fmgr_vap_dynamicmapping¶

New in version 2.10.

Synopsis
Requirements
Parameters
Notes
Examples
Return Values
Status
Authors

Synopsis ¶

This module is able to configure a FortiManager device.
Examples include all parameters and values need to be adjusted to data sources before usage.
Tested with FortiManager v6.0.0.

Requirements ¶

The below requirements are needed on the host that executes this module.

ansible>=2.9.0

Parameters ¶

bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters type: bool required: false default: False
workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode type: str required: false choices: global, custom adom including root
workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock type: integer required: false default: 300
rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
state - The directive to create, update or delete an object type: str required: true choices: present, absent
adom - The parameter in requested url type: str required: true
vap - The parameter in requested url type: str required: true
vap_dynamicmapping - no description type: dict

_centmgmt - No description for the parameter type: str choices: [disable, enable] default: disable
_dhcp_svr_id - No description for the parameter type: str
_intf_allowaccess - No description for the parameter type: array choices: [https, ping, ssh, snmp, http, telnet, fgfm, auto-ipsec, radius-acct, probe-response, capwap]
_intf_device-identification - No description for the parameter type: str choices: [disable, enable] default: disable
_intf_device-netscan - No description for the parameter type: str choices: [disable, enable] default: disable
_intf_dhcp-relay-ip - No description for the parameter type: str
_intf_dhcp-relay-service - No description for the parameter type: str choices: [disable, enable] default: disable
_intf_dhcp-relay-type - No description for the parameter type: str choices: [regular, ipsec] default: regular
_intf_dhcp6-relay-ip - No description for the parameter type: str
_intf_dhcp6-relay-service - No description for the parameter type: str choices: [disable, enable] default: disable
_intf_dhcp6-relay-type - No description for the parameter type: str choices: [regular] default: regular
_intf_ip - No description for the parameter type: str
_intf_ip6-address - No description for the parameter type: str
_intf_ip6-allowaccess - No description for the parameter type: array choices: [https, ping, ssh, snmp, http, telnet, any, fgfm, capwap]
_intf_listen-forticlient-connection - No description for the parameter type: str choices: [disable, enable] default: disable
_scope - No description for the parameter type: array
- name - No description for the parameter type: str
- vdom - No description for the parameter type: str
acct-interim-interval - No description for the parameter type: int
address-group - No description for the parameter type: str
alias - No description for the parameter type: str
atf-weight - No description for the parameter type: int
auth - No description for the parameter type: str choices: [PSK, psk, RADIUS, radius, usergroup]
broadcast-ssid - No description for the parameter type: str choices: [disable, enable]
broadcast-suppression - No description for the parameter type: array choices: [dhcp, arp, dhcp2, arp2, netbios-ns, netbios-ds, arp3, dhcp-up, dhcp-down, arp-known, arp-unknown, arp-reply, ipv6, dhcp-starvation, arp-poison, all-other-mc, all-other-bc, arp-proxy, dhcp-ucast]
captive-portal-ac-name - No description for the parameter type: str
captive-portal-macauth-radius-secret - No description for the parameter type: str
captive-portal-macauth-radius-server - No description for the parameter type: str
captive-portal-radius-secret - No description for the parameter type: str
captive-portal-radius-server - No description for the parameter type: str
captive-portal-session-timeout-interval - No description for the parameter type: int
client-count - No description for the parameter type: int
dhcp-lease-time - No description for the parameter type: int
