fmgr_fsp_vlan – Fsp vlan.
Added in version 2.0.0.
Warning
Starting in version 3.0.0, all input arguments will be named using the underscore naming convention (snake_case).
Argument name before 3.0.0:
var-name,var name,var.nameNew argument name starting in 3.0.0:
var_name
FortiManager Ansible v2.4+ supports both previous argument name and new underscore name. You will receive deprecation warnings if you keep using the previous argument name. You can ignore the warning by setting deprecation_warnings=False in ansible.cfg.
Synopsis
This module is able to configure a FortiManager device.
Examples include all parameters and values need to be adjusted to data sources before usage.
Tested with FortiManager v6.x and v7.x.
Requirements
The below requirements are needed on the host that executes this module.
ansible>=2.15.0
FortiManager Version Compatibility
Supported Version Ranges: v6.0.0 -> latest
Parameters
- access_token -The token to access FortiManager without using username and password. type: str required: false
- bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool required: false default: False
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
- proposed_method - The overridden method for the underlying Json RPC request. type: str required: false choices: set, update, add
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
- workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
- adom - The parameter in requested url type: str required: true
- fsp_vlan - Fsp vlan type: dict
- _dhcp_status (Alias name: _dhcp-status) _dhcp-status. type: str choices: [disable, enable] more...
- auth type: str choices: [radius, usergroup] more...
- color Color. type: int more...
- comments type: str more...
- dynamic_mapping Dynamic_mapping. type: list
more...
- _dhcp_status (Alias name: _dhcp-status) _dhcp-status. type: str choices: [disable, enable] more...
- _scope _scope. type: list more...
- dhcp_server (Alias name: dhcp-server) type: dict
- auto_configuration (Alias name: auto-configuration) Enable/disable auto configuration. type: str choices: [disable, enable] more...
- auto_managed_status (Alias name: auto-managed-status) Enable/disable use of this dhcp server once this interface has been assigned an ip address from fortiipam. type: str choices: [disable, enable] more...
- conflicted_ip_timeout (Alias name: conflicted-ip-timeout) Time in seconds to wait after a conflicted ip address is removed from the dhcp range before it can be reused. type: int more...
- ddns_auth (Alias name: ddns-auth) Ddns authentication mode. type: str choices: [disable, tsig] more...
- ddns_key (Alias name: ddns-key) Ddns update key (base 64 encoding). type: list or str more...
- ddns_keyname (Alias name: ddns-keyname) Ddns update key name. type: str more...
- ddns_server_ip (Alias name: ddns-server-ip) Ddns server ip. type: str more...
- ddns_ttl (Alias name: ddns-ttl) Ttl. type: int more...
- ddns_update (Alias name: ddns-update) Enable/disable ddns update for dhcp. type: str choices: [disable, enable] more...
- ddns_update_override (Alias name: ddns-update-override) Enable/disable ddns update override for dhcp. type: str choices: [disable, enable] more...
- ddns_zone (Alias name: ddns-zone) Zone of your domain name (ex. type: str more...
- default_gateway (Alias name: default-gateway) Default gateway ip address assigned by the dhcp server. type: str more...
- dhcp_settings_from_fortiipam (Alias name: dhcp-settings-from-fortiipam) Enable/disable populating of dhcp server settings from fortiipam. type: str choices: [disable, enable] more...
- dns_server1 (Alias name: dns-server1) Dns server 1. type: str more...
- dns_server2 (Alias name: dns-server2) Dns server 2. type: str more...
- dns_server3 (Alias name: dns-server3) Dns server 3. type: str more...
- dns_server4 (Alias name: dns-server4) Dns server 4. type: str more...
- dns_service (Alias name: dns-service) Options for assigning dns servers to dhcp clients. type: str choices: [default, specify, local] more...
- domain Domain name suffix for the ip addresses that the dhcp server assigns to clients. type: str more...
- enable Enable. type: str choices: [disable, enable] more...
- exclude_range (Alias name: exclude-range) Exclude-range. type: list
more...
- end_ip (Alias name: end-ip) End of ip range. type: str more...
- id Id. type: int more...
- start_ip (Alias name: start-ip) Start of ip range. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) type: list more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means default lease time. type: int more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) type: list more...
- filename Name of the boot file on the tftp server. type: str more...
- forticlient_on_net_status (Alias name: forticlient-on-net-status) Enable/disable forticlient-on-net service for this dhcp server. type: str choices: [disable, enable] more...
- id Id. type: int more...
- ip_mode (Alias name: ip-mode) Method used to assign client ip. type: str choices: [range, usrgrp] more...
- ip_range (Alias name: ip-range) Ip-range. type: list
more...
- end_ip (Alias name: end-ip) End of ip range. type: str more...
- id Id. type: int more...
- start_ip (Alias name: start-ip) Start of ip range. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) type: list more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means default lease time. type: int more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) type: list more...
- ipsec_lease_hold (Alias name: ipsec-lease-hold) Dhcp over ipsec leases expire this many seconds after tunnel down (0 to disable forced-expiry). type: int more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means unlimited. type: int more...
- mac_acl_default_action (Alias name: mac-acl-default-action) Mac access control default action (allow or block assigning ip settings). type: str choices: [assign, block] more...
- netmask Netmask assigned by the dhcp server. type: str more...
- next_server (Alias name: next-server) Ip address of a server (for example, a tftp sever) that dhcp clients can download a boot file from. type: str more...
- ntp_server1 (Alias name: ntp-server1) Ntp server 1. type: str more...
- ntp_server2 (Alias name: ntp-server2) Ntp server 2. type: str more...
- ntp_server3 (Alias name: ntp-server3) Ntp server 3. type: str more...
- ntp_service (Alias name: ntp-service) Options for assigning network time protocol (ntp) servers to dhcp clients. type: str choices: [default, specify, local] more...
- option1 Option1. type: list more...
- option2 Option2. type: list more...
- option3 Option3. type: list more...
- option4 Option4. type: str more...
- option5 Option5. type: str more...
- option6 Option6. type: str more...
- options Options. type: list
more...
- code Dhcp option code. type: int more...
- id Id. type: int more...
- ip Dhcp option ips. type: list more...
- type Dhcp option type. type: str choices: [hex, string, ip, fqdn] more...
- value Dhcp option value. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) type: list more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) type: list more...
- reserved_address (Alias name: reserved-address) Reserved-address. type: list
more...
- action Options for the dhcp server to configure the client with the reserved mac address. type: str choices: [assign, block, reserved] more...
- circuit_id (Alias name: circuit-id) Option 82 circuit-id of the client that will get the reserved ip address. type: str more...
- circuit_id_type (Alias name: circuit-id-type) Dhcp option type. type: str choices: [hex, string] more...
- description Description. type: str more...
- id Id. type: int more...
- ip Ip address to be reserved for the mac address. type: str more...
- mac Mac address of the client that will get the reserved ip address. type: str more...
- remote_id (Alias name: remote-id) Option 82 remote-id of the client that will get the reserved ip address. type: str more...
- remote_id_type (Alias name: remote-id-type) Dhcp option type. type: str choices: [hex, string] more...
- type Dhcp reserved-address type. type: str choices: [mac, option82] more...
- server_type (Alias name: server-type) Dhcp server can be a normal dhcp server or an ipsec dhcp server. type: str choices: [regular, ipsec] more...
- status Enable/disable this dhcp configuration. type: str choices: [disable, enable] more...
- tftp_server (Alias name: tftp-server) One or more hostnames or ip addresses of the tftp servers in quotes separated by spaces. type: list more...
- timezone Select the time zone to be assigned to dhcp clients. type: str choices: [00, 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87] more...
- timezone_option (Alias name: timezone-option) Options for the dhcp server to set the clients time zone. type: str choices: [disable, default, specify] more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) One or more vci strings in quotes separated by spaces. type: list more...
- wifi_ac_service (Alias name: wifi-ac-service) Options for assigning wifi access controllers to dhcp clients type: str choices: [specify, local] more...
- wifi_ac1 (Alias name: wifi-ac1) Wifi access controller 1 ip address (dhcp option 138, rfc 5417). type: str more...
- wifi_ac2 (Alias name: wifi-ac2) Wifi access controller 2 ip address (dhcp option 138, rfc 5417). type: str more...
- wifi_ac3 (Alias name: wifi-ac3) Wifi access controller 3 ip address (dhcp option 138, rfc 5417). type: str more...
- wins_server1 (Alias name: wins-server1) Wins server 1. type: str more...
- wins_server2 (Alias name: wins-server2) Wins server 2. type: str more...
- relay_agent (Alias name: relay-agent) Relay agent ip. type: str more...
- shared_subnet (Alias name: shared-subnet) Enable/disable shared subnet. type: str choices: [disable, enable] more...
- interface type: dict
- dhcp_relay_agent_option (Alias name: dhcp-relay-agent-option) Dhcp-relay-agent-option. type: str choices: [disable, enable] more...
- dhcp_relay_ip (Alias name: dhcp-relay-ip) Dhcp-relay-ip. type: list more...
- dhcp_relay_service (Alias name: dhcp-relay-service) Dhcp-relay-service. type: str choices: [disable, enable] more...
- dhcp_relay_type (Alias name: dhcp-relay-type) Dhcp-relay-type. type: str choices: [regular, ipsec] more...
- ip Ip. type: str more...
- ipv6 type: dict
- autoconf Enable/disable address auto config. type: str choices: [disable, enable] more...
- dhcp6_client_options (Alias name: dhcp6-client-options) Dhcp6-client-options. type: list choices: [rapid, iapd, iana, dns, dnsname] more...
- dhcp6_information_request (Alias name: dhcp6-information-request) Enable/disable dhcpv6 information request. type: str choices: [disable, enable] more...
- dhcp6_prefix_delegation (Alias name: dhcp6-prefix-delegation) Enable/disable dhcpv6 prefix delegation. type: str choices: [disable, enable] more...
- dhcp6_prefix_hint (Alias name: dhcp6-prefix-hint) Dhcpv6 prefix that will be used as a hint to the upstream dhcpv6 server. type: str more...
- dhcp6_prefix_hint_plt (Alias name: dhcp6-prefix-hint-plt) Dhcpv6 prefix hint preferred life time (sec), 0 means unlimited lease time. type: int more...
- dhcp6_prefix_hint_vlt (Alias name: dhcp6-prefix-hint-vlt) Dhcpv6 prefix hint valid life time (sec). type: int more...
- dhcp6_relay_ip (Alias name: dhcp6-relay-ip) Dhcpv6 relay ip address. type: str more...
- dhcp6_relay_service (Alias name: dhcp6-relay-service) Enable/disable dhcpv6 relay. type: str choices: [disable, enable] more...
- dhcp6_relay_type (Alias name: dhcp6-relay-type) Dhcpv6 relay type. type: str choices: [regular] more...
- icmp6_send_redirect (Alias name: icmp6-send-redirect) Enable/disable sending of icmpv6 redirects. type: str choices: [disable, enable] more...
- interface_identifier (Alias name: interface-identifier) Ipv6 interface identifier. type: str more...
- ip6_address (Alias name: ip6-address) Primary ipv6 address prefix, syntax: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx type: str more...
- ip6_allowaccess (Alias name: ip6-allowaccess) Allow management access to the interface. type: list choices: [https, ping, ssh, snmp, http, telnet, fgfm, capwap, fabric] more...
- ip6_default_life (Alias name: ip6-default-life) Default life (sec). type: int more...
- ip6_delegated_prefix_list (Alias name: ip6-delegated-prefix-list) Ip6-delegated-prefix-list. type: list
more...
- autonomous_flag (Alias name: autonomous-flag) Enable/disable the autonomous flag. type: str choices: [disable, enable] more...
- onlink_flag (Alias name: onlink-flag) Enable/disable the onlink flag. type: str choices: [disable, enable] more...
- prefix_id (Alias name: prefix-id) Prefix id. type: int more...
- rdnss Recursive dns server option. type: list more...
- rdnss_service (Alias name: rdnss-service) Recursive dns service option. type: str choices: [delegated, default, specify] more...
- subnet Add subnet id to routing prefix. type: str more...
- upstream_interface (Alias name: upstream-interface) Name of the interface that provides delegated information. type: str more...
- delegated_prefix_iaid (Alias name: delegated-prefix-iaid) Iaid of obtained delegated-prefix from the upstream interface. type: int more...
- ip6_dns_server_override (Alias name: ip6-dns-server-override) Enable/disable using the dns server acquired by dhcp. type: str choices: [disable, enable] more...
- ip6_extra_addr (Alias name: ip6-extra-addr) Ip6-extra-addr. type: list
more...
- prefix Ipv6 address prefix. type: str more...
- ip6_hop_limit (Alias name: ip6-hop-limit) Hop limit (0 means unspecified). type: int more...
- ip6_link_mtu (Alias name: ip6-link-mtu) Ipv6 link mtu. type: int more...
- ip6_manage_flag (Alias name: ip6-manage-flag) Enable/disable the managed flag. type: str choices: [disable, enable] more...
- ip6_max_interval (Alias name: ip6-max-interval) Ipv6 maximum interval (4 to 1800 sec). type: int more...
- ip6_min_interval (Alias name: ip6-min-interval) Ipv6 minimum interval (3 to 1350 sec). type: int more...
- ip6_mode (Alias name: ip6-mode) Addressing mode (static, dhcp, delegated). type: str choices: [static, dhcp, pppoe, delegated] more...
