameter type: int
• detectprotocol - No description for the parameter type: array choices: [ping, tcp-echo, udp-echo]
• detectserver - No description for the parameter type: str
• device-access-list - No description for the parameter type: str
• device-identification - No description for the parameter type: str choices: [disable, enable]
• device-identification-active-scan - No description for the parameter type: str choices: [disable, enable]
• device-netscan - No description for the parameter type: str choices: [disable, enable]
• device-user-identification - No description for the parameter type: str choices: [disable, enable]
• devindex - No description for the parameter type: int
• dhcp-client-identifier - No description for the parameter type: str
• dhcp-relay-agent-option - No description for the parameter type: str choices: [disable, enable]
• dhcp-relay-ip - No description for the parameter type: str
• dhcp-relay-service - No description for the parameter type: str choices: [disable, enable]
• dhcp-relay-type - No description for the parameter type: str choices: [regular, ipsec]
• dhcp-renew-time - No description for the parameter type: int
• disc-retry-timeout - No description for the parameter type: int
• disconnect-threshold - No description for the parameter type: int
• distance - No description for the parameter type: int
• dns-query - No description for the parameter type: str choices: [disable, recursive, non-recursive]
• dns-server-override - No description for the parameter type: str choices: [disable, enable]
• drop-fragment - No description for the parameter type: str choices: [disable, enable]
• drop-overlapped-fragment - No description for the parameter type: str choices: [disable, enable]
• egress-cos - No description for the parameter type: str choices: [disable, cos0, cos1, cos2, cos3, cos4, cos5, cos6, cos7]
• egress-shaping-profile - No description for the parameter type: str
• endpoint-compliance - No description for the parameter type: str choices: [disable, enable]
• estimated-downstream-bandwidth - No description for the parameter type: int
• estimated-upstream-bandwidth - No description for the parameter type: int
• explicit-ftp-proxy - No description for the parameter type: str choices: [disable, enable]
• explicit-web-proxy - No description for the parameter type: str choices: [disable, enable]
• external - No description for the parameter type: str choices: [disable, enable]
• fail-action-on-extender - No description for the parameter type: str choices: [soft-restart, hard-restart, reboot]
• fail-alert-interfaces - No description for the parameter type: str
• fail-alert-method - No description for the parameter type: str choices: [link-failed-signal, link-down]
• fail-detect - No description for the parameter type: str choices: [disable, enable]
• fail-detect-option - No description for the parameter type: array choices: [detectserver, link-down]
• fdp - No description for the parameter type: str choices: [disable, enable]
• fortiheartbeat - No description for the parameter type: str choices: [disable, enable]
• fortilink - No description for the parameter type: str choices: [disable, enable]
• fortilink-backup-link - No description for the parameter type: int
• fortilink-split-interface - No description for the parameter type: str choices: [disable, enable]
• fortilink-stacking - No description for the parameter type: str choices: [disable, enable]
• forward-domain - No description for the parameter type: int
• forward-error-correction - No description for the parameter type: str choices: [disable, enable, rs-fec, base-r-fec]
• fp-anomaly - No description for the parameter type: array choices: [drop_tcp_fin_noack, pass_winnuke, pass_tcpland, pass_udpland, pass_icmpland, pass_ipland, pass_iprr, pass_ipssrr, pass_iplsrr, pass_ipstream, pass_ipsecurity, pass_iptimestamp, pass_ipunknown_option, pass_ipunknown_prot, pass_icmp_frag, pass_tcp_no_flag, pass_tcp_fin_noack, drop_winnuke, drop_tcpland, drop_udpland, drop_icmpland, drop_ipland, drop_iprr, drop_ipssrr, drop_iplsrr, drop_ipstream, drop_ipsecurity, drop_iptimestamp, drop_ipunknown_option, drop_ipunknown_prot, drop_icmp_frag, drop_tcp_no_flag]
• fp-disable - No description for the parameter type: array choices: [all, ipsec, none]
• gateway-address - No description for the parameter type: str
• gi-gk - No description for the parameter type: str choices: [disable, enable]
• gwaddr - No description for the parameter type: str
• gwdetect - No description for the parameter type: str choices: [disable, enable]
• ha-priority - No description for the parameter type: int
• icmp-accept-redirect - No description for the parameter type: str choices: [disable, enable]
• icmp-redirect - No description for the parameter type: str choices: [disable, enable]
• icmp-send-redirect - No description for the parameter type: str choices: [disable, enable]
• ident-accept - No description for the parameter type: str choices: [disable, enable]
• idle-timeout - No description for the parameter type: int
• if-mdix - No description for the parameter type: str choices: [auto, normal, crossover]
• if-media - No description for the parameter type: str choices: [auto, copper, fiber]
• in-force-vlan-cos - No description for the parameter type: int
• inbandwidth - No description for the parameter type: int
