fmgr_firewall_gtp – Configure GTP.

Added in version 2.0.0.

Warning

Starting in version 3.0.0, all input arguments will be named using the underscore naming convention (snake_case).

Argument name before 3.0.0: var-name, var name, var.name
New argument name starting in 3.0.0: var_name

FortiManager Ansible v2.4+ supports both previous argument name and new underscore name. You will receive deprecation warnings if you keep using the previous argument name. You can ignore the warning by setting deprecation_warnings=False in ansible.cfg.

Synopsis 

This module is able to configure a FortiManager device.
Examples include all parameters and values need to be adjusted to data sources before usage.
Tested with FortiManager v6.x and v7.x.

Requirements 

The below requirements are needed on the host that executes this module.

ansible>=2.15.0

FortiManager Version Compatibility 

Supported Version Ranges: v6.0.0 -> latest

Parameters 

access_token -The token to access FortiManager without using username and password. type: str required: false
bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool required: false default: False
enable_log - Enable/Disable logging for task. type: bool required: false default: False
forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
proposed_method - The overridden method for the underlying Json RPC request. type: str required: false choices: set, update, add
rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
state - The directive to create, update or delete an object type: str required: true choices: present, absent
workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
adom - The parameter in requested url type: str required: true
firewall_gtp - Configure GTP. type: dict

addr_notify (Alias name: addr-notify) Overbilling notify address type: str more...

Supported Version Ranges: v6.0.0 -> latest
apn Apn. type: list more...

Supported Version Ranges: v6.0.0 -> latest
- action Action. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- apnmember Apn member. type: list or str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- id Id. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- selection_mode (Alias name: selection-mode) Apn selection mode. type: list choices: [ms, net, vrf] more...
  
  Supported Version Ranges: v6.0.0 -> latest
apn_filter (Alias name: apn-filter) Apn filter type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
authorized_ggsns (Alias name: authorized-ggsns) Authorized ggsn group type: str more...

Supported Version Ranges: v6.0.0 -> latest
authorized_sgsns (Alias name: authorized-sgsns) Authorized sgsn group type: str more...

Supported Version Ranges: v6.0.0 -> latest
comment Comment. type: str more...

Supported Version Ranges: v6.0.0 -> latest
context_id (Alias name: context-id) Overbilling context. type: int more...

Supported Version Ranges: v6.0.0 -> latest
control_plane_message_rate_limit (Alias name: control-plane-message-rate-limit) Control plane message rate limit type: int more...

Supported Version Ranges: v6.0.0 -> latest
default_apn_action (Alias name: default-apn-action) Default apn action type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
default_imsi_action (Alias name: default-imsi-action) Default imsi action type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
default_ip_action (Alias name: default-ip-action) Default action for encapsulated ip traffic type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
default_noip_action (Alias name: default-noip-action) Default action for encapsulated non-ip traffic type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
default_policy_action (Alias name: default-policy-action) Default advanced policy action type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
denied_log (Alias name: denied-log) Log denied type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
echo_request_interval (Alias name: echo-request-interval) Echo request interval (in seconds) type: int more...

Supported Version Ranges: v6.0.0 -> latest
extension_log (Alias name: extension-log) Log in extension format type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
forwarded_log (Alias name: forwarded-log) Log forwarded type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
global_tunnel_limit (Alias name: global-tunnel-limit) Global tunnel limit. type: str more...

Supported Version Ranges: v6.0.0 -> latest
gtp_in_gtp (Alias name: gtp-in-gtp) Gtp in gtp type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
gtpu_denied_log (Alias name: gtpu-denied-log) Enable/disable logging of denied gtp-u packets. type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
gtpu_forwarded_log (Alias name: gtpu-forwarded-log) Enable/disable logging of forwarded gtp-u packets. type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
gtpu_log_freq (Alias name: gtpu-log-freq) Logging of frequency of gtp-u packets. type: int more...

Supported Version Ranges: v6.0.0 -> latest
half_close_timeout (Alias name: half-close-timeout) Half-close tunnel timeout (in seconds). type: int more...