- ip6_other_flag (Alias name: ip6-other-flag) Enable/disable the other ipv6 flag. type: str choices: [disable, enable] more...
- ip6_prefix_list (Alias name: ip6-prefix-list) Ip6-prefix-list. type: list
more...
- autonomous_flag (Alias name: autonomous-flag) Enable/disable the autonomous flag. type: str choices: [disable, enable] more...
- dnssl Dns search list option. type: list more...
- onlink_flag (Alias name: onlink-flag) Enable/disable the onlink flag. type: str choices: [disable, enable] more...
- preferred_life_time (Alias name: preferred-life-time) Preferred life time (sec). type: int more...
- prefix Ipv6 prefix. type: str more...
- rdnss Recursive dns server option. type: list more...
- valid_life_time (Alias name: valid-life-time) Valid life time (sec). type: int more...
- ip6_reachable_time (Alias name: ip6-reachable-time) Ipv6 reachable time (milliseconds; 0 means unspecified). type: int more...
- ip6_retrans_time (Alias name: ip6-retrans-time) Ipv6 retransmit time (milliseconds; 0 means unspecified). type: int more...
- ip6_send_adv (Alias name: ip6-send-adv) Enable/disable sending advertisements about the interface. type: str choices: [disable, enable] more...
- ip6_subnet (Alias name: ip6-subnet) Subnet to routing prefix, syntax: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx type: str more...
- ip6_upstream_interface (Alias name: ip6-upstream-interface) Interface name providing delegated information. type: str more...
- nd_cert (Alias name: nd-cert) Neighbor discovery certificate. type: str more...
- nd_cga_modifier (Alias name: nd-cga-modifier) Neighbor discovery cga modifier. type: str more...
- nd_mode (Alias name: nd-mode) Neighbor discovery mode. type: str choices: [basic, SEND-compatible] more...
- nd_security_level (Alias name: nd-security-level) Neighbor discovery security level (0 - 7; 0 = least secure, default = 0). type: int more...
- nd_timestamp_delta (Alias name: nd-timestamp-delta) Neighbor discovery timestamp delta value (1 - 3600 sec; default = 300). type: int more...
- nd_timestamp_fuzz (Alias name: nd-timestamp-fuzz) Neighbor discovery timestamp fuzz factor (1 - 60 sec; default = 1). type: int more...
- unique_autoconf_addr (Alias name: unique-autoconf-addr) Enable/disable unique auto config address. type: str choices: [disable, enable] more...
- vrip6_link_local Link-local ipv6 address of virtual router. type: str more...
- vrrp_virtual_mac6 (Alias name: vrrp-virtual-mac6) Enable/disable virtual mac for vrrp. type: str choices: [disable, enable] more...
- vrrp6 Vrrp6. type: list
more...
- accept_mode (Alias name: accept-mode) Enable/disable accept mode. type: str choices: [disable, enable] more...
- adv_interval (Alias name: adv-interval) Advertisement interval (1 - 255 seconds). type: int more...
- preempt Enable/disable preempt mode. type: str choices: [disable, enable] more...
- priority Priority of the virtual router (1 - 255). type: int more...
- start_time (Alias name: start-time) Startup time (1 - 255 seconds). type: int more...
- status Enable/disable vrrp. type: str choices: [disable, enable] more...
- vrdst6 Monitor the route to this destination. type: str more...
- vrgrp Vrrp group id (1 - 65535). type: int more...
- vrid Virtual router identifier (1 - 255). type: int more...
- vrip6 Ipv6 address of the virtual router. type: str more...
- ignore_default_route (Alias name: ignore-default-route) Enable/disable ignoring of default route when checking destination. type: str choices: [disable, enable] more...
- cli_conn6_status (Alias name: cli-conn6-status) Cli-conn6-status. type: int more...
- ip6_prefix_mode (Alias name: ip6-prefix-mode) Assigning a prefix from dhcp or ra. type: str choices: [dhcp6, ra] more...
- ra_send_mtu (Alias name: ra-send-mtu) Enable/disable sending link mtu in ra packet. type: str choices: [disable, enable] more...
- ip6_delegated_prefix_iaid (Alias name: ip6-delegated-prefix-iaid) Iaid of obtained delegated-prefix from the upstream interface. type: int more...
- dhcp6_relay_source_interface (Alias name: dhcp6-relay-source-interface) Enable/disable use of address on this interface as the source address of the relay message. type: str choices: [disable, enable] more...
- dhcp6_relay_interface_id (Alias name: dhcp6-relay-interface-id) Dhcp6 relay interface id. type: str more...
- dhcp6_relay_source_ip (Alias name: dhcp6-relay-source-ip) Ipv6 address used by the dhcp6 relay as its source ip. type: str more...
- secondary_IP (Alias name: secondary-IP) Secondary-ip. type: str choices: [disable, enable] more...
- secondaryip Secondaryip. type: list
more...
- allowaccess Management access settings for the secondary ip address. type: list choices: [https, ping, ssh, snmp, http, telnet, fgfm, auto-ipsec, radius-acct, probe-response, capwap, dnp, ftm, fabric, speed-test] more...
- detectprotocol Protocols used to detect the server. type: list choices: [ping, tcp-echo, udp-echo] more...
- detectserver Gateways ping server for this ip. type: str more...
- gwdetect Enable/disable detect gateway alive for first. type: str choices: [disable, enable] more...
- ha_priority (Alias name: ha-priority) Ha election priority for the ping server. type: int more...
- id Id. type: int more...
- ip Secondary ip address of the interface. type: str more...
- ping_serv_status (Alias name: ping-serv-status) Ping-serv-status. type: int more...
- seq Seq. type: int more...
- secip_relay_ip (Alias name: secip-relay-ip) Dhcp relay ip address. type: str more...
- vlanid Vlanid. type: int more...
- dhcp_relay_interface_select_method (Alias name: dhcp-relay-interface-select-method) type: str choices: [auto, sdwan, specify] more...
- vrrp type: list
more...
- accept_mode (Alias name: accept-mode) Enable/disable accept mode. type: str choices: [disable, enable] more...
- adv_interval (Alias name: adv-interval) Advertisement interval (1 - 255 seconds). type: int more...
- ignore_default_route (Alias name: ignore-default-route) Enable/disable ignoring of default route when checking destination. type: str choices: [disable, enable] more...
- preempt Enable/disable preempt mode. type: str choices: [disable, enable] more...
- priority Priority of the virtual router (1 - 255). type: int more...
- proxy_arp (Alias name: proxy-arp) type: list more...
- start_time (Alias name: start-time) Startup time (1 - 255 seconds). type: int more...
- status Enable/disable this vrrp configuration. type: str choices: [disable, enable] more...
- version Vrrp version. type: str choices: [2, 3] more...
- vrdst type: list more...
- vrdst_priority (Alias name: vrdst-priority) Priority of the virtual router when the virtual router destination becomes unreachable (0 - 254). type: int more...
- vrgrp Vrrp group id (1 - 65535). type: int more...
- vrid Virtual router identifier (1 - 255). type: int more...
- vrip Ip address of the virtual router. type: str more...
- name Name. type: str more...
- portal_message_override_group (Alias name: portal-message-override-group) type: str more...
- radius_server (Alias name: radius-server) type: str more...
- security type: str choices: [open, captive-portal, 8021x] more...
- selected_usergroups (Alias name: selected-usergroups) type: str more...
- usergroup type: str more...
- vdom Vdom. type: str more...
- vlanid Vlanid. type: int more...
- dhcp_server (Alias name: dhcp-server) type: dict
- auto_configuration (Alias name: auto-configuration) Enable/disable auto configuration. type: str choices: [disable, enable] more...
- auto_managed_status (Alias name: auto-managed-status) Enable/disable use of this dhcp server once this interface has been assigned an ip address from fortiipam. type: str choices: [disable, enable] more...
- conflicted_ip_timeout (Alias name: conflicted-ip-timeout) Time in seconds to wait after a conflicted ip address is removed from the dhcp range before it can be reused. type: int more...
- ddns_auth (Alias name: ddns-auth) Ddns authentication mode. type: str choices: [disable, tsig] more...
- ddns_key (Alias name: ddns-key) Ddns update key (base 64 encoding). type: list or str more...
- ddns_keyname (Alias name: ddns-keyname) Ddns update key name. type: str more...
- ddns_server_ip (Alias name: ddns-server-ip) Ddns server ip. type: str more...
- ddns_ttl (Alias name: ddns-ttl) Ttl. type: int more...
- ddns_update (Alias name: ddns-update) Enable/disable ddns update for dhcp. type: str choices: [disable, enable] more...
- ddns_update_override (Alias name: ddns-update-override) Enable/disable ddns update override for dhcp. type: str choices: [disable, enable] more...
- ddns_zone (Alias name: ddns-zone) Zone of your domain name (ex. type: str more...
- default_gateway (Alias name: default-gateway) Default gateway ip address assigned by the dhcp server. type: str more...
- dhcp_settings_from_fortiipam (Alias name: dhcp-settings-from-fortiipam) Enable/disable populating of dhcp server settings from fortiipam. type: str choices: [disable, enable] more...
- dns_server1 (Alias name: dns-server1) Dns server 1. type: str more...
- dns_server2 (Alias name: dns-server2) Dns server 2. type: str more...
- dns_server3 (Alias name: dns-server3) Dns server 3. type: str more...
- dns_server4 (Alias name: dns-server4) Dns server 4. type: str more...
- dns_service (Alias name: dns-service) Options for assigning dns servers to dhcp clients. type: str choices: [default, specify, local] more...
- domain Domain name suffix for the ip addresses that the dhcp server assigns to clients. type: str more...
- enable Enable. type: str choices: [disable, enable] more...
- exclude_range (Alias name: exclude-range) Exclude-range. type: list
more...
- end_ip (Alias name: end-ip) End of ip range. type: str more...
- id Id. type: int more...
- start_ip (Alias name: start-ip) Start of ip range. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) type: list more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means default lease time. type: int more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) type: list more...
- filename Name of the boot file on the tftp server. type: str more...
- forticlient_on_net_status (Alias name: forticlient-on-net-status) Enable/disable forticlient-on-net service for this dhcp server. type: str choices: [disable, enable] more...
- id Id. type: int more...
- ip_mode (Alias name: ip-mode) Method used to assign client ip. type: str choices: [range, usrgrp] more...
- ip_range (Alias name: ip-range) Ip-range. type: list
more...
- end_ip (Alias name: end-ip) End of ip range. type: str more...
- id Id. type: int more...
- start_ip (Alias name: start-ip) Start of ip range. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) type: list more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means default lease time. type: int more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) type: list more...
- ipsec_lease_hold (Alias name: ipsec-lease-hold) Dhcp over ipsec leases expire this many seconds after tunnel down (0 to disable forced-expiry). type: int more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means unlimited. type: int more...
- mac_acl_default_action (Alias name: mac-acl-default-action) Mac access control default action (allow or block assigning ip settings). type: str choices: [assign, block] more...
- netmask Netmask assigned by the dhcp server. type: str more...
- next_server (Alias name: next-server) Ip address of a server (for example, a tftp sever) that dhcp clients can download a boot file from. type: str more...
- ntp_server1 (Alias name: ntp-server1) Ntp server 1. type: str more...
- ntp_server2 (Alias name: ntp-server2) Ntp server 2. type: str more...
- ntp_server3 (Alias name: ntp-server3) Ntp server 3. type: str more...
- ntp_service (Alias name: ntp-service) Options for assigning network time protocol (ntp) servers to dhcp clients. type: str choices: [default, specify, local] more...
- option1 Option1. type: list more...
- option2 Option2. type: list more...
- option3 Option3. type: list more...
- option4 Option4. type: str more...
- option5 Option5. type: str more...
- option6 Option6. type: str more...
- options Options. type: list
more...
- code Dhcp option code. type: int more...
- id Id. type: int more...
- ip Dhcp option ips. type: list more...
- type Dhcp option type. type: str choices: [hex, string, ip, fqdn] more...
- value Dhcp option value. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) type: list more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) type: list more...
- reserved_address (Alias name: reserved-address) Reserved-address. type: list
more...
- action Options for the dhcp server to configure the client with the reserved mac address. type: str choices: [assign, block, reserved] more...
- circuit_id (Alias name: circuit-id) Option 82 circuit-id of the client that will get the reserved ip address. type: str more...
- circuit_id_type (Alias name: circuit-id-type) Dhcp option type. type: str choices: [hex, string] more...
- description Description. type: str more...
- id Id. type: int more...
- ip Ip address to be reserved for the mac address. type: str more...
- mac Mac address of the client that will get the reserved ip address. type: str more...
- remote_id (Alias name: remote-id) Option 82 remote-id of the client that will get the reserved ip address. type: str more...
- remote_id_type (Alias name: remote-id-type) Dhcp option type. type: str choices: [hex, string] more...
- type Dhcp reserved-address type. type: str choices: [mac, option82] more...
- server_type (Alias name: server-type) Dhcp server can be a normal dhcp server or an ipsec dhcp server. type: str choices: [regular, ipsec] more...
- status Enable/disable this dhcp configuration. type: str choices: [disable, enable] more...
- tftp_server (Alias name: tftp-server) One or more hostnames or ip addresses of the tftp servers in quotes separated by spaces. type: list more...
- timezone Select the time zone to be assigned to dhcp clients. type: str choices: [00, 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87] more...