• ingress-cos - No description for the parameter type: str choices: [disable, cos0, cos1, cos2, cos3, cos4, cos5, cos6, cos7]
• ingress-spillover-threshold - No description for the parameter type: int
• internal - No description for the parameter type: int
• ip - No description for the parameter type: str
• ipmac - No description for the parameter type: str choices: [disable, enable]
• ips-sniffer-mode - No description for the parameter type: str choices: [disable, enable]
• ipunnumbered - No description for the parameter type: str
• ipv6 type: dict
• autoconf - No description for the parameter type: str choices: [disable, enable]
• dhcp6-client-options - No description for the parameter type: array choices: [rapid, iapd, iana, dns, dnsname]
• dhcp6-information-request - No description for the parameter type: str choices: [disable, enable]
• dhcp6-prefix-delegation - No description for the parameter type: str choices: [disable, enable]
• dhcp6-prefix-hint - No description for the parameter type: str
• dhcp6-prefix-hint-plt - No description for the parameter type: int
• dhcp6-prefix-hint-vlt - No description for the parameter type: int
• dhcp6-relay-ip - No description for the parameter type: str
• dhcp6-relay-service - No description for the parameter type: str choices: [disable, enable]
• dhcp6-relay-type - No description for the parameter type: str choices: [regular]
• ip6-address - No description for the parameter type: str
• ip6-allowaccess - No description for the parameter type: array choices: [https, ping, ssh, snmp, http, telnet, fgfm, capwap]
• ip6-default-life - No description for the parameter type: int
• ip6-dns-server-override - No description for the parameter type: str choices: [disable, enable]
• ip6-hop-limit - No description for the parameter type: int
• ip6-link-mtu - No description for the parameter type: int
• ip6-manage-flag - No description for the parameter type: str choices: [disable, enable]
• ip6-max-interval - No description for the parameter type: int
• ip6-min-interval - No description for the parameter type: int
• ip6-mode - No description for the parameter type: str choices: [static, dhcp, pppoe, delegated]
• ip6-other-flag - No description for the parameter type: str choices: [disable, enable]
• ip6-reachable-time - No description for the parameter type: int
• ip6-retrans-time - No description for the parameter type: int
• ip6-send-adv - No description for the parameter type: str choices: [disable, enable]
• ip6-subnet - No description for the parameter type: str
• ip6-upstream-interface - No description for the parameter type: str
• nd-cert - No description for the parameter type: str
• nd-cga-modifier - No description for the parameter type: str
• nd-mode - No description for the parameter type: str choices: [basic, SEND-compatible]
• nd-security-level - No description for the parameter type: int
• nd-timestamp-delta - No description for the parameter type: int
• nd-timestamp-fuzz - No description for the parameter type: int
• vrip6_link_local - No description for the parameter type: str
• vrrp-virtual-mac6 - No description for the parameter type: str choices: [disable, enable]
• l2forward - No description for the parameter type: str choices: [disable, enable]
• l2tp-client - No description for the parameter type: str choices: [disable, enable]
• lacp-ha-slave - No description for the parameter type: str choices: [disable, enable]
• lacp-mode - No description for the parameter type: str choices: [static, passive, active]
• lacp-speed - No description for the parameter type: str choices: [slow, fast]
• lcp-echo-interval - No description for the parameter type: int
• lcp-max-echo-fails - No description for the parameter type: int
• link-up-delay - No description for the parameter type: int
• listen-forticlient-connection - No description for the parameter type: str choices: [disable, enable]
• lldp-network-policy - No description for the parameter type: str
• lldp-reception - No description for the parameter type: str choices: [disable, enable, vdom]
• lldp-transmission - No description for the parameter type: str choices: [enable, disable, vdom]
• log - No description for the parameter type: str choices: [disable, enable]
• macaddr - No description for the parameter type: str
• management-ip - No description for the parameter type: str
• max-egress-burst-rate - No description for the parameter type: int
• max-egress-rate - No description for the parameter type: int
• mediatype - No description for the parameter type: str choices: [serdes-sfp, sgmii-sfp, cfp2-sr10, cfp2-lr4, serdes-copper-sfp, sr, cr, lr, qsfp28-sr4, qsfp28-lr4, qsfp28-cr4]
• member - No description for the parameter type: str
• min-links - No description for the parameter type: int
• min-links-down - No description for the parameter type: str choices: [operational, administrative]
• mode - No description for the parameter type: str choices: [static, dhcp, pppoe, pppoa, ipoa, eoa]
• mtu - No description for the parameter type: int
• mtu-override - No description for the parameter type: str choices: [disable, enable]
• mux-type - No description for the parameter type: str choices: [llc-encaps, vc-encaps]
• name - No description for the parameter type: str
• ndiscforward - No description for the parameter type: str choices: [disable, enable]