Supported Version Ranges: v6.0.0 -> latest
half_open_timeout (Alias name: half-open-timeout) Half-open tunnel timeout (in seconds). type: int more...

Supported Version Ranges: v6.0.0 -> latest
handover_group (Alias name: handover-group) Handover sgsn group type: str more...

Supported Version Ranges: v6.0.0 -> latest
ie_remove_policy (Alias name: ie-remove-policy) Ie-remove-policy. type: list more...

Supported Version Ranges: v6.0.0 -> latest
- id Id. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- remove_ies (Alias name: remove-ies) Gtp ies to be removed. type: list choices: [apn-restriction, rat-type, rai, uli, imei] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- sgsn_addr (Alias name: sgsn-addr) Sgsn address name. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- sgsn_addr6 (Alias name: sgsn-addr6) Sgsn ipv6 address name. type: str more...
  
  Supported Version Ranges: v6.4.2 -> latest
ie_remover (Alias name: ie-remover) Ie removal policy. type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
ie_white_list_v0v1 (Alias name: ie-white-list-v0v1) Ie white list. type: str more...

Supported Version Ranges: v6.0.0 -> latest
ie_white_list_v2 (Alias name: ie-white-list-v2) Ie white list. type: str more...

Supported Version Ranges: v6.0.0 -> latest
imsi Imsi. type: list more...

Supported Version Ranges: v6.0.0 -> latest
- action Action. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- apnmember Apn member. type: list or str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- id Id. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- mcc_mnc (Alias name: mcc-mnc) Mcc mnc. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- msisdn_prefix (Alias name: msisdn-prefix) Msisdn prefix. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- selection_mode (Alias name: selection-mode) Apn selection mode. type: list choices: [ms, net, vrf] more...
  
  Supported Version Ranges: v6.0.0 -> latest
imsi_filter (Alias name: imsi-filter) Imsi filter type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
interface_notify (Alias name: interface-notify) Overbilling interface type: str more...

Supported Version Ranges: v6.0.0 -> latest
invalid_reserved_field (Alias name: invalid-reserved-field) Invalid reserved field in gtp header type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
invalid_sgsns_to_log (Alias name: invalid-sgsns-to-log) Invalid sgsn group to be logged type: str more...

Supported Version Ranges: v6.0.0 -> latest
ip_filter (Alias name: ip-filter) Ip filter for encapsulted traffic type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
ip_policy (Alias name: ip-policy) Ip-policy. type: list more...

Supported Version Ranges: v6.0.0 -> latest
- action Action. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- dstaddr Destination address name. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- id Id. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- srcaddr Source address name. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- dstaddr6 Destination ipv6 address name. type: str more...
  
  Supported Version Ranges: v6.4.2 -> latest
- srcaddr6 Source ipv6 address name. type: str more...
  
  Supported Version Ranges: v6.4.2 -> latest
log_freq (Alias name: log-freq) Logging of frequency of gtp-c packets. type: int more...

Supported Version Ranges: v6.0.0 -> latest
log_gtpu_limit (Alias name: log-gtpu-limit) The user data log limit (0-512 bytes) type: int more...

Supported Version Ranges: v6.0.0 -> latest
log_imsi_prefix (Alias name: log-imsi-prefix) Imsi prefix for selective logging. type: str more...

Supported Version Ranges: v6.0.0 -> latest
log_msisdn_prefix (Alias name: log-msisdn-prefix) The msisdn prefix for selective logging type: str more...

Supported Version Ranges: v6.0.0 -> latest
max_message_length (Alias name: max-message-length) Max message length type: int more...

Supported Version Ranges: v6.0.0 -> latest
message_filter_v0v1 (Alias name: message-filter-v0v1) Message filter. type: str more...

Supported Version Ranges: v6.0.0 -> latest
message_filter_v2 (Alias name: message-filter-v2) Message filter. type: str more...

Supported Version Ranges: v6.0.0 -> latest
min_message_length (Alias name: min-message-length) Min message length type: int more...