- timezone_option (Alias name: timezone-option) Options for the dhcp server to set the clients time zone. type: str choices: [disable, default, specify] more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) One or more vci strings in quotes separated by spaces. type: list more...
- wifi_ac_service (Alias name: wifi-ac-service) Options for assigning wifi access controllers to dhcp clients type: str choices: [specify, local] more...
- wifi_ac1 (Alias name: wifi-ac1) Wifi access controller 1 ip address (dhcp option 138, rfc 5417). type: str more...
- wifi_ac2 (Alias name: wifi-ac2) Wifi access controller 2 ip address (dhcp option 138, rfc 5417). type: str more...
- wifi_ac3 (Alias name: wifi-ac3) Wifi access controller 3 ip address (dhcp option 138, rfc 5417). type: str more...
- wins_server1 (Alias name: wins-server1) Wins server 1. type: str more...
- wins_server2 (Alias name: wins-server2) Wins server 2. type: str more...
- relay_agent (Alias name: relay-agent) Relay agent ip. type: str more...
- shared_subnet (Alias name: shared-subnet) Enable/disable shared subnet. type: str choices: [disable, enable] more...
- interface type: dict
- ac_name (Alias name: ac-name) Pppoe server name. type: str more...
- aggregate Aggregate. type: str more...
- algorithm Frame distribution algorithm. type: str choices: [L2, L3, L4, LB, Source-MAC] more...
- alias Alias will be displayed with the interface name to make it easier to distinguish. type: str more...
- allowaccess Permitted types of management access to this interface. type: list choices: [https, ping, ssh, snmp, http, telnet, fgfm, auto-ipsec, radius-acct, probe-response, capwap, dnp, ftm, fabric, speed-test] more...
- ap_discover (Alias name: ap-discover) Enable/disable automatic registration of unknown fortiap devices. type: str choices: [disable, enable] more...
- arpforward Enable/disable arp forwarding. type: str choices: [disable, enable] more...
- atm_protocol (Alias name: atm-protocol) Atm protocol. type: str choices: [none, ipoa] more...
- auth_type (Alias name: auth-type) Ppp authentication type to use. type: str choices: [auto, pap, chap, mschapv1, mschapv2] more...
- auto_auth_extension_device (Alias name: auto-auth-extension-device) Enable/disable automatic authorization of dedicated fortinet extension device on this interface. type: str choices: [disable, enable] more...
- bandwidth_measure_time (Alias name: bandwidth-measure-time) Bandwidth measure time type: int more...
- bfd Bidirectional forwarding detection (bfd) settings. type: str choices: [global, enable, disable] more...
- bfd_desired_min_tx (Alias name: bfd-desired-min-tx) Bfd desired minimal transmit interval. type: int more...
- bfd_detect_mult (Alias name: bfd-detect-mult) Bfd detection multiplier. type: int more...
- bfd_required_min_rx (Alias name: bfd-required-min-rx) Bfd required minimal receive interval. type: int more...
- broadcast_forticlient_discovery (Alias name: broadcast-forticlient-discovery) Enable/disable broadcasting forticlient discovery messages. type: str choices: [disable, enable] more...
- broadcast_forward (Alias name: broadcast-forward) Enable/disable broadcast forwarding. type: str choices: [disable, enable] more...
- captive_portal (Alias name: captive-portal) Enable/disable captive portal. type: int more...
- cli_conn_status (Alias name: cli-conn-status) Cli-conn-status. type: int more...
- color Color of icon on the gui. type: int more...
- ddns Ddns. type: str choices: [disable, enable] more...
- ddns_auth (Alias name: ddns-auth) Ddns-auth. type: str choices: [disable, tsig] more...
- ddns_domain (Alias name: ddns-domain) Ddns-domain. type: str more...
- ddns_key (Alias name: ddns-key) Ddns-key. type: list or str more...
- ddns_keyname (Alias name: ddns-keyname) Ddns-keyname. type: str more...
- ddns_password (Alias name: ddns-password) Ddns-password. type: list more...
- ddns_server (Alias name: ddns-server) Ddns-server. type: str choices: [dhs.org, dyndns.org, dyns.net, tzo.com, ods.org, vavic.com, now.net.cn, dipdns.net, easydns.com, genericDDNS] more...
- ddns_server_ip (Alias name: ddns-server-ip) Ddns-server-ip. type: str more...
- ddns_sn (Alias name: ddns-sn) Ddns-sn. type: str more...
- ddns_ttl (Alias name: ddns-ttl) Ddns-ttl. type: int more...
- ddns_username (Alias name: ddns-username) Ddns-username. type: str more...
- ddns_zone (Alias name: ddns-zone) Ddns-zone. type: str more...
- dedicated_to (Alias name: dedicated-to) Configure interface for single purpose. type: str choices: [none, management] more...
- defaultgw Enable to get the gateway ip from the dhcp or pppoe server. type: str choices: [disable, enable] more...
- description Description. type: str more...
- detected_peer_mtu (Alias name: detected-peer-mtu) Detected-peer-mtu. type: int more...
- detectprotocol Protocols used to detect the server. type: list choices: [ping, tcp-echo, udp-echo] more...
- detectserver Gateways ping server for this ip. type: str more...
- device_access_list (Alias name: device-access-list) Device access list. type: list or str more...
- device_identification (Alias name: device-identification) Enable/disable passively gathering of device identity information about the devices on the network connected to this interface. type: str choices: [disable, enable] more...
- device_identification_active_scan (Alias name: device-identification-active-scan) Enable/disable active gathering of device identity information about the devices on the network connected to this interface. type: str choices: [disable, enable] more...
- device_netscan (Alias name: device-netscan) Enable/disable inclusion of devices detected on this interface in network vulnerability scans. type: str choices: [disable, enable] more...
- device_user_identification (Alias name: device-user-identification) Enable/disable passive gathering of user identity information about users on this interface. type: str choices: [disable, enable] more...
- devindex Devindex. type: int more...
- dhcp_client_identifier (Alias name: dhcp-client-identifier) Dhcp client identifier. type: str more...
- dhcp_relay_agent_option (Alias name: dhcp-relay-agent-option) Enable/disable dhcp relay agent option. type: str choices: [disable, enable] more...
- dhcp_relay_interface (Alias name: dhcp-relay-interface) Specify outgoing interface to reach server. type: str more...
- dhcp_relay_interface_select_method (Alias name: dhcp-relay-interface-select-method) Specify how to select outgoing interface to reach server. type: str choices: [auto, sdwan, specify] more...
- dhcp_relay_ip (Alias name: dhcp-relay-ip) Dhcp relay ip address. type: list more...
- dhcp_relay_service (Alias name: dhcp-relay-service) Enable/disable allowing this interface to act as a dhcp relay. type: str choices: [disable, enable] more...
- dhcp_relay_type (Alias name: dhcp-relay-type) Dhcp relay type (regular or ipsec). type: str choices: [regular, ipsec] more...
- dhcp_renew_time (Alias name: dhcp-renew-time) Dhcp renew time in seconds (300-604800), 0 means use the renew time provided by the server. type: int more...
- disc_retry_timeout (Alias name: disc-retry-timeout) Time in seconds to wait before retrying to start a pppoe discovery, 0 means no timeout. type: int more...
- disconnect_threshold (Alias name: disconnect-threshold) Time in milliseconds to wait before sending a notification that this interface is down or disconnected. type: int more...
- distance Distance for routes learned through pppoe or dhcp, lower distance indicates preferred route. type: int more...
- dns_query (Alias name: dns-query) Dns-query. type: str choices: [disable, recursive, non-recursive] more...
- dns_server_override (Alias name: dns-server-override) Enable/disable use dns acquired by dhcp or pppoe. type: str choices: [disable, enable] more...
- drop_fragment (Alias name: drop-fragment) Enable/disable drop fragment packets. type: str choices: [disable, enable] more...
- drop_overlapped_fragment (Alias name: drop-overlapped-fragment) Enable/disable drop overlapped fragment packets. type: str choices: [disable, enable] more...
- egress_cos (Alias name: egress-cos) Override outgoing cos in user vlan tag. type: str choices: [disable, cos0, cos1, cos2, cos3, cos4, cos5, cos6, cos7] more...
- egress_shaping_profile (Alias name: egress-shaping-profile) Outgoing traffic shaping profile. type: str more...
- eip Eip. type: str more...
- endpoint_compliance (Alias name: endpoint-compliance) Enable/disable endpoint compliance enforcement. type: str choices: [disable, enable] more...
- estimated_downstream_bandwidth (Alias name: estimated-downstream-bandwidth) Estimated maximum downstream bandwidth (kbps). type: int more...
- estimated_upstream_bandwidth (Alias name: estimated-upstream-bandwidth) Estimated maximum upstream bandwidth (kbps). type: int more...
- explicit_ftp_proxy (Alias name: explicit-ftp-proxy) Enable/disable the explicit ftp proxy on this interface. type: str choices: [disable, enable] more...
- explicit_web_proxy (Alias name: explicit-web-proxy) Enable/disable the explicit web proxy on this interface. type: str choices: [disable, enable] more...
- external Enable/disable identifying the interface as an external interface (which usually means its connected to the internet). type: str choices: [disable, enable] more...
- fail_action_on_extender (Alias name: fail-action-on-extender) Action on extender when interface fail . type: str choices: [soft-restart, hard-restart, reboot] more...
- fail_alert_interfaces (Alias name: fail-alert-interfaces) Names of the fortigate interfaces to which the link failure alert is sent. type: list or str more...
- fail_alert_method (Alias name: fail-alert-method) Select link-failed-signal or link-down method to alert about a failed link. type: str choices: [link-failed-signal, link-down] more...
- fail_detect (Alias name: fail-detect) Enable/disable fail detection features for this interface. type: str choices: [disable, enable] more...
- fail_detect_option (Alias name: fail-detect-option) Options for detecting that this interface has failed. type: list choices: [detectserver, link-down] more...
- fdp Fdp. type: str choices: [disable, enable] more...
- fortiheartbeat Enable/disable fortiheartbeat (fortitelemetry on gui). type: str choices: [disable, enable] more...
- fortilink Enable fortilink to dedicate this interface to manage other fortinet devices. type: str choices: [disable, enable] more...
- fortilink_backup_link (Alias name: fortilink-backup-link) Fortilink-backup-link. type: int more...
- fortilink_neighbor_detect (Alias name: fortilink-neighbor-detect) Protocol for fortigate neighbor discovery. type: str choices: [lldp, fortilink] more...
- fortilink_split_interface (Alias name: fortilink-split-interface) Enable/disable fortilink split interface to connect member link to different fortiswitch in stack for uplink redundancy. type: str choices: [disable, enable] more...
- fortilink_stacking (Alias name: fortilink-stacking) Enable/disable fortilink switch-stacking on this interface. type: str choices: [disable, enable] more...
- forward_domain (Alias name: forward-domain) Transparent mode forward domain. type: int more...
- forward_error_correction (Alias name: forward-error-correction) Enable/disable forward error correction (fec clause 91). type: str choices: [disable, enable, rs-fec, base-r-fec, fec-cl91, fec-cl74, rs-544, none, cl91-rs-fec, cl74-fc-fec, auto] more...
- fp_anomaly (Alias name: fp-anomaly) Fp-anomaly. type: list choices: [drop_tcp_fin_noack, pass_winnuke, pass_tcpland, pass_udpland, pass_icmpland, pass_ipland, pass_iprr, pass_ipssrr, pass_iplsrr, pass_ipstream, pass_ipsecurity, pass_iptimestamp, pass_ipunknown_option, pass_ipunknown_prot, pass_icmp_frag, pass_tcp_no_flag, pass_tcp_fin_noack, drop_winnuke, drop_tcpland, drop_udpland, drop_icmpland, drop_ipland, drop_iprr, drop_ipssrr, drop_iplsrr, drop_ipstream, drop_ipsecurity, drop_iptimestamp, drop_ipunknown_option, drop_ipunknown_prot, drop_icmp_frag, drop_tcp_no_flag] more...
- fp_disable (Alias name: fp-disable) Fp-disable. type: list choices: [all, ipsec, none] more...
- gateway_address (Alias name: gateway-address) Gateway address type: str more...
- gi_gk (Alias name: gi-gk) Enable/disable gi gatekeeper. type: str choices: [disable, enable] more...
- gwaddr Gateway address type: str more...
- gwdetect Enable/disable detect gateway alive for first. type: str choices: [disable, enable] more...
- ha_priority (Alias name: ha-priority) Ha election priority for the ping server. type: int more...
- icmp_accept_redirect (Alias name: icmp-accept-redirect) Enable/disable icmp accept redirect. type: str choices: [disable, enable] more...
- icmp_redirect (Alias name: icmp-redirect) Enable/disable icmp redirect. type: str choices: [disable, enable] more...
- icmp_send_redirect (Alias name: icmp-send-redirect) Enable/disable sending of icmp redirects. type: str choices: [disable, enable] more...
- ident_accept (Alias name: ident-accept) Enable/disable authentication for this interface. type: str choices: [disable, enable] more...
- idle_timeout (Alias name: idle-timeout) Pppoe auto disconnect after idle timeout seconds, 0 means no timeout. type: int more...
- if_mdix (Alias name: if-mdix) Interface mdix mode type: str choices: [auto, normal, crossover] more...
- if_media (Alias name: if-media) Select interface media type type: str choices: [auto, copper, fiber] more...