• netbios-forward - No description for the parameter type: str choices: [disable, enable]
• netflow-sampler - No description for the parameter type: str choices: [disable, tx, rx, both]
• npu-fastpath - No description for the parameter type: str choices: [disable, enable]
• nst - No description for the parameter type: str choices: [disable, enable]
• out-force-vlan-cos - No description for the parameter type: int
• outbandwidth - No description for the parameter type: int
• padt-retry-timeout - No description for the parameter type: int
• password - No description for the parameter type: str
• peer-interface - No description for the parameter type: str
• phy-mode - No description for the parameter type: str choices: [auto, adsl, vdsl]
• ping-serv-status - No description for the parameter type: int
• poe - No description for the parameter type: str choices: [disable, enable]
• polling-interval - No description for the parameter type: int
• pppoe-unnumbered-negotiate - No description for the parameter type: str choices: [disable, enable]
• pptp-auth-type - No description for the parameter type: str choices: [auto, pap, chap, mschapv1, mschapv2]
• pptp-client - No description for the parameter type: str choices: [disable, enable]
• pptp-password - No description for the parameter type: str
• pptp-server-ip - No description for the parameter type: str
• pptp-timeout - No description for the parameter type: int
• pptp-user - No description for the parameter type: str
• preserve-session-route - No description for the parameter type: str choices: [disable, enable]
• priority - No description for the parameter type: int
• priority-override - No description for the parameter type: str choices: [disable, enable]
• proxy-captive-portal - No description for the parameter type: str choices: [disable, enable]
• redundant-interface - No description for the parameter type: str
• remote-ip - No description for the parameter type: str
• replacemsg-override-group - No description for the parameter type: str
• retransmission - No description for the parameter type: str choices: [disable, enable]
• role - No description for the parameter type: str choices: [lan, wan, dmz, undefined]
• sample-direction - No description for the parameter type: str choices: [rx, tx, both]
• sample-rate - No description for the parameter type: int
• scan-botnet-connections - No description for the parameter type: str choices: [disable, block, monitor]
• secondary-IP - No description for the parameter type: str choices: [disable, enable]
• secondaryip - No description for the parameter type: array
  • allowaccess - No description for the parameter type: array choices: [https, ping, ssh, snmp, http, telnet, fgfm, auto-ipsec, radius-acct, probe-response, capwap, dnp, ftm]
  • detectprotocol - No description for the parameter type: array choices: [ping, tcp-echo, udp-echo]
  • detectserver - No description for the parameter type: str
  • gwdetect - No description for the parameter type: str choices: [disable, enable]
  • ha-priority - No description for the parameter type: int
  • id - No description for the parameter type: int
  • ip - No description for the parameter type: str
  • ping-serv-status - No description for the parameter type: int
  • seq - No description for the parameter type: int
• security-8021x-dynamic-vlan-id - No description for the parameter type: int
• security-8021x-master - No description for the parameter type: str
• security-8021x-mode - No description for the parameter type: str choices: [default, dynamic-vlan, fallback, slave]
• security-exempt-list - No description for the parameter type: str
• security-external-logout - No description for the parameter type: str
• security-external-web - No description for the parameter type: str
• security-groups - No description for the parameter type: str
• security-mac-auth-bypass - No description for the parameter type: str choices: [disable, enable, mac-auth-only]
• security-mode - No description for the parameter type: str choices: [none, captive-portal, 802.1X]
• security-redirect-url - No description for the parameter type: str
• service-name - No description for the parameter type: str
• sflow-sampler - No description for the parameter type: str choices: [disable, enable]
• speed - No description for the parameter type: str choices: [auto, 10full, 10half, 100full, 100half, 1000full, 1000half, 10000full, 1000auto, 10000auto, 40000full, 100Gfull, 25000full, 40000auto, 25000auto, 100Gauto]
• spillover-threshold - No description for the parameter type: int
• src-check - No description for the parameter type: str choices: [disable, enable]
• status - No description for the parameter type: str choices: [down, up]
• stp - No description for the parameter type: str choices: [disable, enable]
• stp-ha-slave - No description for the parameter type: str choices: [disable, enable, priority-adjust]
• stpforward - No description for the parameter type: str choices: [disable, enable]
• stpforward-mode - No description for the parameter type: str choices: [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]
• strip-priority-vlan-tag - No description for the parameter type: str choices: [disable, enable]
• subst - No description for the parameter type: str choices: [disable, enable]