Supported Version Ranges: v6.0.0 -> latest
miss_must_ie (Alias name: miss-must-ie) Missing mandatory information element type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
monitor_mode (Alias name: monitor-mode) Gtp monitor mode type: str choices: [disable, enable, vdom] more...

Supported Version Ranges: v6.0.0 -> latest
name Profile name. type: str more...

Supported Version Ranges: v6.0.0 -> latest
noip_filter (Alias name: noip-filter) Non-ip filter for encapsulted traffic type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
noip_policy (Alias name: noip-policy) Noip-policy. type: list more...

Supported Version Ranges: v6.0.0 -> latest
- action Action. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- end End of protocol range (0 - 255). type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- id Id. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- start Start of protocol range (0 - 255). type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- type Protocol field type. type: str choices: [etsi, ietf] more...
  
  Supported Version Ranges: v6.0.0 -> latest
out_of_state_ie (Alias name: out-of-state-ie) Out of state information element. type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
out_of_state_message (Alias name: out-of-state-message) Out of state gtp message type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
per_apn_shaper (Alias name: per-apn-shaper) Per-apn-shaper. type: list more...

Supported Version Ranges: v6.0.0 -> latest
- apn Apn name. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- id Id. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- rate_limit (Alias name: rate-limit) Rate limit (packets/s) for create pdp context request. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- version Gtp version number: 0 or 1. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
policy Policy. type: list more...

Supported Version Ranges: v6.0.0 -> latest
- action Action. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- apn_sel_mode (Alias name: apn-sel-mode) Apn selection mode. type: list choices: [ms, net, vrf] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- apnmember Apn member. type: list or str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- id Id. type: int more...
  
  Supported Version Ranges: v6.0.0 -> latest
- imei Imei(sv) pattern. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- imsi Imsi prefix. type: str more...
  
  Supported Version Ranges: v6.0.0 -> v7.2.1
- max_apn_restriction (Alias name: max-apn-restriction) Maximum apn restriction value. type: str choices: [all, public-1, public-2, private-1, private-2] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- messages Gtp messages. type: list choices: [create-req, create-res, update-req, update-res] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- msisdn Msisdn prefix. type: str more...
  
  Supported Version Ranges: v6.0.0 -> v7.2.1
- rai Rai pattern. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- rat_type (Alias name: rat-type) Rat type. type: list choices: [any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot] more...
  
  Supported Version Ranges: v6.0.0 -> latest
- uli Uli pattern. type: str more...
  
  Supported Version Ranges: v6.0.0 -> latest
- imsi_prefix (Alias name: imsi-prefix) Imsi prefix. type: str more...
  
  Supported Version Ranges: v6.2.0 -> latest
- msisdn_prefix (Alias name: msisdn-prefix) Msisdn prefix. type: str more...
  
  Supported Version Ranges: v6.2.0 -> latest
- apn Apn subfix. type: str more...
  
  Supported Version Ranges: v6.2.0 -> v6.2.12
policy_filter (Alias name: policy-filter) Advanced policy filter type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
port_notify (Alias name: port-notify) Overbilling notify port type: int more...

Supported Version Ranges: v6.0.0 -> latest
rate_limit_mode (Alias name: rate-limit-mode) Gtp rate limit mode. type: str choices: [per-profile, per-stream, per-apn] more...

Supported Version Ranges: v6.0.0 -> latest
rate_limited_log (Alias name: rate-limited-log) Log rate limited type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
rate_sampling_interval (Alias name: rate-sampling-interval) Rate sampling interval (1-3600 seconds) type: int more...