- in_force_vlan_cos (Alias name: in-force-vlan-cos) In-force-vlan-cos. type: int more...
- inbandwidth Bandwidth limit for incoming traffic (0 - 16776000 kbps), 0 means unlimited. type: int more...
- ingress_cos (Alias name: ingress-cos) Override incoming cos in user vlan tag on vlan interface or assign a priority vlan tag on physical interface. type: str choices: [disable, cos0, cos1, cos2, cos3, cos4, cos5, cos6, cos7] more...
- ingress_shaping_profile (Alias name: ingress-shaping-profile) Incoming traffic shaping profile. type: str more...
- ingress_spillover_threshold (Alias name: ingress-spillover-threshold) Ingress spillover threshold (0 - 16776000 kbps), 0 means unlimited. type: int more...
- internal Implicitly created. type: int more...
- ip Interface ipv4 address and subnet mask, syntax: x. type: str more...
- ip_managed_by_fortiipam (Alias name: ip-managed-by-fortiipam) Enable/disable automatic ip address assignment of this interface by fortiipam. type: str choices: [disable, enable, inherit-global] more...
- ipmac Enable/disable ip/mac binding. type: str choices: [disable, enable] more...
- ips_sniffer_mode (Alias name: ips-sniffer-mode) Enable/disable the use of this interface as a one-armed sniffer. type: str choices: [disable, enable] more...
- ipunnumbered Unnumbered ip used for pppoe interfaces for which no unique local address is provided. type: str more...
- ipv6 type: dict
- autoconf Enable/disable address auto config. type: str choices: [disable, enable] more...
- dhcp6_client_options (Alias name: dhcp6-client-options) Dhcp6-client-options. type: list choices: [rapid, iapd, iana, dns, dnsname] more...
- dhcp6_information_request (Alias name: dhcp6-information-request) Enable/disable dhcpv6 information request. type: str choices: [disable, enable] more...
- dhcp6_prefix_delegation (Alias name: dhcp6-prefix-delegation) Enable/disable dhcpv6 prefix delegation. type: str choices: [disable, enable] more...
- dhcp6_prefix_hint (Alias name: dhcp6-prefix-hint) Dhcpv6 prefix that will be used as a hint to the upstream dhcpv6 server. type: str more...
- dhcp6_prefix_hint_plt (Alias name: dhcp6-prefix-hint-plt) Dhcpv6 prefix hint preferred life time (sec), 0 means unlimited lease time. type: int more...
- dhcp6_prefix_hint_vlt (Alias name: dhcp6-prefix-hint-vlt) Dhcpv6 prefix hint valid life time (sec). type: int more...
- dhcp6_relay_ip (Alias name: dhcp6-relay-ip) Dhcpv6 relay ip address. type: str more...
- dhcp6_relay_service (Alias name: dhcp6-relay-service) Enable/disable dhcpv6 relay. type: str choices: [disable, enable] more...
- dhcp6_relay_type (Alias name: dhcp6-relay-type) Dhcpv6 relay type. type: str choices: [regular] more...
- icmp6_send_redirect (Alias name: icmp6-send-redirect) Enable/disable sending of icmpv6 redirects. type: str choices: [disable, enable] more...
- interface_identifier (Alias name: interface-identifier) Ipv6 interface identifier. type: str more...
- ip6_address (Alias name: ip6-address) Primary ipv6 address prefix, syntax: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx type: str more...
- ip6_allowaccess (Alias name: ip6-allowaccess) Allow management access to the interface. type: list choices: [https, ping, ssh, snmp, http, telnet, fgfm, capwap, fabric] more...
- ip6_default_life (Alias name: ip6-default-life) Default life (sec). type: int more...
- ip6_delegated_prefix_list (Alias name: ip6-delegated-prefix-list) Ip6-delegated-prefix-list. type: list
more...
- autonomous_flag (Alias name: autonomous-flag) Enable/disable the autonomous flag. type: str choices: [disable, enable] more...
- onlink_flag (Alias name: onlink-flag) Enable/disable the onlink flag. type: str choices: [disable, enable] more...
- prefix_id (Alias name: prefix-id) Prefix id. type: int more...
- rdnss Recursive dns server option. type: list more...
- rdnss_service (Alias name: rdnss-service) Recursive dns service option. type: str choices: [delegated, default, specify] more...
- subnet Add subnet id to routing prefix. type: str more...
- upstream_interface (Alias name: upstream-interface) Name of the interface that provides delegated information. type: str more...
- delegated_prefix_iaid (Alias name: delegated-prefix-iaid) Iaid of obtained delegated-prefix from the upstream interface. type: int more...
- ip6_dns_server_override (Alias name: ip6-dns-server-override) Enable/disable using the dns server acquired by dhcp. type: str choices: [disable, enable] more...
- ip6_extra_addr (Alias name: ip6-extra-addr) Ip6-extra-addr. type: list
more...
- prefix Ipv6 address prefix. type: str more...
- ip6_hop_limit (Alias name: ip6-hop-limit) Hop limit (0 means unspecified). type: int more...
- ip6_link_mtu (Alias name: ip6-link-mtu) Ipv6 link mtu. type: int more...
- ip6_manage_flag (Alias name: ip6-manage-flag) Enable/disable the managed flag. type: str choices: [disable, enable] more...
- ip6_max_interval (Alias name: ip6-max-interval) Ipv6 maximum interval (4 to 1800 sec). type: int more...
- ip6_min_interval (Alias name: ip6-min-interval) Ipv6 minimum interval (3 to 1350 sec). type: int more...
- ip6_mode (Alias name: ip6-mode) Addressing mode (static, dhcp, delegated). type: str choices: [static, dhcp, pppoe, delegated] more...
- ip6_other_flag (Alias name: ip6-other-flag) Enable/disable the other ipv6 flag. type: str choices: [disable, enable] more...
- ip6_prefix_list (Alias name: ip6-prefix-list) Ip6-prefix-list. type: list
more...
- autonomous_flag (Alias name: autonomous-flag) Enable/disable the autonomous flag. type: str choices: [disable, enable] more...
- dnssl Dns search list option. type: list more...
- onlink_flag (Alias name: onlink-flag) Enable/disable the onlink flag. type: str choices: [disable, enable] more...
- preferred_life_time (Alias name: preferred-life-time) Preferred life time (sec). type: int more...
- prefix Ipv6 prefix. type: str more...
- rdnss Recursive dns server option. type: list more...
- valid_life_time (Alias name: valid-life-time) Valid life time (sec). type: int more...
- ip6_reachable_time (Alias name: ip6-reachable-time) Ipv6 reachable time (milliseconds; 0 means unspecified). type: int more...
- ip6_retrans_time (Alias name: ip6-retrans-time) Ipv6 retransmit time (milliseconds; 0 means unspecified). type: int more...
- ip6_send_adv (Alias name: ip6-send-adv) Enable/disable sending advertisements about the interface. type: str choices: [disable, enable] more...
- ip6_subnet (Alias name: ip6-subnet) Subnet to routing prefix, syntax: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx type: str more...
- ip6_upstream_interface (Alias name: ip6-upstream-interface) Interface name providing delegated information. type: str more...
- nd_cert (Alias name: nd-cert) Neighbor discovery certificate. type: str more...
- nd_cga_modifier (Alias name: nd-cga-modifier) Neighbor discovery cga modifier. type: str more...
- nd_mode (Alias name: nd-mode) Neighbor discovery mode. type: str choices: [basic, SEND-compatible] more...
- nd_security_level (Alias name: nd-security-level) Neighbor discovery security level (0 - 7; 0 = least secure, default = 0). type: int more...
- nd_timestamp_delta (Alias name: nd-timestamp-delta) Neighbor discovery timestamp delta value (1 - 3600 sec; default = 300). type: int more...
- nd_timestamp_fuzz (Alias name: nd-timestamp-fuzz) Neighbor discovery timestamp fuzz factor (1 - 60 sec; default = 1). type: int more...
- unique_autoconf_addr (Alias name: unique-autoconf-addr) Enable/disable unique auto config address. type: str choices: [disable, enable] more...
- vrip6_link_local Link-local ipv6 address of virtual router. type: str more...
- vrrp_virtual_mac6 (Alias name: vrrp-virtual-mac6) Enable/disable virtual mac for vrrp. type: str choices: [disable, enable] more...
- vrrp6 Vrrp6. type: list
more...
- accept_mode (Alias name: accept-mode) Enable/disable accept mode. type: str choices: [disable, enable] more...
- adv_interval (Alias name: adv-interval) Advertisement interval (1 - 255 seconds). type: int more...
- preempt Enable/disable preempt mode. type: str choices: [disable, enable] more...
- priority Priority of the virtual router (1 - 255). type: int more...
- start_time (Alias name: start-time) Startup time (1 - 255 seconds). type: int more...
- status Enable/disable vrrp. type: str choices: [disable, enable] more...
- vrdst6 Monitor the route to this destination. type: str more...
- vrgrp Vrrp group id (1 - 65535). type: int more...
- vrid Virtual router identifier (1 - 255). type: int more...
- vrip6 Ipv6 address of the virtual router. type: str more...
- ignore_default_route (Alias name: ignore-default-route) Enable/disable ignoring of default route when checking destination. type: str choices: [disable, enable] more...
- cli_conn6_status (Alias name: cli-conn6-status) Cli-conn6-status. type: int more...
- ip6_prefix_mode (Alias name: ip6-prefix-mode) Assigning a prefix from dhcp or ra. type: str choices: [dhcp6, ra] more...
- ra_send_mtu (Alias name: ra-send-mtu) Enable/disable sending link mtu in ra packet. type: str choices: [disable, enable] more...
- ip6_delegated_prefix_iaid (Alias name: ip6-delegated-prefix-iaid) Iaid of obtained delegated-prefix from the upstream interface. type: int more...
- dhcp6_relay_source_interface (Alias name: dhcp6-relay-source-interface) Enable/disable use of address on this interface as the source address of the relay message. type: str choices: [disable, enable] more...
- dhcp6_relay_interface_id (Alias name: dhcp6-relay-interface-id) Dhcp6 relay interface id. type: str more...
- dhcp6_relay_source_ip (Alias name: dhcp6-relay-source-ip) Ipv6 address used by the dhcp6 relay as its source ip. type: str more...
- l2forward Enable/disable l2 forwarding. type: str choices: [disable, enable] more...
- l2tp_client (Alias name: l2tp-client) Enable/disable this interface as a layer 2 tunnelling protocol (l2tp) client. type: str choices: [disable, enable] more...
- lacp_ha_slave (Alias name: lacp-ha-slave) Lacp ha slave. type: str choices: [disable, enable] more...
- lacp_mode (Alias name: lacp-mode) Lacp mode. type: str choices: [static, passive, active] more...
- lacp_speed (Alias name: lacp-speed) How often the interface sends lacp messages. type: str choices: [slow, fast] more...
- lcp_echo_interval (Alias name: lcp-echo-interval) Time in seconds between pppoe link control protocol (lcp) echo requests. type: int more...
- lcp_max_echo_fails (Alias name: lcp-max-echo-fails) Maximum missed lcp echo messages before disconnect. type: int more...
- link_up_delay (Alias name: link-up-delay) Number of milliseconds to wait before considering a link is up. type: int more...
- listen_forticlient_connection (Alias name: listen-forticlient-connection) Listen-forticlient-connection. type: str choices: [disable, enable] more...
- lldp_network_policy (Alias name: lldp-network-policy) Lldp-med network policy profile. type: str more...
- lldp_reception (Alias name: lldp-reception) Enable/disable link layer discovery protocol (lldp) reception. type: str choices: [disable, enable, vdom] more...
- lldp_transmission (Alias name: lldp-transmission) Enable/disable link layer discovery protocol (lldp) transmission. type: str choices: [enable, disable, vdom] more...
- log Log. type: str choices: [disable, enable] more...
- macaddr Change the interfaces mac address. type: str more...
- managed_subnetwork_size (Alias name: managed-subnetwork-size) Number of ip addresses to be allocated by fortiipam and used by this fortigate units dhcp server settings. type: str choices: [256, 512, 1024, 2048, 4096, 8192, 16384, 32768, 65536, 32, 64, 128] more...
- management_ip (Alias name: management-ip) High availability in-band management ip address of this interface. type: str more...
- max_egress_burst_rate (Alias name: max-egress-burst-rate) Max egress burst rate (kbits per sec). type: int more...
- max_egress_rate (Alias name: max-egress-rate) Max egress rate (kbits per sec). type: int more...
- measured_downstream_bandwidth (Alias name: measured-downstream-bandwidth) Measured downstream bandwidth (kbps). type: int more...
- measured_upstream_bandwidth (Alias name: measured-upstream-bandwidth) Measured upstream bandwidth (kbps). type: int more...
- mediatype Select sfp media interface type type: str choices: [serdes-sfp, sgmii-sfp, cfp2-sr10, cfp2-lr4, serdes-copper-sfp, sr, cr, lr, qsfp28-sr4, qsfp28-lr4, qsfp28-cr4, sr4, cr4, lr4, none, gmii, sgmii, sr2, lr2, cr2, sr8, lr8, cr8] more...
- member Physical interfaces that belong to the aggregate or redundant interface. type: list or str more...
- min_links (Alias name: min-links) Minimum number of aggregated ports that must be up. type: int more...
- min_links_down (Alias name: min-links-down) Action to take when less than the configured minimum number of links are active. type: str choices: [operational, administrative] more...