• substitute-dst-mac - No description for the parameter type: str
• switch - No description for the parameter type: str
• switch-controller-access-vlan - No description for the parameter type: str choices: [disable, enable]
• switch-controller-arp-inspection - No description for the parameter type: str choices: [disable, enable]
• switch-controller-auth - No description for the parameter type: str choices: [radius, usergroup]
• switch-controller-dhcp-snooping - No description for the parameter type: str choices: [disable, enable]
• switch-controller-dhcp-snooping-option82 - No description for the parameter type: str choices: [disable, enable]
• switch-controller-dhcp-snooping-verify-mac - No description for the parameter type: str choices: [disable, enable]
• switch-controller-igmp-snooping - No description for the parameter type: str choices: [disable, enable]
• switch-controller-learning-limit - No description for the parameter type: int
• switch-controller-radius-server - No description for the parameter type: str
• switch-controller-traffic-policy - No description for the parameter type: str
• tc-mode - No description for the parameter type: str choices: [ptm, atm]
• tcp-mss - No description for the parameter type: int
• trunk - No description for the parameter type: str choices: [disable, enable]
• trust-ip-1 - No description for the parameter type: str
• trust-ip-2 - No description for the parameter type: str
• trust-ip-3 - No description for the parameter type: str
• trust-ip6-1 - No description for the parameter type: str
• trust-ip6-2 - No description for the parameter type: str
• trust-ip6-3 - No description for the parameter type: str
• type - No description for the parameter type: str choices: [physical, vlan, aggregate, redundant, tunnel, wireless, vdom-link, loopback, switch, hard-switch, hdlc, vap-switch, wl-mesh, fortilink, switch-vlan, fctrl-trunk, tdm, fext-wan, vxlan, emac-vlan]
• username - No description for the parameter type: str
• vci - No description for the parameter type: int
• vectoring - No description for the parameter type: str choices: [disable, enable]
• vindex - No description for the parameter type: int
• vlanforward - No description for the parameter type: str choices: [disable, enable]
• vlanid - No description for the parameter type: int
• vpi - No description for the parameter type: int
• vrf - No description for the parameter type: int
• vrrp - No description for the parameter type: array
  • accept-mode - No description for the parameter type: str choices: [disable, enable]
  • adv-interval - No description for the parameter type: int
  • ignore-default-route - No description for the parameter type: str choices: [disable, enable]
  • preempt - No description for the parameter type: str choices: [disable, enable]
  • priority - No description for the parameter type: int
  • start-time - No description for the parameter type: int
  • status - No description for the parameter type: str choices: [disable, enable]
  • version - No description for the parameter type: str choices: [2, 3]
  • vrdst - No description for the parameter type: str
  • vrdst-priority - No description for the parameter type: int
  • vrgrp - No description for the parameter type: int
  • vrid - No description for the parameter type: int
  • vrip - No description for the parameter type: str
• vrrp-virtual-mac - No description for the parameter type: str choices: [disable, enable]
• wccp - No description for the parameter type: str choices: [disable, enable]
• weight - No description for the parameter type: int
• wifi-5g-threshold - No description for the parameter type: str
• wifi-acl - No description for the parameter type: str choices: [deny, allow]
• wifi-ap-band - No description for the parameter type: str choices: [any, 5g-preferred, 5g-only]
• wifi-auth - No description for the parameter type: str choices: [PSK, RADIUS, radius, usergroup]
• wifi-auto-connect - No description for the parameter type: str choices: [disable, enable]
• wifi-auto-save - No description for the parameter type: str choices: [disable, enable]
• wifi-broadcast-ssid - No description for the parameter type: str choices: [disable, enable]
• wifi-encrypt - No description for the parameter type: str choices: [TKIP, AES]
• wifi-fragment-threshold - No description for the parameter type: int
• wifi-key - No description for the parameter type: str
• wifi-keyindex - No description for the parameter type: int
• wifi-mac-filter - No description for the parameter type: str choices: [disable, enable]
• wifi-passphrase - No description for the parameter type: str
• wifi-radius-server - No description for the parameter type: str
• wifi-rts-threshold - No description for the parameter type: int
• wifi-security - No description for the parameter type: str choices: [None, WEP64, wep64, WEP128, wep128, WPA_PSK, WPA_RADIUS, WPA, WPA2, WPA2_AUTO, open, wpa-personal, wpa-enterprise, wpa-only-personal, wpa-only-enterprise, wpa2-only-personal, wpa2-only-enterprise]
• wifi-ssid - No description for the parameter type: str
• wifi-usergroup - No description for the parameter type: str
• wins-ip - No description for the parameter type: str

Notes

Note

• Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
• To create or update an object, use state: present directive.