Supported Version Ranges: v6.0.0 -> latest
remove_if_echo_expires (Alias name: remove-if-echo-expires) Remove if echo response expires type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
remove_if_recovery_differ (Alias name: remove-if-recovery-differ) Remove upon different recovery ie type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
reserved_ie (Alias name: reserved-ie) Reserved information element type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
send_delete_when_timeout (Alias name: send-delete-when-timeout) Send delete request to path endpoints when gtpv0/v1 tunnel timeout. type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
send_delete_when_timeout_v2 (Alias name: send-delete-when-timeout-v2) Send delete request to path endpoints when gtpv2 tunnel timeout. type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
spoof_src_addr (Alias name: spoof-src-addr) Spoofed source address for mobile station. type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
state_invalid_log (Alias name: state-invalid-log) Log state invalid type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
traffic_count_log (Alias name: traffic-count-log) Log tunnel traffic counter type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
tunnel_limit (Alias name: tunnel-limit) Tunnel limit type: int more...

Supported Version Ranges: v6.0.0 -> latest
tunnel_limit_log (Alias name: tunnel-limit-log) Tunnel limit type: str choices: [disable, enable] more...

Supported Version Ranges: v6.0.0 -> latest
tunnel_timeout (Alias name: tunnel-timeout) Established tunnel timeout (in seconds). type: int more...

Supported Version Ranges: v6.0.0 -> latest
unknown_version_action (Alias name: unknown-version-action) Action for unknown gtp version type: str choices: [allow, deny] more...

Supported Version Ranges: v6.0.0 -> latest
user_plane_message_rate_limit (Alias name: user-plane-message-rate-limit) User plane message rate limit type: int more...

Supported Version Ranges: v6.0.0 -> latest
warning_threshold (Alias name: warning-threshold) Warning threshold for rate limiting (0 - 99 percent). type: int more...

Supported Version Ranges: v6.0.0 -> latest
policy_v2 (Alias name: policy-v2) Policy-v2. type: list more...

Supported Version Ranges: v6.2.1 -> latest
- action Action. type: str choices: [deny, allow] more...
  
  Supported Version Ranges: v6.2.1 -> latest
- apn_sel_mode (Alias name: apn-sel-mode) Apn selection mode. type: list choices: [ms, net, vrf] more...
  
  Supported Version Ranges: v6.2.1 -> latest
- apnmember Apn member. type: list or str more...
  
  Supported Version Ranges: v6.2.1 -> latest
- id Id. type: int more...
  
  Supported Version Ranges: v6.2.1 -> latest
- imsi_prefix (Alias name: imsi-prefix) Imsi prefix. type: str more...
  
  Supported Version Ranges: v6.2.1 -> latest
- max_apn_restriction (Alias name: max-apn-restriction) Maximum apn restriction value. type: str choices: [all, public-1, public-2, private-1, private-2] more...
  
  Supported Version Ranges: v6.2.1 -> latest
- mei Mei pattern. type: str more...
  
  Supported Version Ranges: v6.2.1 -> latest
- messages Gtp messages. type: list choices: [create-ses-req, create-ses-res, modify-bearer-req, modify-bearer-res] more...
  
  Supported Version Ranges: v6.2.1 -> latest
- msisdn_prefix (Alias name: msisdn-prefix) Msisdn prefix. type: str more...
  
  Supported Version Ranges: v6.2.1 -> latest
- rat_type (Alias name: rat-type) Rat type. type: list choices: [any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr] more...
  
  Supported Version Ranges: v6.2.1 -> latest
- uli Gtpv2 uli patterns (in order of cgi sai rai tai ecgi lai). type: list more...
  
  Supported Version Ranges: v6.2.1 -> latest
sub_second_interval (Alias name: sub-second-interval) Sub-second interval (0. type: str choices: [0.1, 0.25, 0.5] more...

Supported Version Ranges: v6.2.2 -> latest
sub_second_sampling (Alias name: sub-second-sampling) Enable/disable sub-second sampling. type: str choices: [disable, enable] more...

Supported Version Ranges: v6.2.2 -> latest
authorized_ggsns6 (Alias name: authorized-ggsns6) Authorized ggsn/pgw ipv6 group. type: str more...

Supported Version Ranges: v6.4.2 -> latest
authorized_sgsns6 (Alias name: authorized-sgsns6) Authorized sgsn/sgw ipv6 group. type: str more...

Supported Version Ranges: v6.4.2 -> latest
handover_group6 (Alias name: handover-group6) Handover sgsn/sgw ipv6 group. type: str more...