dhcp-option82-circuit-id-insertion - No description for the parameter type: str choices: [disable, style-1, style-2]
dhcp-option82-insertion - No description for the parameter type: str choices: [disable, enable]
dhcp-option82-remote-id-insertion - No description for the parameter type: str choices: [disable, style-1]
dynamic-vlan - No description for the parameter type: str choices: [disable, enable]
eap-reauth - No description for the parameter type: str choices: [disable, enable]
eap-reauth-intv - No description for the parameter type: int
eapol-key-retries - No description for the parameter type: str choices: [disable, enable]
encrypt - No description for the parameter type: str choices: [TKIP, AES, TKIP-AES]
external-fast-roaming - No description for the parameter type: str choices: [disable, enable]
external-logout - No description for the parameter type: str
external-web - No description for the parameter type: str
fast-bss-transition - No description for the parameter type: str choices: [disable, enable]
fast-roaming - No description for the parameter type: str choices: [disable, enable]
ft-mobility-domain - No description for the parameter type: int
ft-over-ds - No description for the parameter type: str choices: [disable, enable]
ft-r0-key-lifetime - No description for the parameter type: int
gtk-rekey - No description for the parameter type: str choices: [disable, enable]
gtk-rekey-intv - No description for the parameter type: int
hotspot20-profile - No description for the parameter type: str
intra-vap-privacy - No description for the parameter type: str choices: [disable, enable]
ip - No description for the parameter type: str
key - No description for the parameter type: str
keyindex - No description for the parameter type: int
ldpc - No description for the parameter type: str choices: [disable, tx, rx, rxtx]
local-authentication - No description for the parameter type: str choices: [disable, enable]
local-bridging - No description for the parameter type: str choices: [disable, enable]
local-lan - No description for the parameter type: str choices: [deny, allow]
local-standalone - No description for the parameter type: str choices: [disable, enable]
local-standalone-nat - No description for the parameter type: str choices: [disable, enable]
local-switching - No description for the parameter type: str choices: [disable, enable]
mac-auth-bypass - No description for the parameter type: str choices: [disable, enable]
mac-filter - No description for the parameter type: str choices: [disable, enable]
mac-filter-policy-other - No description for the parameter type: str choices: [deny, allow]
max-clients - No description for the parameter type: int
max-clients-ap - No description for the parameter type: int
me-disable-thresh - No description for the parameter type: int
mesh-backhaul - No description for the parameter type: str choices: [disable, enable]
mpsk - No description for the parameter type: str choices: [disable, enable]
mpsk-concurrent-clients - No description for the parameter type: int
multicast-enhance - No description for the parameter type: str choices: [disable, enable]
multicast-rate - No description for the parameter type: str choices: [0, 6000, 12000, 24000]
okc - No description for the parameter type: str choices: [disable, enable]
owe-groups - No description for the parameter type: array choices: [19, 20, 21]
owe-transition - No description for the parameter type: str choices: [disable, enable]
owe-transition-ssid - No description for the parameter type: str
passphrase - No description for the parameter type: str
pmf - No description for the parameter type: str choices: [disable, enable, optional]
pmf-assoc-comeback-timeout - No description for the parameter type: int
pmf-sa-query-retry-timeout - No description for the parameter type: int
portal-message-override-group - No description for the parameter type: str
portal-type - No description for the parameter type: str choices: [auth, auth+disclaimer, disclaimer, email-collect, cmcc, cmcc-macauth, auth-mac]