• To delete an object, use state: absent directive
• Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples

- hosts: fortimanager-inventory
  collections:
    - fortinet.fortimanager
  connection: httpapi
  vars:
     ansible_httpapi_use_ssl: True
     ansible_httpapi_validate_certs: False
     ansible_httpapi_port: 443
  tasks:
   - name: no description
     fmgr_fsp_vlan_interface:
        bypass_validation: False
        workspace_locking_adom: <value in [global, custom adom including root]>
        workspace_locking_timeout: 300
        rc_succeeded: [0, -2, -3, ...]
        rc_failed: [-2, -3, ...]
        adom: <your own value>
        vlan: <your own value>
        fsp_vlan_interface:
           ac-name: <value of string>
           aggregate: <value of string>
           algorithm: <value in [L2, L3, L4]>
           alias: <value of string>
           allowaccess:
             - https
             - ping
             - ssh
             - snmp
             - http
             - telnet
             - fgfm
             - auto-ipsec
             - radius-acct
             - probe-response
             - capwap
             - dnp
             - ftm
           ap-discover: <value in [disable, enable]>
           arpforward: <value in [disable, enable]>
           atm-protocol: <value in [none, ipoa]>
           auth-type: <value in [auto, pap, chap, ...]>
           auto-auth-extension-device: <value in [disable, enable]>
           bfd: <value in [global, enable, disable]>
           bfd-desired-min-tx: <value of integer>
           bfd-detect-mult: <value of integer>
           bfd-required-min-rx: <value of integer>
           broadcast-forticlient-discovery: <value in [disable, enable]>
           broadcast-forward: <value in [disable, enable]>
           captive-portal: <value of integer>
           cli-conn-status: <value of integer>
           color: <value of integer>
           ddns: <value in [disable, enable]>
           ddns-auth: <value in [disable, tsig]>
           ddns-domain: <value of string>
           ddns-key: <value of string>
           ddns-keyname: <value of string>
           ddns-password: <value of string>
           ddns-server: <value in [dhs.org, dyndns.org, dyns.net, ...]>
           ddns-server-ip: <value of string>
           ddns-sn: <value of string>
           ddns-ttl: <value of integer>
           ddns-username: <value of string>
           ddns-zone: <value of string>
           dedicated-to: <value in [none, management]>
           defaultgw: <value in [disable, enable]>
           description: <value of string>
           detected-peer-mtu: <value of integer>
           detectprotocol:
             - ping
             - tcp-echo
             - udp-echo
           detectserver: <value of string>
           device-access-list: <value of string>
           device-identification: <value in [disable, enable]>
           device-identification-active-scan: <value in [disable, enable]>
           device-netscan: <value in [disable, enable]>
           device-user-identification: <value in [disable, enable]>
           devindex: <value of integer>
           dhcp-client-identifier: <value of string>
           dhcp-relay-agent-option: <value in [disable, enable]>
           dhcp-relay-ip: <value of string>
           dhcp-relay-service: <value in [disable, enable]>
           dhcp-relay-type: <value in [regular, ipsec]>
           dhcp-renew-time: <value of integer>
           disc-retry-timeout: <value of integer>
           disconnect-threshold: <value of integer>
           distance: <value of integer>
           dns-query: <value in [disable, recursive, non-recursive]>
           dns-server-override: <value in [disable, enable]>
           drop-fragment: <value in [disable, enable]>
           drop-overlapped-fragment: <value in [disable, enable]>
           egress-cos: <value in [disable, cos0, cos1, ...]>
           egress-shaping-profile: <value of string>
           endpoint-compliance: <value in [disable, enable]>
           estimated-downstream-bandwidth: <value of integer>
           estimated-upstream-bandwidth: <value of integer>
           explicit-ftp-proxy: <value in [disable, enable]>
           explicit-web-proxy: <value in [disable, enable]>
           external: <value in [disable, enable]>
           fail-action-on-extender: <value in [soft-restart, hard-restart, reboot]>
           fail-alert-interfaces: <value of string>
           fail-alert-method: <value in [link-failed-signal, link-down]>
           fail-detect: <value in [disable, enable]>
           fail-detect-option:
             - detectserver