- mode Addressing mode (static, dhcp, pppoe). type: str choices: [static, dhcp, pppoe, pppoa, ipoa, eoa] more...
- monitor_bandwidth (Alias name: monitor-bandwidth) Enable monitoring bandwidth on this interface. type: str choices: [disable, enable] more...
- mtu Mtu value for this interface. type: int more...
- mtu_override (Alias name: mtu-override) Enable to set a custom mtu for this interface. type: str choices: [disable, enable] more...
- mux_type (Alias name: mux-type) Multiplexer type type: str choices: [llc-encaps, vc-encaps] more...
- name Name. type: str more...
- ndiscforward Enable/disable ndisc forwarding. type: str choices: [disable, enable] more...
- netbios_forward (Alias name: netbios-forward) Enable/disable netbios forwarding. type: str choices: [disable, enable] more...
- netflow_sampler (Alias name: netflow-sampler) Enable/disable netflow on this interface and set the data that netflow collects (rx, tx, or both). type: str choices: [disable, tx, rx, both] more...
- np_qos_profile (Alias name: np-qos-profile) Np qos profile id. type: int more...
- npu_fastpath (Alias name: npu-fastpath) Npu-fastpath. type: str choices: [disable, enable] more...
- nst Nst. type: str choices: [disable, enable] more...
- out_force_vlan_cos (Alias name: out-force-vlan-cos) Out-force-vlan-cos. type: int more...
- outbandwidth Bandwidth limit for outgoing traffic (0 - 16776000 kbps), 0 means unlimited. type: int more...
- padt_retry_timeout (Alias name: padt-retry-timeout) Pppoe active discovery terminate (padt) used to terminate sessions after an idle time. type: int more...
- password Pppoe accounts password. type: list more...
- peer_interface (Alias name: peer-interface) Peer-interface. type: list or str more...
- phy_mode (Alias name: phy-mode) Dsl physical mode. type: str choices: [auto, adsl, vdsl, adsl-auto, vdsl2, adsl2+, adsl2, g.dmt, t1.413, g.lite] more...
- ping_serv_status (Alias name: ping-serv-status) Ping-serv-status. type: int more...
- poe Enable/disable poe status. type: str choices: [disable, enable] more...
- polling_interval (Alias name: polling-interval) Sflow polling interval (1 - 255 sec). type: int more...
- pppoe_unnumbered_negotiate (Alias name: pppoe-unnumbered-negotiate) Enable/disable pppoe unnumbered negotiation. type: str choices: [disable, enable] more...
- pptp_auth_type (Alias name: pptp-auth-type) Pptp authentication type. type: str choices: [auto, pap, chap, mschapv1, mschapv2] more...
- pptp_client (Alias name: pptp-client) Enable/disable pptp client. type: str choices: [disable, enable] more...
- pptp_password (Alias name: pptp-password) Pptp password. type: list more...
- pptp_server_ip (Alias name: pptp-server-ip) Pptp server ip address. type: str more...
- pptp_timeout (Alias name: pptp-timeout) Idle timer in minutes (0 for disabled). type: int more...
- pptp_user (Alias name: pptp-user) Pptp user name. type: str more...
- preserve_session_route (Alias name: preserve-session-route) Enable/disable preservation of session route when dirty. type: str choices: [disable, enable] more...
- priority Priority of learned routes. type: int more...
- priority_override (Alias name: priority-override) Enable/disable fail back to higher priority port once recovered. type: str choices: [disable, enable] more...
- proxy_captive_portal (Alias name: proxy-captive-portal) Enable/disable proxy captive portal on this interface. type: str choices: [disable, enable] more...
- redundant_interface (Alias name: redundant-interface) Redundant-interface. type: str more...
- remote_ip (Alias name: remote-ip) Remote ip address of tunnel. type: str more...
- replacemsg_override_group (Alias name: replacemsg-override-group) Replacement message override group. type: str more...
- retransmission Enable/disable dsl retransmission. type: str choices: [disable, enable] more...
- ring_rx (Alias name: ring-rx) Rx ring size. type: int more...
- ring_tx (Alias name: ring-tx) Tx ring size. type: int more...
- role Interface role. type: str choices: [lan, wan, dmz, undefined] more...
- sample_direction (Alias name: sample-direction) Data that netflow collects (rx, tx, or both). type: str choices: [rx, tx, both] more...
- sample_rate (Alias name: sample-rate) Sflow sample rate (10 - 99999). type: int more...
- scan_botnet_connections (Alias name: scan-botnet-connections) Enable monitoring or blocking connections to botnet servers through this interface. type: str choices: [disable, block, monitor] more...
- secondary_IP (Alias name: secondary-IP) Enable/disable adding a secondary ip to this interface. type: str choices: [disable, enable] more...
- secondaryip Secondaryip. type: list
more...
- allowaccess Management access settings for the secondary ip address. type: list choices: [https, ping, ssh, snmp, http, telnet, fgfm, auto-ipsec, radius-acct, probe-response, capwap, dnp, ftm, fabric, speed-test] more...
- detectprotocol Protocols used to detect the server. type: list choices: [ping, tcp-echo, udp-echo] more...
- detectserver Gateways ping server for this ip. type: str more...
- gwdetect Enable/disable detect gateway alive for first. type: str choices: [disable, enable] more...
- ha_priority (Alias name: ha-priority) Ha election priority for the ping server. type: int more...
- id Id. type: int more...
- ip Secondary ip address of the interface. type: str more...
- ping_serv_status (Alias name: ping-serv-status) Ping-serv-status. type: int more...
- seq Seq. type: int more...
- secip_relay_ip (Alias name: secip-relay-ip) Dhcp relay ip address. type: str more...
- security_8021x_dynamic_vlan_id (Alias name: security-8021x-dynamic-vlan-id) Vlan id for virtual switch. type: int more...
- security_8021x_master (Alias name: security-8021x-master) 802. type: str more...
- security_8021x_mode (Alias name: security-8021x-mode) 802. type: str choices: [default, dynamic-vlan, fallback, slave] more...
- security_exempt_list (Alias name: security-exempt-list) Name of security-exempt-list. type: str more...
- security_external_logout (Alias name: security-external-logout) Url of external authentication logout server. type: str more...
- security_external_web (Alias name: security-external-web) Url of external authentication web server. type: str more...
- security_groups (Alias name: security-groups) User groups that can authenticate with the captive portal. type: list or str more...
- security_mac_auth_bypass (Alias name: security-mac-auth-bypass) Enable/disable mac authentication bypass. type: str choices: [disable, enable, mac-auth-only] more...
- security_mode (Alias name: security-mode) Turn on captive portal authentication for this interface. type: str choices: [none, captive-portal, 802.1X] more...
- security_redirect_url (Alias name: security-redirect-url) Url redirection after disclaimer/authentication. type: str more...
- service_name (Alias name: service-name) Pppoe service name. type: str more...
- sflow_sampler (Alias name: sflow-sampler) Enable/disable sflow on this interface. type: str choices: [disable, enable] more...
- speed Interface speed. type: str choices: [auto, 10full, 10half, 100full, 100half, 1000full, 1000half, 10000full, 1000auto, 10000auto, 40000full, 100Gfull, 25000full, 40000auto, 25000auto, 100Gauto, 400Gfull, 400Gauto, 50000full, 2500auto, 5000auto, 50000auto, 200Gfull, 200Gauto, 100auto] more...
- spillover_threshold (Alias name: spillover-threshold) Egress spillover threshold (0 - 16776000 kbps), 0 means unlimited. type: int more...
- src_check (Alias name: src-check) Enable/disable source ip check. type: str choices: [disable, enable] more...
- status Bring the interface up or shut the interface down. type: str choices: [down, up] more...
- stp Enable/disable stp. type: str choices: [disable, enable] more...
- stp_ha_slave (Alias name: stp-ha-slave) Control stp behaviour on ha slave. type: str choices: [disable, enable, priority-adjust] more...
- stpforward Enable/disable stp forwarding. type: str choices: [disable, enable] more...
- stpforward_mode (Alias name: stpforward-mode) Configure stp forwarding mode. type: str choices: [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing] more...
- strip_priority_vlan_tag (Alias name: strip-priority-vlan-tag) Strip-priority-vlan-tag. type: str choices: [disable, enable] more...
- subst Enable to always send packets from this interface to a destination mac address. type: str choices: [disable, enable] more...
- substitute_dst_mac (Alias name: substitute-dst-mac) Destination mac address that all packets are sent to from this interface. type: str more...
- swc_first_create (Alias name: swc-first-create) Initial create for switch-controller vlans. type: int more...
- swc_vlan (Alias name: swc-vlan) Swc-vlan. type: int more...
- switch Switch. type: str more...
- switch_controller_access_vlan (Alias name: switch-controller-access-vlan) Block fortiswitch port-to-port traffic. type: str choices: [disable, enable] more...
- switch_controller_arp_inspection (Alias name: switch-controller-arp-inspection) Enable/disable fortiswitch arp inspection. type: str choices: [disable, enable] more...
- switch_controller_auth (Alias name: switch-controller-auth) Switch controller authentication. type: str choices: [radius, usergroup] more...
- switch_controller_dhcp_snooping (Alias name: switch-controller-dhcp-snooping) Switch controller dhcp snooping. type: str choices: [disable, enable] more...
- switch_controller_dhcp_snooping_option82 (Alias name: switch-controller-dhcp-snooping-option82) Switch controller dhcp snooping option82. type: str choices: [disable, enable] more...
- switch_controller_dhcp_snooping_verify_mac (Alias name: switch-controller-dhcp-snooping-verify-mac) Switch controller dhcp snooping verify mac. type: str choices: [disable, enable] more...
- switch_controller_feature (Alias name: switch-controller-feature) Interfaces purpose when assigning traffic (read only). type: str choices: [none, default-vlan, quarantine, sniffer, voice, camera, rspan, video, nac, nac-segment] more...
- switch_controller_igmp_snooping (Alias name: switch-controller-igmp-snooping) Switch controller igmp snooping. type: str choices: [disable, enable] more...
- switch_controller_igmp_snooping_fast_leave (Alias name: switch-controller-igmp-snooping-fast-leave) Switch controller igmp snooping fast-leave. type: str choices: [disable, enable] more...
- switch_controller_igmp_snooping_proxy (Alias name: switch-controller-igmp-snooping-proxy) Switch controller igmp snooping proxy. type: str choices: [disable, enable] more...
- switch_controller_iot_scanning (Alias name: switch-controller-iot-scanning) Enable/disable managed fortiswitch iot scanning. type: str choices: [disable, enable] more...
- switch_controller_learning_limit (Alias name: switch-controller-learning-limit) Limit the number of dynamic mac addresses on this vlan (1 - 128, 0 = no limit, default). type: int more...
- switch_controller_mgmt_vlan (Alias name: switch-controller-mgmt-vlan) Vlan to use for fortilink management purposes. type: int more...
- switch_controller_nac (Alias name: switch-controller-nac) Integrated nac settings for managed fortiswitch. type: str more...
- switch_controller_radius_server (Alias name: switch-controller-radius-server) Radius server name for this fortiswitch vlan. type: str more...
- switch_controller_rspan_mode (Alias name: switch-controller-rspan-mode) Stop layer2 mac learning and interception of bpdus and other packets on this interface. type: str choices: [disable, enable] more...
- switch_controller_source_ip (Alias name: switch-controller-source-ip) Source ip address used in fortilink over l3 connections. type: str choices: [outbound, fixed] more...
- switch_controller_traffic_policy (Alias name: switch-controller-traffic-policy) Switch controller traffic policy for the vlan. type: str more...
- tc_mode (Alias name: tc-mode) Dsl transfer mode. type: str choices: [ptm, atm] more...
- tcp_mss (Alias name: tcp-mss) Tcp maximum segment size. type: int more...
- trunk Enable/disable vlan trunk. type: str choices: [disable, enable] more...
- trust_ip_1 (Alias name: trust-ip-1) Trusted host for dedicated management traffic (0. type: str more...
- trust_ip_2 (Alias name: trust-ip-2) Trusted host for dedicated management traffic (0. type: str more...
- trust_ip_3 (Alias name: trust-ip-3) Trusted host for dedicated management traffic (0. type: str more...
- trust_ip6_1 (Alias name: trust-ip6-1) Trusted ipv6 host for dedicated management traffic (::/0 for all hosts). type: str more...
- trust_ip6_2 (Alias name: trust-ip6-2) Trusted ipv6 host for dedicated management traffic (::/0 for all hosts). type: str more...
- trust_ip6_3 (Alias name: trust-ip6-3) Trusted ipv6 host for dedicated management traffic (::/0 for all hosts). type: str more...
- type Interface type. type: str choices: [physical, vlan, aggregate, redundant, tunnel, wireless, vdom-link, loopback, switch, hard-switch, hdlc, vap-switch, wl-mesh, fortilink, switch-vlan, fctrl-trunk, tdm, fext-wan, vxlan, emac-vlan, geneve, ssl, lan-extension] more...
- username Username of the pppoe account, provided by your isp. type: str more...
- vci Virtual channel id type: int more...
- vectoring Enable/disable dsl vectoring. type: str choices: [disable, enable] more...
- vindex Vindex. type: int more...
- vlan_protocol (Alias name: vlan-protocol) Ethernet protocol of vlan. type: str choices: [8021q, 8021ad] more...