probe-resp-suppression - No description for the parameter type: str choices: [disable, enable]
probe-resp-threshold - No description for the parameter type: str
ptk-rekey - No description for the parameter type: str choices: [disable, enable]
ptk-rekey-intv - No description for the parameter type: int
qos-profile - No description for the parameter type: str
quarantine - No description for the parameter type: str choices: [disable, enable]
radio-2g-threshold - No description for the parameter type: str
radio-5g-threshold - No description for the parameter type: str
radio-sensitivity - No description for the parameter type: str choices: [disable, enable]
radius-mac-auth - No description for the parameter type: str choices: [disable, enable]
radius-mac-auth-server - No description for the parameter type: str
radius-mac-auth-usergroups - No description for the parameter type: str
radius-server - No description for the parameter type: str
rates-11a - No description for the parameter type: array choices: [1, 1-basic, 2, 2-basic, 5.5, 5.5-basic, 6, 6-basic, 9, 9-basic, 12, 12-basic, 18, 18-basic, 24, 24-basic, 36, 36-basic, 48, 48-basic, 54, 54-basic, 11, 11-basic]
rates-11ac-ss12 - No description for the parameter type: array choices: [mcs0/1, mcs1/1, mcs2/1, mcs3/1, mcs4/1, mcs5/1, mcs6/1, mcs7/1, mcs8/1, mcs9/1, mcs0/2, mcs1/2, mcs2/2, mcs3/2, mcs4/2, mcs5/2, mcs6/2, mcs7/2, mcs8/2, mcs9/2, mcs10/1, mcs11/1, mcs10/2, mcs11/2]
rates-11ac-ss34 - No description for the parameter type: array choices: [mcs0/3, mcs1/3, mcs2/3, mcs3/3, mcs4/3, mcs5/3, mcs6/3, mcs7/3, mcs8/3, mcs9/3, mcs0/4, mcs1/4, mcs2/4, mcs3/4, mcs4/4, mcs5/4, mcs6/4, mcs7/4, mcs8/4, mcs9/4, mcs10/3, mcs11/3, mcs10/4, mcs11/4]
rates-11bg - No description for the parameter type: array choices: [1, 1-basic, 2, 2-basic, 5.5, 5.5-basic, 6, 6-basic, 9, 9-basic, 12, 12-basic, 18, 18-basic, 24, 24-basic, 36, 36-basic, 48, 48-basic, 54, 54-basic, 11, 11-basic]
rates-11n-ss12 - No description for the parameter type: array choices: [mcs0/1, mcs1/1, mcs2/1, mcs3/1, mcs4/1, mcs5/1, mcs6/1, mcs7/1, mcs8/2, mcs9/2, mcs10/2, mcs11/2, mcs12/2, mcs13/2, mcs14/2, mcs15/2]
rates-11n-ss34 - No description for the parameter type: array choices: [mcs16/3, mcs17/3, mcs18/3, mcs19/3, mcs20/3, mcs21/3, mcs22/3, mcs23/3, mcs24/4, mcs25/4, mcs26/4, mcs27/4, mcs28/4, mcs29/4, mcs30/4, mcs31/4]
sae-groups - No description for the parameter type: array choices: [1, 2, 5, 14, 15, 16, 17, 18, 19, 20, 21, 27, 28, 29, 30, 31]
sae-password - No description for the parameter type: str
schedule - No description for the parameter type: str
security - No description for the parameter type: str choices: [None, WEP64, wep64, WEP128, wep128, WPA_PSK, WPA_RADIUS, WPA, WPA2, WPA2_AUTO, open, wpa-personal, wpa-enterprise, captive-portal, wpa-only-personal, wpa-only-enterprise, wpa2-only-personal, wpa2-only-enterprise, wpa-personal+captive-portal, wpa-only-personal+captive-portal, wpa2-only-personal+captive-portal, osen, wpa3-enterprise, sae, sae-transition, owe, wpa3-sae, wpa3-sae-transition]
security-exempt-list - No description for the parameter type: str
security-obsolete-option - No description for the parameter type: str choices: [disable, enable]
security-redirect-url - No description for the parameter type: str
selected-usergroups - No description for the parameter type: str
split-tunneling - No description for the parameter type: str choices: [disable, enable]
ssid - No description for the parameter type: str
tkip-counter-measure - No description for the parameter type: str choices: [disable, enable]
usergroup - No description for the parameter type: str
utm-profile - No description for the parameter type: str
vdom - No description for the parameter type: str
vlan-auto - No description for the parameter type: str choices: [disable, enable]
vlan-pooling - No description for the parameter type: str choices: [wtp-group, round-robin, hash, disable]
vlanid - No description for the parameter type: int
voice-enterprise - No description for the parameter type: str choices: [disable, enable]