             - link-down
           fdp: <value in [disable, enable]>
           fortiheartbeat: <value in [disable, enable]>
           fortilink: <value in [disable, enable]>
           fortilink-backup-link: <value of integer>
           fortilink-split-interface: <value in [disable, enable]>
           fortilink-stacking: <value in [disable, enable]>
           forward-domain: <value of integer>
           forward-error-correction: <value in [disable, enable, rs-fec, ...]>
           fp-anomaly:
             - drop_tcp_fin_noack
             - pass_winnuke
             - pass_tcpland
             - pass_udpland
             - pass_icmpland
             - pass_ipland
             - pass_iprr
             - pass_ipssrr
             - pass_iplsrr
             - pass_ipstream
             - pass_ipsecurity
             - pass_iptimestamp
             - pass_ipunknown_option
             - pass_ipunknown_prot
             - pass_icmp_frag
             - pass_tcp_no_flag
             - pass_tcp_fin_noack
             - drop_winnuke
             - drop_tcpland
             - drop_udpland
             - drop_icmpland
             - drop_ipland
             - drop_iprr
             - drop_ipssrr
             - drop_iplsrr
             - drop_ipstream
             - drop_ipsecurity
             - drop_iptimestamp
             - drop_ipunknown_option
             - drop_ipunknown_prot
             - drop_icmp_frag
             - drop_tcp_no_flag
           fp-disable:
             - all
             - ipsec
             - none
           gateway-address: <value of string>
           gi-gk: <value in [disable, enable]>
           gwaddr: <value of string>
           gwdetect: <value in [disable, enable]>
           ha-priority: <value of integer>
           icmp-accept-redirect: <value in [disable, enable]>
           icmp-redirect: <value in [disable, enable]>
           icmp-send-redirect: <value in [disable, enable]>
           ident-accept: <value in [disable, enable]>
           idle-timeout: <value of integer>
           if-mdix: <value in [auto, normal, crossover]>
           if-media: <value in [auto, copper, fiber]>
           in-force-vlan-cos: <value of integer>
           inbandwidth: <value of integer>
           ingress-cos: <value in [disable, cos0, cos1, ...]>
           ingress-spillover-threshold: <value of integer>
           internal: <value of integer>
           ip: <value of string>
           ipmac: <value in [disable, enable]>
           ips-sniffer-mode: <value in [disable, enable]>
           ipunnumbered: <value of string>
           ipv6:
              autoconf: <value in [disable, enable]>
              dhcp6-client-options:
                - rapid
                - iapd
                - iana
                - dns
                - dnsname
              dhcp6-information-request: <value in [disable, enable]>
              dhcp6-prefix-delegation: <value in [disable, enable]>
              dhcp6-prefix-hint: <value of string>
              dhcp6-prefix-hint-plt: <value of integer>
              dhcp6-prefix-hint-vlt: <value of integer>
              dhcp6-relay-ip: <value of string>
              dhcp6-relay-service: <value in [disable, enable]>
              dhcp6-relay-type: <value in [regular]>
              ip6-address: <value of string>
              ip6-allowaccess:
                - https
                - ping
                - ssh
                - snmp
                - http
                - telnet
                - fgfm
                - capwap
              ip6-default-life: <value of integer>
              ip6-dns-server-override: <value in [disable, enable]>
              ip6-hop-limit: <value of integer>
              ip6-link-mtu: <value of integer>
              ip6-manage-flag: <value in [disable, enable]>
              ip6-max-interval: <value of integer>
              ip6-min-interval: <value of integer>
              ip6-mode: <value in [static, dhcp, pppoe, ...]>
              ip6-other-flag: <value in [disable, enable]>
              ip6-reachable-time: <value of integer>
              ip6-retrans-time: <value of integer>
              ip6-send-adv: <value in [disable, enable]>
              ip6-subnet: <value of string>
              ip6-upstream-interface: <value of string>
              nd-cert: <value of string>
              nd-cga-modifier: <value of string>
              nd-mode: <value in [basic, SEND-compatible]>
              nd-security-level: <value of integer>
              nd-timestamp-delta: <value of integer>
              nd-timestamp-fuzz: <value of integer>
              vrip6_link_local: <value of string>