- vlanforward Enable/disable traffic forwarding between vlans on this interface. type: str choices: [disable, enable] more...
- vlanid Vlan id (1 - 4094). type: int more...
- vpi Virtual path id type: int more...
- vrf Virtual routing forwarding id. type: int more...
- vrrp Vrrp. type: list
more...
- accept_mode (Alias name: accept-mode) Enable/disable accept mode. type: str choices: [disable, enable] more...
- adv_interval (Alias name: adv-interval) Advertisement interval (1 - 255 seconds). type: int more...
- ignore_default_route (Alias name: ignore-default-route) Enable/disable ignoring of default route when checking destination. type: str choices: [disable, enable] more...
- preempt Enable/disable preempt mode. type: str choices: [disable, enable] more...
- priority Priority of the virtual router (1 - 255). type: int more...
- start_time (Alias name: start-time) Startup time (1 - 255 seconds). type: int more...
- status Enable/disable this vrrp configuration. type: str choices: [disable, enable] more...
- version Vrrp version. type: str choices: [2, 3] more...
- vrdst Monitor the route to this destination. type: list more...
- vrdst_priority (Alias name: vrdst-priority) Priority of the virtual router when the virtual router destination becomes unreachable (0 - 254). type: int more...
- vrgrp Vrrp group id (1 - 65535). type: int more...
- vrid Virtual router identifier (1 - 255). type: int more...
- vrip Ip address of the virtual router. type: str more...
- proxy_arp (Alias name: proxy-arp) type: list more...
- vrrp_virtual_mac (Alias name: vrrp-virtual-mac) Enable/disable use of virtual mac for vrrp. type: str choices: [disable, enable] more...
- wccp Enable/disable wccp on this interface. type: str choices: [disable, enable] more...
- weight Default weight for static routes (if route has no weight configured). type: int more...
- wifi_5g_threshold (Alias name: wifi-5g-threshold) Minimal signal strength to be considered as a good 5g ap. type: str more...
- wifi_acl (Alias name: wifi-acl) Access control for mac addresses in the mac list. type: str choices: [deny, allow] more...
- wifi_ap_band (Alias name: wifi-ap-band) How to select the ap to connect. type: str choices: [any, 5g-preferred, 5g-only] more...
- wifi_auth (Alias name: wifi-auth) Wifi authentication. type: str choices: [PSK, RADIUS, radius, usergroup] more...
- wifi_auto_connect (Alias name: wifi-auto-connect) Enable/disable wifi network auto connect. type: str choices: [disable, enable] more...
- wifi_auto_save (Alias name: wifi-auto-save) Enable/disable wifi network automatic save. type: str choices: [disable, enable] more...
- wifi_broadcast_ssid (Alias name: wifi-broadcast-ssid) Enable/disable ssid broadcast in the beacon. type: str choices: [disable, enable] more...
- wifi_encrypt (Alias name: wifi-encrypt) Data encryption. type: str choices: [TKIP, AES] more...
- wifi_fragment_threshold (Alias name: wifi-fragment-threshold) Wifi fragment threshold (800 - 2346). type: int more...
- wifi_key (Alias name: wifi-key) Wifi wep key. type: list more...
- wifi_keyindex (Alias name: wifi-keyindex) Wep key index (1 - 4). type: int more...
- wifi_mac_filter (Alias name: wifi-mac-filter) Enable/disable mac filter status. type: str choices: [disable, enable] more...
- wifi_passphrase (Alias name: wifi-passphrase) Wifi pre-shared key for wpa. type: list more...
- wifi_radius_server (Alias name: wifi-radius-server) Wifi radius server for wpa. type: str more...
- wifi_rts_threshold (Alias name: wifi-rts-threshold) Wifi rts threshold (256 - 2346). type: int more...
- wifi_security (Alias name: wifi-security) Wireless access security of ssid. type: str choices: [None, WEP64, wep64, WEP128, wep128, WPA_PSK, WPA_RADIUS, WPA, WPA2, WPA2_AUTO, open, wpa-personal, wpa-enterprise, wpa-only-personal, wpa-only-enterprise, wpa2-only-personal, wpa2-only-enterprise] more...
- wifi_ssid (Alias name: wifi-ssid) Ieee 802. type: str more...
- wifi_usergroup (Alias name: wifi-usergroup) Wifi user group for wpa. type: str more...
- wins_ip (Alias name: wins-ip) Wins server ip. type: str more...
- dhcp_relay_request_all_server (Alias name: dhcp-relay-request-all-server) Enable/disable sending of dhcp requests to all servers. type: str choices: [disable, enable] more...
- stp_ha_secondary (Alias name: stp-ha-secondary) Control stp behaviour on ha secondary. type: str choices: [disable, enable, priority-adjust] more...
- switch_controller_dynamic (Alias name: switch-controller-dynamic) Integrated fortilink settings for managed fortiswitch. type: str more...
- auth_cert (Alias name: auth-cert) Https server certificate. type: str more...
- auth_portal_addr (Alias name: auth-portal-addr) Address of captive portal. type: str more...
- dhcp_classless_route_addition (Alias name: dhcp-classless-route-addition) Enable/disable addition of classless static routes retrieved from dhcp server. type: str choices: [disable, enable] more...
- dhcp_relay_link_selection (Alias name: dhcp-relay-link-selection) Dhcp relay link selection. type: str more...
- dns_server_protocol (Alias name: dns-server-protocol) type: list choices: [cleartext, dot, doh] more...
- eap_ca_cert (Alias name: eap-ca-cert) Eap ca certificate name. type: str more...
- eap_identity (Alias name: eap-identity) Eap identity. type: str more...
- eap_method (Alias name: eap-method) Eap method. type: str choices: [tls, peap] more...
- eap_password (Alias name: eap-password) type: list more...
- eap_supplicant (Alias name: eap-supplicant) Enable/disable eap-supplicant. type: str choices: [disable, enable] more...
- eap_user_cert (Alias name: eap-user-cert) Eap user certificate name. type: str more...
- ike_saml_server (Alias name: ike-saml-server) Configure ike authentication saml server. type: str more...
- lacp_ha_secondary (Alias name: lacp-ha-secondary) type: str choices: [disable, enable] more...
- pvc_atm_qos (Alias name: pvc-atm-qos) Sfp-dsl adsl fallback pvc atm qos. type: str choices: [cbr, rt-vbr, nrt-vbr, ubr] more...
- pvc_chan (Alias name: pvc-chan) Sfp-dsl adsl fallback pvc channel. type: int more...
- pvc_crc (Alias name: pvc-crc) Sfp-dsl adsl fallback pvc crc option: bit0: sar llc preserve, bit1: ream llc preserve, bit2: ream vc-mux has crc. type: int more...
- pvc_pcr (Alias name: pvc-pcr) Sfp-dsl adsl fallback pvc packet cell rate in cells (0 - 5500). type: int more...
- pvc_scr (Alias name: pvc-scr) Sfp-dsl adsl fallback pvc sustainable cell rate in cells (0 - 5500). type: int more...
- pvc_vlan_id (Alias name: pvc-vlan-id) Sfp-dsl adsl fallback pvc vlan id. type: int more...
- pvc_vlan_rx_id (Alias name: pvc-vlan-rx-id) Sfp-dsl adsl fallback pvc vlanid rx. type: int more...
- pvc_vlan_rx_op (Alias name: pvc-vlan-rx-op) Sfp-dsl adsl fallback pvc vlan rx op. type: str choices: [pass-through, replace, remove] more...
- pvc_vlan_tx_id (Alias name: pvc-vlan-tx-id) Sfp-dsl adsl fallback pvc vlan id tx. type: int more...
- pvc_vlan_tx_op (Alias name: pvc-vlan-tx-op) Sfp-dsl adsl fallback pvc vlan tx op. type: str choices: [pass-through, replace, remove] more...
- reachable_time (Alias name: reachable-time) Ipv4 reachable time in milliseconds (30000 - 3600000, default = 30000). type: int more...
- select_profile_30a_35b (Alias name: select-profile-30a-35b) Select vdsl profile 30a or 35b. type: str choices: [30A, 35B] more...
- sfp_dsl (Alias name: sfp-dsl) Enable/disable sfp dsl. type: str choices: [disable, enable] more...
- sfp_dsl_adsl_fallback (Alias name: sfp-dsl-adsl-fallback) Enable/disable sfp dsl adsl fallback. type: str choices: [disable, enable] more...
- sfp_dsl_autodetect (Alias name: sfp-dsl-autodetect) Enable/disable sfp dsl mac address autodetect. type: str choices: [disable, enable] more...
- sfp_dsl_mac (Alias name: sfp-dsl-mac) Sfp dsl mac address. type: str more...
- sw_algorithm (Alias name: sw-algorithm) Frame distribution algorithm for switch. type: str choices: [l2, l3, eh] more...
- system_id (Alias name: system-id) Define a system id for the aggregate interface. type: str more...
- system_id_type (Alias name: system-id-type) Method in which system id is generated. type: str choices: [auto, user] more...
- vlan_id (Alias name: vlan-id) Vlan id type: int more...
- vlan_op_mode (Alias name: vlan-op-mode) Configure dsl 802. type: str choices: [tag, untag, passthrough] more...
- generic_receive_offload (Alias name: generic-receive-offload) type: str choices: [disable, enable] more...
- interconnect_profile (Alias name: interconnect-profile) Set interconnect profile. type: str choices: [default, profile1, profile2] more...
- large_receive_offload (Alias name: large-receive-offload) type: str choices: [disable, enable] more...
- annex Set xdsl annex type. type: str choices: [a, b, j, bjm, i, al, m, aijlm, bj] more...
- aggregate_type (Alias name: aggregate-type) Type of aggregation. type: str choices: [physical, vxlan] more...
- switch_controller_netflow_collect (Alias name: switch-controller-netflow-collect) Netflow collection and processing. type: str choices: [disable, enable] more...
- wifi_dns_server1 (Alias name: wifi-dns-server1) Dns server 1. type: str more...
- wifi_dns_server2 (Alias name: wifi-dns-server2) Dns server 2. type: str more...
- wifi_gateway (Alias name: wifi-gateway) Ipv4 default gateway ip address. type: str more...
- default_purdue_level (Alias name: default-purdue-level) Default purdue level of device detected on this interface. type: str choices: [1, 2, 3, 4, 5, 1.5, 2.5, 3.5, 5.5] more...
- dhcp_broadcast_flag (Alias name: dhcp-broadcast-flag) Enable/disable setting of the broadcast flag in messages sent by the dhcp client (default = enable). type: str choices: [disable, enable] more...
- dhcp_smart_relay (Alias name: dhcp-smart-relay) Enable/disable dhcp smart relay. type: str choices: [disable, enable] more...
- switch_controller_offloading (Alias name: switch-controller-offloading) type: str choices: [disable, enable] more...
- switch_controller_offloading_gw (Alias name: switch-controller-offloading-gw) type: str choices: [disable, enable] more...
- switch_controller_offloading_ip (Alias name: switch-controller-offloading-ip) type: str more...
- dhcp_relay_circuit_id (Alias name: dhcp-relay-circuit-id) Dhcp relay circuit id. type: str more...
- dhcp_relay_source_ip (Alias name: dhcp-relay-source-ip) Ip address used by the dhcp relay as its source ip. type: str more...
- switch_controller_offload (Alias name: switch-controller-offload) Enable/disable managed fortiswitch routing offload. type: str choices: [disable, enable] more...
- switch_controller_offload_gw (Alias name: switch-controller-offload-gw) Enable/disable managed fortiswitch routing offload gateway. type: str choices: [disable, enable] more...
- switch_controller_offload_ip (Alias name: switch-controller-offload-ip) Ip for routing offload on fortiswitch. type: str more...
- mirroring_direction (Alias name: mirroring-direction) Port mirroring direction. type: str choices: [rx, tx, both] more...
- mirroring_port (Alias name: mirroring-port) Mirroring port. type: str more...
- port_mirroring (Alias name: port-mirroring) Enable/disable np port mirroring. type: str choices: [disable, enable] more...
- security_8021x_member_mode (Alias name: security-8021x-member-mode) 802. type: str choices: [disable, switch] more...
- stp_edge (Alias name: stp-edge) Enable/disable as stp edge port. type: str choices: [disable, enable] more...
Notes
Note
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state: present directive.