Notes ¶

Note

Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state: present directive.
To delete an object, use state: absent directive
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples ¶

- hosts: fortimanager-inventory
  collections:
    - fortinet.fortimanager
  connection: httpapi
  vars:
     ansible_httpapi_use_ssl: True
     ansible_httpapi_validate_certs: False
     ansible_httpapi_port: 443
  tasks:
   - name: no description
     fmgr_vap_dynamicmapping:
        bypass_validation: False
        workspace_locking_adom: <value in [global, custom adom including root]>
        workspace_locking_timeout: 300
        rc_succeeded: [0, -2, -3, ...]
        rc_failed: [-2, -3, ...]
        adom: <your own value>
        vap: <your own value>
        state: <value in [present, absent]>
        vap_dynamicmapping:
           _centmgmt: <value in [disable, enable]>
           _dhcp_svr_id: <value of string>
           _intf_allowaccess:
             - https
             - ping
             - ssh
             - snmp
             - http
             - telnet
             - fgfm
             - auto-ipsec
             - radius-acct
             - probe-response
             - capwap
           _intf_device-identification: <value in [disable, enable]>
           _intf_device-netscan: <value in [disable, enable]>
           _intf_dhcp-relay-ip: <value of string>
           _intf_dhcp-relay-service: <value in [disable, enable]>
           _intf_dhcp-relay-type: <value in [regular, ipsec]>
           _intf_dhcp6-relay-ip: <value of string>
           _intf_dhcp6-relay-service: <value in [disable, enable]>
           _intf_dhcp6-relay-type: <value in [regular]>
           _intf_ip: <value of string>
           _intf_ip6-address: <value of string>
           _intf_ip6-allowaccess:
             - https
             - ping
             - ssh
             - snmp
             - http
             - telnet
             - any
             - fgfm
             - capwap
           _intf_listen-forticlient-connection: <value in [disable, enable]>
           _scope:
             -
                 name: <value of string>
                 vdom: <value of string>
           acct-interim-interval: <value of integer>
           address-group: <value of string>
           alias: <value of string>
           atf-weight: <value of integer>
           auth: <value in [PSK, psk, RADIUS, ...]>
           broadcast-ssid: <value in [disable, enable]>
           broadcast-suppression:
             - dhcp
             - arp
             - dhcp2
             - arp2
             - netbios-ns
             - netbios-ds
             - arp3
             - dhcp-up
             - dhcp-down
             - arp-known
             - arp-unknown
             - arp-reply
             - ipv6
             - dhcp-starvation
             - arp-poison
             - all-other-mc
             - all-other-bc
             - arp-proxy
             - dhcp-ucast
           captive-portal-ac-name: <value of string>
           captive-portal-macauth-radius-secret: <value of string>
           captive-portal-macauth-radius-server: <value of string>
           captive-portal-radius-secret: <value of string>
           captive-portal-radius-server: <value of string>
           captive-portal-session-timeout-interval: <value of integer>
           client-count: <value of integer>
           dhcp-lease-time: <value of integer>
           dhcp-option82-circuit-id-insertion: <value in [disable, style-1, style-2]>
           dhcp-option82-insertion: <value in [disable, enable]>
           dhcp-option82-remote-id-insertion: <value in [disable, style-1]>
           dynamic-vlan: <value in [disable, enable]>
           eap-reauth: <value in [disable, enable]>
           eap-reauth-intv: <value of integer>
           eapol-key-retries: <value in [disable, enable]>
           encrypt: <value in [TKIP, AES, TKIP-AES]>
           external-fast-roaming: <value in [disable, enable]>
           external-logout: <value of string>
           external-web: <value of string>
           fast-bss-transition: <value in [disable, enable]>
           fast-roaming: <value in [disable, enable]>
           ft-mobility-domain: <value of integer>
           ft-over-ds: <value in [disable, enable]>
           ft-r0-key-lifetime: <value of integer>
           gtk-rekey: <value in [disable, enable]>
           gtk-rekey-intv: <value of integer>
           hotspot20-profile: <value of string>
           intra-vap-privacy: <value in [disable, enable]>
           ip: <value of string>
           key: <value of string>
           keyindex: <value of integer>
           ldpc: <value in [disable, tx, rx, ...]>
           local-authentication: <value in [disable, enable]>
           local-bridging: <value in [disable, enable]>
           local-lan: <value in [deny, allow]>
           local-standalone: <value in [disable, enable]>
           local-standalone-nat: <value in [disable, enable]>
           local-switching: <value in [disable, enable]>
           mac-auth-bypass: <value in [disable, enable]>
           mac-filter: <value in [disable, enable]>
           mac-filter-policy-other: <value in [deny, allow]>
           max-clients: <value of integer>
           max-clients-ap: <value of integer>
           me-disable-thresh: <value of integer>
           mesh-backhaul: <value in [disable, enable]>
           mpsk: <value in [disable, enable]>
           mpsk-concurrent-clients: <value of integer>
           multicast-enhance: <value in [disable, enable]>
           multicast-rate: <value in [0, 6000, 12000, ...]>
           okc: <value in [disable, enable]>
           owe-groups:
             - 19
             - 20
             - 21
           owe-transition: <value in [disable, enable]>