              vrrp-virtual-mac6: <value in [disable, enable]>
           l2forward: <value in [disable, enable]>
           l2tp-client: <value in [disable, enable]>
           lacp-ha-slave: <value in [disable, enable]>
           lacp-mode: <value in [static, passive, active]>
           lacp-speed: <value in [slow, fast]>
           lcp-echo-interval: <value of integer>
           lcp-max-echo-fails: <value of integer>
           link-up-delay: <value of integer>
           listen-forticlient-connection: <value in [disable, enable]>
           lldp-network-policy: <value of string>
           lldp-reception: <value in [disable, enable, vdom]>
           lldp-transmission: <value in [enable, disable, vdom]>
           log: <value in [disable, enable]>
           macaddr: <value of string>
           management-ip: <value of string>
           max-egress-burst-rate: <value of integer>
           max-egress-rate: <value of integer>
           mediatype: <value in [serdes-sfp, sgmii-sfp, cfp2-sr10, ...]>
           member: <value of string>
           min-links: <value of integer>
           min-links-down: <value in [operational, administrative]>
           mode: <value in [static, dhcp, pppoe, ...]>
           mtu: <value of integer>
           mtu-override: <value in [disable, enable]>
           mux-type: <value in [llc-encaps, vc-encaps]>
           name: <value of string>
           ndiscforward: <value in [disable, enable]>
           netbios-forward: <value in [disable, enable]>
           netflow-sampler: <value in [disable, tx, rx, ...]>
           npu-fastpath: <value in [disable, enable]>
           nst: <value in [disable, enable]>
           out-force-vlan-cos: <value of integer>
           outbandwidth: <value of integer>
           padt-retry-timeout: <value of integer>
           password: <value of string>
           peer-interface: <value of string>
           phy-mode: <value in [auto, adsl, vdsl]>
           ping-serv-status: <value of integer>
           poe: <value in [disable, enable]>
           polling-interval: <value of integer>
           pppoe-unnumbered-negotiate: <value in [disable, enable]>
           pptp-auth-type: <value in [auto, pap, chap, ...]>
           pptp-client: <value in [disable, enable]>
           pptp-password: <value of string>
           pptp-server-ip: <value of string>
           pptp-timeout: <value of integer>
           pptp-user: <value of string>
           preserve-session-route: <value in [disable, enable]>
           priority: <value of integer>
           priority-override: <value in [disable, enable]>
           proxy-captive-portal: <value in [disable, enable]>
           redundant-interface: <value of string>
           remote-ip: <value of string>
           replacemsg-override-group: <value of string>
           retransmission: <value in [disable, enable]>
           role: <value in [lan, wan, dmz, ...]>
           sample-direction: <value in [rx, tx, both]>
           sample-rate: <value of integer>
           scan-botnet-connections: <value in [disable, block, monitor]>
           secondary-IP: <value in [disable, enable]>
           secondaryip:
             -
                 allowaccess:
                   - https
                   - ping
                   - ssh
                   - snmp
                   - http
                   - telnet
                   - fgfm
                   - auto-ipsec
                   - radius-acct
                   - probe-response
                   - capwap
                   - dnp
                   - ftm
                 detectprotocol:
                   - ping
                   - tcp-echo
                   - udp-echo
                 detectserver: <value of string>
                 gwdetect: <value in [disable, enable]>
                 ha-priority: <value of integer>
                 id: <value of integer>
                 ip: <value of string>
                 ping-serv-status: <value of integer>
                 seq: <value of integer>
           security-8021x-dynamic-vlan-id: <value of integer>
           security-8021x-master: <value of string>
           security-8021x-mode: <value in [default, dynamic-vlan, fallback, ...]>
           security-exempt-list: <value of string>
           security-external-logout: <value of string>
           security-external-web: <value of string>
           security-groups: <value of string>
           security-mac-auth-bypass: <value in [disable, enable, mac-auth-only]>
           security-mode: <value in [none, captive-portal, 802.1X]>
           security-redirect-url: <value of string>
           service-name: <value of string>