To delete an object, use state: absent directive
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Fsp vlan
fortinet.fortimanager.fmgr_fsp_vlan:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
adom: <your own value>
state: present # <value in [present, absent]>
fsp_vlan:
_dhcp_status: <value in [disable, enable]>
auth: <value in [radius, usergroup]>
color: <integer>
comments: <string>
dynamic_mapping:
-
_dhcp_status: <value in [disable, enable]>
_scope:
-
name: <string>
vdom: <string>
dhcp_server:
auto_configuration: <value in [disable, enable]>
auto_managed_status: <value in [disable, enable]>
conflicted_ip_timeout: <integer>
ddns_auth: <value in [disable, tsig]>
ddns_key: <list or string>
ddns_keyname: <string>
ddns_server_ip: <string>
ddns_ttl: <integer>
ddns_update: <value in [disable, enable]>
ddns_update_override: <value in [disable, enable]>
ddns_zone: <string>
default_gateway: <string>
dhcp_settings_from_fortiipam: <value in [disable, enable]>
dns_server1: <string>
dns_server2: <string>
dns_server3: <string>
dns_server4: <string>
dns_service: <value in [default, specify, local]>
domain: <string>
enable: <value in [disable, enable]>
exclude_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
lease_time: <integer>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
filename: <string>
forticlient_on_net_status: <value in [disable, enable]>
id: <integer>
ip_mode: <value in [range, usrgrp]>
ip_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
lease_time: <integer>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
ipsec_lease_hold: <integer>
lease_time: <integer>
mac_acl_default_action: <value in [assign, block]>
netmask: <string>
next_server: <string>
ntp_server1: <string>
ntp_server2: <string>
ntp_server3: <string>
ntp_service: <value in [default, specify, local]>
option1: <list or string>
option2: <list or string>
option3: <list or string>
option4: <string>
option5: <string>
option6: <string>
options:
-
code: <integer>
id: <integer>
ip: <list or string>
type: <value in [hex, string, ip, ...]>
value: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
reserved_address:
-
action: <value in [assign, block, reserved]>
circuit_id: <string>
circuit_id_type: <value in [hex, string]>
description: <string>
id: <integer>
ip: <string>
mac: <string>
remote_id: <string>
remote_id_type: <value in [hex, string]>
type: <value in [mac, option82]>
server_type: <value in [regular, ipsec]>
status: <value in [disable, enable]>
tftp_server: <list or string>
timezone: <value in [00, 01, 02, ...]>
timezone_option: <value in [disable, default, specify]>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
wifi_ac_service: <value in [specify, local]>
wifi_ac1: <string>
wifi_ac2: <string>
wifi_ac3: <string>
wins_server1: <string>
wins_server2: <string>
relay_agent: <string>
shared_subnet: <value in [disable, enable]>
interface:
dhcp_relay_agent_option: <value in [disable, enable]>
dhcp_relay_ip: <list or string>
dhcp_relay_service: <value in [disable, enable]>
dhcp_relay_type: <value in [regular, ipsec]>
ip: <string>
ipv6:
autoconf: <value in [disable, enable]>
dhcp6_client_options:
- rapid
- iapd
- iana
- dns
- dnsname
dhcp6_information_request: <value in [disable, enable]>
dhcp6_prefix_delegation: <value in [disable, enable]>
dhcp6_prefix_hint: <string>
dhcp6_prefix_hint_plt: <integer>
dhcp6_prefix_hint_vlt: <integer>
dhcp6_relay_ip: <string>
dhcp6_relay_service: <value in [disable, enable]>
dhcp6_relay_type: <value in [regular]>
icmp6_send_redirect: <value in [disable, enable]>
interface_identifier: <string>
ip6_address: <string>
ip6_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- capwap
- fabric
ip6_default_life: <integer>
ip6_delegated_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
onlink_flag: <value in [disable, enable]>
prefix_id: <integer>
rdnss: <list or string>
rdnss_service: <value in [delegated, default, specify]>
subnet: <string>
upstream_interface: <string>
delegated_prefix_iaid: <integer>
ip6_dns_server_override: <value in [disable, enable]>
ip6_extra_addr:
-
prefix: <string>
ip6_hop_limit: <integer>
ip6_link_mtu: <integer>
ip6_manage_flag: <value in [disable, enable]>
ip6_max_interval: <integer>
ip6_min_interval: <integer>
ip6_mode: <value in [static, dhcp, pppoe, ...]>
ip6_other_flag: <value in [disable, enable]>
ip6_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
dnssl: <list or string>
onlink_flag: <value in [disable, enable]>
preferred_life_time: <integer>
prefix: <string>
rdnss: <list or string>
valid_life_time: <integer>
ip6_reachable_time: <integer>
ip6_retrans_time: <integer>
ip6_send_adv: <value in [disable, enable]>
ip6_subnet: <string>
ip6_upstream_interface: <string>
nd_cert: <string>
nd_cga_modifier: <string>
nd_mode: <value in [basic, SEND-compatible]>
nd_security_level: <integer>
nd_timestamp_delta: <integer>
nd_timestamp_fuzz: <integer>
unique_autoconf_addr: <value in [disable, enable]>
vrip6_link_local: <string>
vrrp_virtual_mac6: <value in [disable, enable]>
vrrp6:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
preempt: <value in [disable, enable]>
priority: <integer>
start_time: <integer>
status: <value in [disable, enable]>
vrdst6: <string>
vrgrp: <integer>
vrid: <integer>
vrip6: <string>
ignore_default_route: <value in [disable, enable]>
cli_conn6_status: <integer>
ip6_prefix_mode: <value in [dhcp6, ra]>
ra_send_mtu: <value in [disable, enable]>
ip6_delegated_prefix_iaid: <integer>
dhcp6_relay_source_interface: <value in [disable, enable]>
dhcp6_relay_interface_id: <string>
dhcp6_relay_source_ip: <string>
secondary_IP: <value in [disable, enable]>
secondaryip:
-
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <string>
gwdetect: <value in [disable, enable]>
ha_priority: <integer>
id: <integer>
ip: <string>
ping_serv_status: <integer>
seq: <integer>
secip_relay_ip: <string>
vlanid: <integer>
dhcp_relay_interface_select_method: <value in [auto, sdwan, specify]>
vrrp:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
ignore_default_route: <value in [disable, enable]>
preempt: <value in [disable, enable]>
priority: <integer>
proxy_arp:
-
id: <integer>
ip: <string>
start_time: <integer>
status: <value in [disable, enable]>
version: <value in [2, 3]>
vrdst: <list or string>
vrdst_priority: <integer>
vrgrp: <integer>
vrid: <integer>
vrip: <string>
name: <string>
portal_message_override_group: <string>
radius_server: <string>
security: <value in [open, captive-portal, 8021x]>
selected_usergroups: <string>
usergroup: <string>
vdom: <string>
vlanid: <integer>
dhcp_server:
auto_configuration: <value in [disable, enable]>
auto_managed_status: <value in [disable, enable]>
conflicted_ip_timeout: <integer>
ddns_auth: <value in [disable, tsig]>
ddns_key: <list or string>
ddns_keyname: <string>
ddns_server_ip: <string>
ddns_ttl: <integer>
ddns_update: <value in [disable, enable]>
ddns_update_override: <value in [disable, enable]>
ddns_zone: <string>
default_gateway: <string>
dhcp_settings_from_fortiipam: <value in [disable, enable]>
dns_server1: <string>
dns_server2: <string>
dns_server3: <string>
dns_server4: <string>
dns_service: <value in [default, specify, local]>
domain: <string>
enable: <value in [disable, enable]>
exclude_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
lease_time: <integer>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
filename: <string>
forticlient_on_net_status: <value in [disable, enable]>
id: <integer>
ip_mode: <value in [range, usrgrp]>
ip_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
lease_time: <integer>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
ipsec_lease_hold: <integer>
lease_time: <integer>
mac_acl_default_action: <value in [assign, block]>
netmask: <string>
next_server: <string>
ntp_server1: <string>
ntp_server2: <string>
ntp_server3: <string>
ntp_service: <value in [default, specify, local]>
option1: <list or string>
option2: <list or string>
option3: <list or string>
option4: <string>
option5: <string>
option6: <string>
options:
-
code: <integer>
id: <integer>
ip: <list or string>
type: <value in [hex, string, ip, ...]>
value: <string>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
uci_match: <value in [disable, enable]>
uci_string: <list or string>
reserved_address:
-
action: <value in [assign, block, reserved]>
circuit_id: <string>
circuit_id_type: <value in [hex, string]>
description: <string>
id: <integer>
ip: <string>
mac: <string>
remote_id: <string>
remote_id_type: <value in [hex, string]>
type: <value in [mac, option82]>
server_type: <value in [regular, ipsec]>
status: <value in [disable, enable]>
tftp_server: <list or string>
timezone: <value in [00, 01, 02, ...]>
timezone_option: <value in [disable, default, specify]>
vci_match: <value in [disable, enable]>
vci_string: <list or string>
wifi_ac_service: <value in [specify, local]>
wifi_ac1: <string>
wifi_ac2: <string>
wifi_ac3: <string>
wins_server1: <string>
wins_server2: <string>
relay_agent: <string>
shared_subnet: <value in [disable, enable]>
interface:
ac_name: <string>
aggregate: <string>
algorithm: <value in [L2, L3, L4, ...]>
alias: <string>
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
ap_discover: <value in [disable, enable]>
arpforward: <value in [disable, enable]>
atm_protocol: <value in [none, ipoa]>
auth_type: <value in [auto, pap, chap, ...]>
auto_auth_extension_device: <value in [disable, enable]>
bandwidth_measure_time: <integer>
bfd: <value in [global, enable, disable]>
bfd_desired_min_tx: <integer>
bfd_detect_mult: <integer>
bfd_required_min_rx: <integer>
broadcast_forticlient_discovery: <value in [disable, enable]>
broadcast_forward: <value in [disable, enable]>
captive_portal: <integer>
cli_conn_status: <integer>
color: <integer>
ddns: <value in [disable, enable]>
ddns_auth: <value in [disable, tsig]>
ddns_domain: <string>
ddns_key: <list or string>
ddns_keyname: <string>
ddns_password: <list or string>
ddns_server: <value in [dhs.org, dyndns.org, dyns.net, ...]>
ddns_server_ip: <string>
ddns_sn: <string>
ddns_ttl: <integer>
ddns_username: <string>
ddns_zone: <string>
dedicated_to: <value in [none, management]>
defaultgw: <value in [disable, enable]>
description: <string>
detected_peer_mtu: <integer>
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <string>
device_access_list: <list or string>
device_identification: <value in [disable, enable]>
device_identification_active_scan: <value in [disable, enable]>
device_netscan: <value in [disable, enable]>
device_user_identification: <value in [disable, enable]>
devindex: <integer>
dhcp_client_identifier: <string>
dhcp_relay_agent_option: <value in [disable, enable]>
dhcp_relay_interface: <string>
dhcp_relay_interface_select_method: <value in [auto, sdwan, specify]>
dhcp_relay_ip: <list or string>
dhcp_relay_service: <value in [disable, enable]>
dhcp_relay_type: <value in [regular, ipsec]>
dhcp_renew_time: <integer>
disc_retry_timeout: <integer>
disconnect_threshold: <integer>
distance: <integer>
dns_query: <value in [disable, recursive, non-recursive]>
dns_server_override: <value in [disable, enable]>
drop_fragment: <value in [disable, enable]>
drop_overlapped_fragment: <value in [disable, enable]>
egress_cos: <value in [disable, cos0, cos1, ...]>
egress_shaping_profile: <string>
eip: <string>
endpoint_compliance: <value in [disable, enable]>
estimated_downstream_bandwidth: <integer>
estimated_upstream_bandwidth: <integer>
explicit_ftp_proxy: <value in [disable, enable]>
explicit_web_proxy: <value in [disable, enable]>
external: <value in [disable, enable]>
fail_action_on_extender: <value in [soft-restart, hard-restart, reboot]>
fail_alert_interfaces: <list or string>
fail_alert_method: <value in [link-failed-signal, link-down]>
fail_detect: <value in [disable, enable]>
fail_detect_option:
- detectserver
- link-down
fdp: <value in [disable, enable]>
fortiheartbeat: <value in [disable, enable]>
fortilink: <value in [disable, enable]>
fortilink_backup_link: <integer>
fortilink_neighbor_detect: <value in [lldp, fortilink]>
fortilink_split_interface: <value in [disable, enable]>
fortilink_stacking: <value in [disable, enable]>
forward_domain: <integer>
forward_error_correction: <value in [disable, enable, rs-fec, ...]>
fp_anomaly:
- drop_tcp_fin_noack
- pass_winnuke
- pass_tcpland
- pass_udpland
- pass_icmpland
- pass_ipland
- pass_iprr
- pass_ipssrr
- pass_iplsrr
- pass_ipstream
- pass_ipsecurity
- pass_iptimestamp
- pass_ipunknown_option
- pass_ipunknown_prot
- pass_icmp_frag
- pass_tcp_no_flag
- pass_tcp_fin_noack
- drop_winnuke
- drop_tcpland
- drop_udpland
- drop_icmpland
- drop_ipland
- drop_iprr
- drop_ipssrr
- drop_iplsrr
- drop_ipstream
- drop_ipsecurity
- drop_iptimestamp
- drop_ipunknown_option
- drop_ipunknown_prot
- drop_icmp_frag
- drop_tcp_no_flag
fp_disable:
- all
- ipsec
- none
gateway_address: <string>
gi_gk: <value in [disable, enable]>
gwaddr: <string>
gwdetect: <value in [disable, enable]>