Supported Version Ranges: v6.4.2 -> latest
invalid_sgsns6_to_log (Alias name: invalid-sgsns6-to-log) Invalid sgsn ipv6 group to be logged. type: str more...

Supported Version Ranges: v6.4.2 -> latest
ie_validation (Alias name: ie-validation) type: dict
- apn_restriction (Alias name: apn-restriction) Validate apn restriction. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- charging_ID (Alias name: charging-ID) Validate charging id. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- charging_gateway_addr (Alias name: charging-gateway-addr) Validate charging gateway address. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- end_user_addr (Alias name: end-user-addr) Validate end user address. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- gsn_addr (Alias name: gsn-addr) Validate gsn address. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- imei Validate imei(sv). type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- imsi Validate imsi. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mm_context (Alias name: mm-context) Validate mm context. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- ms_tzone (Alias name: ms-tzone) Validate ms time zone. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- ms_validated (Alias name: ms-validated) Validate ms validated. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- msisdn Validate msisdn. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- nsapi Validate nsapi. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- pdp_context (Alias name: pdp-context) Validate pdp context. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- qos_profile (Alias name: qos-profile) Validate quality of service(qos) profile. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- rai Validate rai. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- rat_type (Alias name: rat-type) Validate rat type. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- reordering_required (Alias name: reordering-required) Validate re-ordering required. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- selection_mode (Alias name: selection-mode) Validate selection mode. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- uli Validate user location information. type: str choices: [disable, enable] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
message_rate_limit (Alias name: message-rate-limit) type: dict
- create_aa_pdp_request (Alias name: create-aa-pdp-request) Rate limit for create aa pdp context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- create_aa_pdp_response (Alias name: create-aa-pdp-response) Rate limit for create aa pdp context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- create_mbms_request (Alias name: create-mbms-request) Rate limit for create mbms context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- create_mbms_response (Alias name: create-mbms-response) Rate limit for create mbms context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- create_pdp_request (Alias name: create-pdp-request) Rate limit for create pdp context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- create_pdp_response (Alias name: create-pdp-response) Rate limit for create pdp context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_aa_pdp_request (Alias name: delete-aa-pdp-request) Rate limit for delete aa pdp context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_aa_pdp_response (Alias name: delete-aa-pdp-response) Rate limit for delete aa pdp context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_mbms_request (Alias name: delete-mbms-request) Rate limit for delete mbms context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_mbms_response (Alias name: delete-mbms-response) Rate limit for delete mbms context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_pdp_request (Alias name: delete-pdp-request) Rate limit for delete pdp context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_pdp_response (Alias name: delete-pdp-response) Rate limit for delete pdp context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- echo_reponse (Alias name: echo-reponse) Rate limit for echo response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- echo_request (Alias name: echo-request) Rate limit for echo requests (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- error_indication (Alias name: error-indication) Rate limit for error indication (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- failure_report_request (Alias name: failure-report-request) Rate limit for failure report request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- failure_report_response (Alias name: failure-report-response) Rate limit for failure report response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- fwd_reloc_complete_ack (Alias name: fwd-reloc-complete-ack) Rate limit for forward relocation complete acknowledge (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- fwd_relocation_complete (Alias name: fwd-relocation-complete) Rate limit for forward relocation complete (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- fwd_relocation_request (Alias name: fwd-relocation-request) Rate limit for forward relocation request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- fwd_relocation_response (Alias name: fwd-relocation-response) Rate limit for forward relocation response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- fwd_srns_context (Alias name: fwd-srns-context) Rate limit for forward srns context (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- fwd_srns_context_ack (Alias name: fwd-srns-context-ack) Rate limit for forward srns context acknowledge (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- g_pdu (Alias name: g-pdu) Rate limit for g-pdu (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- identification_request (Alias name: identification-request) Rate limit for identification request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- identification_response (Alias name: identification-response) Rate limit for identification response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_de_reg_request (Alias name: mbms-de-reg-request) Rate limit for mbms de-registration request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_de_reg_response (Alias name: mbms-de-reg-response) Rate limit for mbms de-registration response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_notify_rej_request (Alias name: mbms-notify-rej-request) Rate limit for mbms notification reject request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_notify_rej_response (Alias name: mbms-notify-rej-response) Rate limit for mbms notification reject response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_notify_request (Alias name: mbms-notify-request) Rate limit for mbms notification request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_notify_response (Alias name: mbms-notify-response) Rate limit for mbms notification response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_reg_request (Alias name: mbms-reg-request) Rate limit for mbms registration request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_reg_response (Alias name: mbms-reg-response) Rate limit for mbms registration response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_ses_start_request (Alias name: mbms-ses-start-request) Rate limit for mbms session start request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_ses_start_response (Alias name: mbms-ses-start-response) Rate limit for mbms session start response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_ses_stop_request (Alias name: mbms-ses-stop-request) Rate limit for mbms session stop request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- mbms_ses_stop_response (Alias name: mbms-ses-stop-response) Rate limit for mbms session stop response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- note_ms_request (Alias name: note-ms-request) Rate limit for note ms gprs present request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- note_ms_response (Alias name: note-ms-response) Rate limit for note ms gprs present response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- pdu_notify_rej_request (Alias name: pdu-notify-rej-request) Rate limit for pdu notify reject request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- pdu_notify_rej_response (Alias name: pdu-notify-rej-response) Rate limit for pdu notify reject response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- pdu_notify_request (Alias name: pdu-notify-request) Rate limit for pdu notify request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- pdu_notify_response (Alias name: pdu-notify-response) Rate limit for pdu notify response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- ran_info (Alias name: ran-info) Rate limit for ran information relay (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- relocation_cancel_request (Alias name: relocation-cancel-request) Rate limit for relocation cancel request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- relocation_cancel_response (Alias name: relocation-cancel-response) Rate limit for relocation cancel response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- send_route_request (Alias name: send-route-request) Rate limit for send routing information for gprs request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- send_route_response (Alias name: send-route-response) Rate limit for send routing information for gprs response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- sgsn_context_ack (Alias name: sgsn-context-ack) Rate limit for sgsn context acknowledgement (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- sgsn_context_request (Alias name: sgsn-context-request) Rate limit for sgsn context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- sgsn_context_response (Alias name: sgsn-context-response) Rate limit for sgsn context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- support_ext_hdr_notify (Alias name: support-ext-hdr-notify) Rate limit for support extension headers notification (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- update_mbms_request (Alias name: update-mbms-request) Rate limit for update mbms context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- update_mbms_response (Alias name: update-mbms-response) Rate limit for update mbms context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- update_pdp_request (Alias name: update-pdp-request) Rate limit for update pdp context request (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- update_pdp_response (Alias name: update-pdp-response) Rate limit for update pdp context response (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- version_not_support (Alias name: version-not-support) Rate limit for version not supported (packets per second). type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
message_rate_limit_v0 (Alias name: message-rate-limit-v0) type: dict
- create_pdp_request (Alias name: create-pdp-request) Rate limit (packets/s) for create pdp context request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_pdp_request (Alias name: delete-pdp-request) Rate limit (packets/s) for delete pdp context request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- echo_request (Alias name: echo-request) Rate limit (packets/s) for echo request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
message_rate_limit_v1 (Alias name: message-rate-limit-v1) type: dict
- create_pdp_request (Alias name: create-pdp-request) Rate limit (packets/s) for create pdp context request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_pdp_request (Alias name: delete-pdp-request) Rate limit (packets/s) for delete pdp context request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- echo_request (Alias name: echo-request) Rate limit (packets/s) for echo request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
message_rate_limit_v2 (Alias name: message-rate-limit-v2) type: dict
- create_session_request (Alias name: create-session-request) Rate limit (packets/s) for create session request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- delete_session_request (Alias name: delete-session-request) Rate limit (packets/s) for delete session request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
- echo_request (Alias name: echo-request) Rate limit (packets/s) for echo request. type: int more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12, v6.4.5 -> latest
ie_allow_list_v0v1 (Alias name: ie-allow-list-v0v1) Ie allow list. type: str more...