           sflow-sampler: <value in [disable, enable]>
           speed: <value in [auto, 10full, 10half, ...]>
           spillover-threshold: <value of integer>
           src-check: <value in [disable, enable]>
           status: <value in [down, up]>
           stp: <value in [disable, enable]>
           stp-ha-slave: <value in [disable, enable, priority-adjust]>
           stpforward: <value in [disable, enable]>
           stpforward-mode: <value in [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]>
           strip-priority-vlan-tag: <value in [disable, enable]>
           subst: <value in [disable, enable]>
           substitute-dst-mac: <value of string>
           switch: <value of string>
           switch-controller-access-vlan: <value in [disable, enable]>
           switch-controller-arp-inspection: <value in [disable, enable]>
           switch-controller-auth: <value in [radius, usergroup]>
           switch-controller-dhcp-snooping: <value in [disable, enable]>
           switch-controller-dhcp-snooping-option82: <value in [disable, enable]>
           switch-controller-dhcp-snooping-verify-mac: <value in [disable, enable]>
           switch-controller-igmp-snooping: <value in [disable, enable]>
           switch-controller-learning-limit: <value of integer>
           switch-controller-radius-server: <value of string>
           switch-controller-traffic-policy: <value of string>
           tc-mode: <value in [ptm, atm]>
           tcp-mss: <value of integer>
           trunk: <value in [disable, enable]>
           trust-ip-1: <value of string>
           trust-ip-2: <value of string>
           trust-ip-3: <value of string>
           trust-ip6-1: <value of string>
           trust-ip6-2: <value of string>
           trust-ip6-3: <value of string>
           type: <value in [physical, vlan, aggregate, ...]>
           username: <value of string>
           vci: <value of integer>
           vectoring: <value in [disable, enable]>
           vindex: <value of integer>
           vlanforward: <value in [disable, enable]>
           vlanid: <value of integer>
           vpi: <value of integer>
           vrf: <value of integer>
           vrrp:
             -
                 accept-mode: <value in [disable, enable]>
                 adv-interval: <value of integer>
                 ignore-default-route: <value in [disable, enable]>
                 preempt: <value in [disable, enable]>
                 priority: <value of integer>
                 start-time: <value of integer>
                 status: <value in [disable, enable]>
                 version: <value in [2, 3]>
                 vrdst: <value of string>
                 vrdst-priority: <value of integer>
                 vrgrp: <value of integer>
                 vrid: <value of integer>
                 vrip: <value of string>
           vrrp-virtual-mac: <value in [disable, enable]>
           wccp: <value in [disable, enable]>
           weight: <value of integer>
           wifi-5g-threshold: <value of string>
           wifi-acl: <value in [deny, allow]>
           wifi-ap-band: <value in [any, 5g-preferred, 5g-only]>
           wifi-auth: <value in [PSK, RADIUS, radius, ...]>
           wifi-auto-connect: <value in [disable, enable]>
           wifi-auto-save: <value in [disable, enable]>
           wifi-broadcast-ssid: <value in [disable, enable]>
           wifi-encrypt: <value in [TKIP, AES]>
           wifi-fragment-threshold: <value of integer>
           wifi-key: <value of string>
           wifi-keyindex: <value of integer>
           wifi-mac-filter: <value in [disable, enable]>
           wifi-passphrase: <value of string>
           wifi-radius-server: <value of string>
           wifi-rts-threshold: <value of integer>
           wifi-security: <value in [None, WEP64, wep64, ...]>
           wifi-ssid: <value of string>
           wifi-usergroup: <value of string>
           wins-ip: <value of string>

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

• request_url - The full url requested returned: always type: str sample: /sys/login/user
• response_code - The status of api request returned: always type: int sample: 0
• response_message - The descriptive message of the api response returned: always type: str sample: OK
• response_data - The data body of the api response returned: optional type: list or dict

Status

• This module is not guaranteed to have a backwards compatible interface.

Authors

• Link Zheng (@chillancezen)
• Jie Xue (@JieX19)
• Frank Shen (@fshen01)
• Hongbin Lu (@fgtdev-hblu)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.