ha_priority: <integer>
icmp_accept_redirect: <value in [disable, enable]>
icmp_redirect: <value in [disable, enable]>
icmp_send_redirect: <value in [disable, enable]>
ident_accept: <value in [disable, enable]>
idle_timeout: <integer>
if_mdix: <value in [auto, normal, crossover]>
if_media: <value in [auto, copper, fiber]>
in_force_vlan_cos: <integer>
inbandwidth: <integer>
ingress_cos: <value in [disable, cos0, cos1, ...]>
ingress_shaping_profile: <string>
ingress_spillover_threshold: <integer>
internal: <integer>
ip: <string>
ip_managed_by_fortiipam: <value in [disable, enable, inherit-global]>
ipmac: <value in [disable, enable]>
ips_sniffer_mode: <value in [disable, enable]>
ipunnumbered: <string>
ipv6:
autoconf: <value in [disable, enable]>
dhcp6_client_options:
- rapid
- iapd
- iana
- dns
- dnsname
dhcp6_information_request: <value in [disable, enable]>
dhcp6_prefix_delegation: <value in [disable, enable]>
dhcp6_prefix_hint: <string>
dhcp6_prefix_hint_plt: <integer>
dhcp6_prefix_hint_vlt: <integer>
dhcp6_relay_ip: <string>
dhcp6_relay_service: <value in [disable, enable]>
dhcp6_relay_type: <value in [regular]>
icmp6_send_redirect: <value in [disable, enable]>
interface_identifier: <string>
ip6_address: <string>
ip6_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- capwap
- fabric
ip6_default_life: <integer>
ip6_delegated_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
onlink_flag: <value in [disable, enable]>
prefix_id: <integer>
rdnss: <list or string>
rdnss_service: <value in [delegated, default, specify]>
subnet: <string>
upstream_interface: <string>
delegated_prefix_iaid: <integer>
ip6_dns_server_override: <value in [disable, enable]>
ip6_extra_addr:
-
prefix: <string>
ip6_hop_limit: <integer>
ip6_link_mtu: <integer>
ip6_manage_flag: <value in [disable, enable]>
ip6_max_interval: <integer>
ip6_min_interval: <integer>
ip6_mode: <value in [static, dhcp, pppoe, ...]>
ip6_other_flag: <value in [disable, enable]>
ip6_prefix_list:
-
autonomous_flag: <value in [disable, enable]>
dnssl: <list or string>
onlink_flag: <value in [disable, enable]>
preferred_life_time: <integer>
prefix: <string>
rdnss: <list or string>
valid_life_time: <integer>
ip6_reachable_time: <integer>
ip6_retrans_time: <integer>
ip6_send_adv: <value in [disable, enable]>
ip6_subnet: <string>
ip6_upstream_interface: <string>
nd_cert: <string>
nd_cga_modifier: <string>
nd_mode: <value in [basic, SEND-compatible]>
nd_security_level: <integer>
nd_timestamp_delta: <integer>
nd_timestamp_fuzz: <integer>
unique_autoconf_addr: <value in [disable, enable]>
vrip6_link_local: <string>
vrrp_virtual_mac6: <value in [disable, enable]>
vrrp6:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
preempt: <value in [disable, enable]>
priority: <integer>
start_time: <integer>
status: <value in [disable, enable]>
vrdst6: <string>
vrgrp: <integer>
vrid: <integer>
vrip6: <string>
ignore_default_route: <value in [disable, enable]>
cli_conn6_status: <integer>
ip6_prefix_mode: <value in [dhcp6, ra]>
ra_send_mtu: <value in [disable, enable]>
ip6_delegated_prefix_iaid: <integer>
dhcp6_relay_source_interface: <value in [disable, enable]>
dhcp6_relay_interface_id: <string>
dhcp6_relay_source_ip: <string>
l2forward: <value in [disable, enable]>
l2tp_client: <value in [disable, enable]>
lacp_ha_slave: <value in [disable, enable]>
lacp_mode: <value in [static, passive, active]>
lacp_speed: <value in [slow, fast]>
lcp_echo_interval: <integer>
lcp_max_echo_fails: <integer>
link_up_delay: <integer>
listen_forticlient_connection: <value in [disable, enable]>
lldp_network_policy: <string>
lldp_reception: <value in [disable, enable, vdom]>
lldp_transmission: <value in [enable, disable, vdom]>
log: <value in [disable, enable]>
macaddr: <string>
managed_subnetwork_size: <value in [256, 512, 1024, ...]>
management_ip: <string>
max_egress_burst_rate: <integer>
max_egress_rate: <integer>
measured_downstream_bandwidth: <integer>
measured_upstream_bandwidth: <integer>
mediatype: <value in [serdes-sfp, sgmii-sfp, cfp2-sr10, ...]>
member: <list or string>
min_links: <integer>
min_links_down: <value in [operational, administrative]>
mode: <value in [static, dhcp, pppoe, ...]>
monitor_bandwidth: <value in [disable, enable]>
mtu: <integer>
mtu_override: <value in [disable, enable]>
mux_type: <value in [llc-encaps, vc-encaps]>
name: <string>
ndiscforward: <value in [disable, enable]>
netbios_forward: <value in [disable, enable]>
netflow_sampler: <value in [disable, tx, rx, ...]>
np_qos_profile: <integer>
npu_fastpath: <value in [disable, enable]>
nst: <value in [disable, enable]>
out_force_vlan_cos: <integer>
outbandwidth: <integer>
padt_retry_timeout: <integer>
password: <list or string>
peer_interface: <list or string>
phy_mode: <value in [auto, adsl, vdsl, ...]>
ping_serv_status: <integer>
poe: <value in [disable, enable]>
polling_interval: <integer>
pppoe_unnumbered_negotiate: <value in [disable, enable]>
pptp_auth_type: <value in [auto, pap, chap, ...]>
pptp_client: <value in [disable, enable]>
pptp_password: <list or string>
pptp_server_ip: <string>
pptp_timeout: <integer>
pptp_user: <string>
preserve_session_route: <value in [disable, enable]>
priority: <integer>
priority_override: <value in [disable, enable]>
proxy_captive_portal: <value in [disable, enable]>
redundant_interface: <string>
remote_ip: <string>
replacemsg_override_group: <string>
retransmission: <value in [disable, enable]>
ring_rx: <integer>
ring_tx: <integer>
role: <value in [lan, wan, dmz, ...]>
sample_direction: <value in [rx, tx, both]>
sample_rate: <integer>
scan_botnet_connections: <value in [disable, block, monitor]>
secondary_IP: <value in [disable, enable]>
secondaryip:
-
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <string>
gwdetect: <value in [disable, enable]>
ha_priority: <integer>
id: <integer>
ip: <string>
ping_serv_status: <integer>
seq: <integer>
secip_relay_ip: <string>
security_8021x_dynamic_vlan_id: <integer>
security_8021x_master: <string>
security_8021x_mode: <value in [default, dynamic-vlan, fallback, ...]>
security_exempt_list: <string>
security_external_logout: <string>
security_external_web: <string>
security_groups: <list or string>
security_mac_auth_bypass: <value in [disable, enable, mac-auth-only]>
security_mode: <value in [none, captive-portal, 802.1X]>
security_redirect_url: <string>
service_name: <string>
sflow_sampler: <value in [disable, enable]>
speed: <value in [auto, 10full, 10half, ...]>
spillover_threshold: <integer>
src_check: <value in [disable, enable]>
status: <value in [down, up]>
stp: <value in [disable, enable]>
stp_ha_slave: <value in [disable, enable, priority-adjust]>
stpforward: <value in [disable, enable]>
stpforward_mode: <value in [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]>
strip_priority_vlan_tag: <value in [disable, enable]>
subst: <value in [disable, enable]>
substitute_dst_mac: <string>
swc_first_create: <integer>
swc_vlan: <integer>
switch: <string>
switch_controller_access_vlan: <value in [disable, enable]>
switch_controller_arp_inspection: <value in [disable, enable]>
switch_controller_auth: <value in [radius, usergroup]>
switch_controller_dhcp_snooping: <value in [disable, enable]>
switch_controller_dhcp_snooping_option82: <value in [disable, enable]>
switch_controller_dhcp_snooping_verify_mac: <value in [disable, enable]>
switch_controller_feature: <value in [none, default-vlan, quarantine, ...]>
switch_controller_igmp_snooping: <value in [disable, enable]>
switch_controller_igmp_snooping_fast_leave: <value in [disable, enable]>
switch_controller_igmp_snooping_proxy: <value in [disable, enable]>
switch_controller_iot_scanning: <value in [disable, enable]>
switch_controller_learning_limit: <integer>
switch_controller_mgmt_vlan: <integer>
switch_controller_nac: <string>
switch_controller_radius_server: <string>
switch_controller_rspan_mode: <value in [disable, enable]>
switch_controller_source_ip: <value in [outbound, fixed]>
switch_controller_traffic_policy: <string>
tc_mode: <value in [ptm, atm]>
tcp_mss: <integer>
trunk: <value in [disable, enable]>
trust_ip_1: <string>
trust_ip_2: <string>
trust_ip_3: <string>
trust_ip6_1: <string>
trust_ip6_2: <string>
trust_ip6_3: <string>
type: <value in [physical, vlan, aggregate, ...]>
username: <string>
vci: <integer>
vectoring: <value in [disable, enable]>
vindex: <integer>
vlan_protocol: <value in [8021q, 8021ad]>
vlanforward: <value in [disable, enable]>
vlanid: <integer>
vpi: <integer>
vrf: <integer>
vrrp:
-
accept_mode: <value in [disable, enable]>
adv_interval: <integer>
ignore_default_route: <value in [disable, enable]>
preempt: <value in [disable, enable]>
priority: <integer>
start_time: <integer>
status: <value in [disable, enable]>
version: <value in [2, 3]>
vrdst: <list or string>
vrdst_priority: <integer>
vrgrp: <integer>
vrid: <integer>
vrip: <string>
proxy_arp:
-
id: <integer>
ip: <string>
vrrp_virtual_mac: <value in [disable, enable]>
wccp: <value in [disable, enable]>
weight: <integer>
wifi_5g_threshold: <string>
wifi_acl: <value in [deny, allow]>
wifi_ap_band: <value in [any, 5g-preferred, 5g-only]>
wifi_auth: <value in [PSK, RADIUS, radius, ...]>
wifi_auto_connect: <value in [disable, enable]>
wifi_auto_save: <value in [disable, enable]>
wifi_broadcast_ssid: <value in [disable, enable]>
wifi_encrypt: <value in [TKIP, AES]>
wifi_fragment_threshold: <integer>
wifi_key: <list or string>
wifi_keyindex: <integer>
wifi_mac_filter: <value in [disable, enable]>
wifi_passphrase: <list or string>
wifi_radius_server: <string>
wifi_rts_threshold: <integer>
wifi_security: <value in [None, WEP64, wep64, ...]>
wifi_ssid: <string>
wifi_usergroup: <string>
wins_ip: <string>
dhcp_relay_request_all_server: <value in [disable, enable]>
stp_ha_secondary: <value in [disable, enable, priority-adjust]>
switch_controller_dynamic: <string>
auth_cert: <string>
auth_portal_addr: <string>
dhcp_classless_route_addition: <value in [disable, enable]>
dhcp_relay_link_selection: <string>
dns_server_protocol:
- cleartext
- dot
- doh
eap_ca_cert: <string>
eap_identity: <string>
eap_method: <value in [tls, peap]>
eap_password: <list or string>
eap_supplicant: <value in [disable, enable]>
eap_user_cert: <string>
ike_saml_server: <string>
lacp_ha_secondary: <value in [disable, enable]>
pvc_atm_qos: <value in [cbr, rt-vbr, nrt-vbr, ...]>
pvc_chan: <integer>
pvc_crc: <integer>
pvc_pcr: <integer>
pvc_scr: <integer>
pvc_vlan_id: <integer>
pvc_vlan_rx_id: <integer>
pvc_vlan_rx_op: <value in [pass-through, replace, remove]>
pvc_vlan_tx_id: <integer>
pvc_vlan_tx_op: <value in [pass-through, replace, remove]>
reachable_time: <integer>
select_profile_30a_35b: <value in [30A, 35B]>
sfp_dsl: <value in [disable, enable]>
sfp_dsl_adsl_fallback: <value in [disable, enable]>
sfp_dsl_autodetect: <value in [disable, enable]>
sfp_dsl_mac: <string>
sw_algorithm: <value in [l2, l3, eh]>
system_id: <string>
system_id_type: <value in [auto, user]>
vlan_id: <integer>
vlan_op_mode: <value in [tag, untag, passthrough]>
generic_receive_offload: <value in [disable, enable]>
interconnect_profile: <value in [default, profile1, profile2]>
large_receive_offload: <value in [disable, enable]>
annex: <value in [a, b, j, ...]>
aggregate_type: <value in [physical, vxlan]>
switch_controller_netflow_collect: <value in [disable, enable]>
wifi_dns_server1: <string>
wifi_dns_server2: <string>
wifi_gateway: <string>
default_purdue_level: <value in [1, 2, 3, ...]>
dhcp_broadcast_flag: <value in [disable, enable]>
dhcp_smart_relay: <value in [disable, enable]>
switch_controller_offloading: <value in [disable, enable]>
switch_controller_offloading_gw: <value in [disable, enable]>
switch_controller_offloading_ip: <string>
dhcp_relay_circuit_id: <string>
dhcp_relay_source_ip: <string>
switch_controller_offload: <value in [disable, enable]>
switch_controller_offload_gw: <value in [disable, enable]>
switch_controller_offload_ip: <string>
mirroring_direction: <value in [rx, tx, both]>
mirroring_port: <string>
port_mirroring: <value in [disable, enable]>
security_8021x_member_mode: <value in [disable, switch]>
stp_edge: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- meta - The result of the request.returned: always type: dict
- request_url - The full url requested. returned: always type: str sample: /sys/login/user
- response_code - The status of api request. returned: always type: int sample: 0
- response_data - The data body of the api response. returned: optional type: list or dict
- response_message - The descriptive message of the api response. returned: always type: str sample: OK
- system_information - The information of the target system. returned: always type: dict
- rc - The status the request. returned: always type: int sample: 0
- version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status
This module is not guaranteed to have a backwards compatible interface.