           owe-transition-ssid: <value of string>
           passphrase: <value of string>
           pmf: <value in [disable, enable, optional]>
           pmf-assoc-comeback-timeout: <value of integer>
           pmf-sa-query-retry-timeout: <value of integer>
           portal-message-override-group: <value of string>
           portal-type: <value in [auth, auth+disclaimer, disclaimer, ...]>
           probe-resp-suppression: <value in [disable, enable]>
           probe-resp-threshold: <value of string>
           ptk-rekey: <value in [disable, enable]>
           ptk-rekey-intv: <value of integer>
           qos-profile: <value of string>
           quarantine: <value in [disable, enable]>
           radio-2g-threshold: <value of string>
           radio-5g-threshold: <value of string>
           radio-sensitivity: <value in [disable, enable]>
           radius-mac-auth: <value in [disable, enable]>
           radius-mac-auth-server: <value of string>
           radius-mac-auth-usergroups: <value of string>
           radius-server: <value of string>
           rates-11a:
             - 1
             - 1-basic
             - 2
             - 2-basic
             - 5.5
             - 5.5-basic
             - 6
             - 6-basic
             - 9
             - 9-basic
             - 12
             - 12-basic
             - 18
             - 18-basic
             - 24
             - 24-basic
             - 36
             - 36-basic
             - 48
             - 48-basic
             - 54
             - 54-basic
             - 11
             - 11-basic
           rates-11ac-ss12:
             - mcs0/1
             - mcs1/1
             - mcs2/1
             - mcs3/1
             - mcs4/1
             - mcs5/1
             - mcs6/1
             - mcs7/1
             - mcs8/1
             - mcs9/1
             - mcs0/2
             - mcs1/2
             - mcs2/2
             - mcs3/2
             - mcs4/2
             - mcs5/2
             - mcs6/2
             - mcs7/2
             - mcs8/2
             - mcs9/2
             - mcs10/1
             - mcs11/1
             - mcs10/2
             - mcs11/2
           rates-11ac-ss34:
             - mcs0/3
             - mcs1/3
             - mcs2/3
             - mcs3/3
             - mcs4/3
             - mcs5/3
             - mcs6/3
             - mcs7/3
             - mcs8/3
             - mcs9/3
             - mcs0/4
             - mcs1/4
             - mcs2/4
             - mcs3/4
             - mcs4/4
             - mcs5/4
             - mcs6/4
             - mcs7/4
             - mcs8/4
             - mcs9/4
             - mcs10/3
             - mcs11/3
             - mcs10/4
             - mcs11/4
           rates-11bg:
             - 1
             - 1-basic
             - 2
             - 2-basic
             - 5.5
             - 5.5-basic
             - 6
             - 6-basic
             - 9
             - 9-basic
             - 12
             - 12-basic
             - 18
             - 18-basic
             - 24
             - 24-basic
             - 36
             - 36-basic
             - 48
             - 48-basic
             - 54
             - 54-basic
             - 11
             - 11-basic
           rates-11n-ss12:
             - mcs0/1
             - mcs1/1
             - mcs2/1
             - mcs3/1
             - mcs4/1
             - mcs5/1
             - mcs6/1
             - mcs7/1
             - mcs8/2
             - mcs9/2
             - mcs10/2
             - mcs11/2
             - mcs12/2
             - mcs13/2
             - mcs14/2
             - mcs15/2
           rates-11n-ss34:
             - mcs16/3
             - mcs17/3
             - mcs18/3
             - mcs19/3
             - mcs20/3
             - mcs21/3
             - mcs22/3
             - mcs23/3
             - mcs24/4
             - mcs25/4
             - mcs26/4
             - mcs27/4
             - mcs28/4
             - mcs29/4
             - mcs30/4
             - mcs31/4
           sae-groups:
             - 1
             - 2
             - 5
             - 14
             - 15
             - 16
             - 17
             - 18
             - 19
             - 20
             - 21
             - 27
             - 28
             - 29
             - 30
             - 31
           sae-password: <value of string>
           schedule: <value of string>
           security: <value in [None, WEP64, wep64, ...]>
           security-exempt-list: <value of string>
           security-obsolete-option: <value in [disable, enable]>
           security-redirect-url: <value of string>
           selected-usergroups: <value of string>
           split-tunneling: <value in [disable, enable]>
           ssid: <value of string>
           tkip-counter-measure: <value in [disable, enable]>
           usergroup: <value of string>
           utm-profile: <value of string>
           vdom: <value of string>
           vlan-auto: <value in [disable, enable]>
           vlan-pooling: <value in [wtp-group, round-robin, hash, ...]>
           vlanid: <value of integer>
           voice-enterprise: <value in [disable, enable]>

Return Values ¶

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

request_url - The full url requested returned: always type: str sample: /sys/login/user
response_code - The status of api request returned: always type: int sample: 0
response_message - The descriptive message of the api response returned: always type: str sample: OK
response_data - The data body of the api response returned: optional type: list or dict

Status ¶

This module is not guaranteed to have a backwards compatible interface.

Authors ¶

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Frank Shen (@fshen01)
Hongbin Lu (@fgtdev-hblu)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.