Supported Version Ranges: v7.0.0 -> latest
ie_allow_list_v2 (Alias name: ie-allow-list-v2) Ie allow list. type: str more...

Supported Version Ranges: v7.0.0 -> latest
rat_timeout_profile (Alias name: rat-timeout-profile) Rat timeout profile. type: str more...

Supported Version Ranges: v7.0.1 -> latest
message_filter (Alias name: message-filter) type: dict
- create_aa_pdp (Alias name: create-aa-pdp) Create aa pdp. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- create_mbms (Alias name: create-mbms) Create mbms. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- create_pdp (Alias name: create-pdp) Create pdp. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- data_record (Alias name: data-record) Data record. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- delete_aa_pdp (Alias name: delete-aa-pdp) Delete aa pdp. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- delete_mbms (Alias name: delete-mbms) Delete mbms. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- delete_pdp (Alias name: delete-pdp) Delete pdp. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- echo Echo. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- error_indication (Alias name: error-indication) Error indication. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- failure_report (Alias name: failure-report) Failure report. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- fwd_relocation (Alias name: fwd-relocation) Forward relocation. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- fwd_srns_context (Alias name: fwd-srns-context) Forward srns context. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- gtp_pdu (Alias name: gtp-pdu) Gtp pdu. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- identification Identification. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- mbms_notification (Alias name: mbms-notification) Mbms notification. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- node_alive (Alias name: node-alive) Node alive. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- note_ms_present (Alias name: note-ms-present) Note ms present. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- pdu_notification (Alias name: pdu-notification) Pdu notification. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- ran_info (Alias name: ran-info) Ran info. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- redirection Redirection. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- relocation_cancel (Alias name: relocation-cancel) Relocation cancel. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- send_route (Alias name: send-route) Send route. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- sgsn_context (Alias name: sgsn-context) Sgsn context. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- support_extension (Alias name: support-extension) Support extension. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- unknown_message_action (Alias name: unknown-message-action) Unknown message action. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- update_mbms (Alias name: update-mbms) Update mbms. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- update_pdp (Alias name: update-pdp) Update pdp. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12
- version_not_support (Alias name: version-not-support) Version not supported. type: str choices: [allow, deny] more...
  
  Supported Version Ranges: v6.2.8 -> v6.2.12

Notes 

Note

Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state: present directive.
To delete an object, use state: absent directive
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples 

- name: Example playbook
  hosts: fortimanagers
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Configure GTP.
      fortinet.fortimanager.fmgr_firewall_gtp:
        bypass_validation: false
        adom: FortiCarrier # This is FOC-only object, need a FortiCarrier adom
        state: present
        firewall_gtp:
          monitor-mode: disable # <value in [disable, enable, vdom]>
          name: "ansible-test"

- name: Gathering fortimanager facts
  hosts: fortimanagers
  gather_facts: false
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Retrieve all the GTPs
      fortinet.fortimanager.fmgr_fact:
        facts:
          selector: "firewall_gtp"
          params:
            adom: "FortiCarrier" # This is FOC-only object, need a FortiCarrier adom
            gtp: "your_value"

Return Values 

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

meta - The result of the request.returned: always type: dict

request_url - The full url requested. returned: always type: str sample: /sys/login/user
response_code - The status of api request. returned: always type: int sample: 0
response_data - The data body of the api response. returned: optional type: list or dict
response_message - The descriptive message of the api response. returned: always type: str sample: OK
system_information - The information of the target system. returned: always type: dict

rc - The status the request. returned: always type: int sample: 0
version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list

Status 

This module is not guaranteed to have a backwards compatible interface.

Authors 

Xinwei Du (@dux-fortinet)
Xing Li (@lix-fortinet)
Jie Xue (@JieX19)
Link Zheng (@chillancezen)
Frank Shen (@fshen01)
Hongbin Lu (@fgtdev-hblu)