ansible / ansible.builtin / v2.7.10 / module / meraki_mr_l3_firewall Manage MR access point layer 3 firewalls in the Meraki cloud | "added in version" 2.7 of ansible.builtin" Authors: Kevin Breit (@kbreit) preview | supported by communityansible.builtin.meraki_mr_l3_firewall (v2.7.10) — module
pip
Install with pip install ansible==2.7.10
Allows for creation, management, and visibility into layer 3 firewalls implemented on Meraki MR access points.
- name: Create single firewall rule meraki_mr_l3_firewall: auth_key: abc123 state: present org_name: YourOrg net_id: 12345 number: 1 rules: - comment: Integration test rule policy: allow protocol: tcp dest_port: 80 dest_cidr: 192.0.2.0/24 allow_lan_access: no delegate_to: localhost
- name: Enable local LAN access meraki_mr_l3_firewall: auth_key: abc123 state: present org_name: YourOrg net_id: 123 number: 1 rules: allow_lan_access: yes delegate_to: localhost
- name: Query firewall rules meraki_mr_l3_firewall: auth_key: abc123 state: query org_name: YourOrg net_name: YourNet number: 1 delegate_to: localhost
host: default: api.meraki.com description: - Hostname for Meraki dashboard. - Can be used to access regional Meraki environments, such as China. type: str rules: description: - List of firewall rules. suboptions: comment: description: - Optional comment describing the firewall rule. dest_cidr: description: - Comma separated list of CIDR notation networks to match. dest_port: description: - Comma separated list of destination ports to match. policy: choices: - allow - deny description: - Specifies the action that should be taken when rule is hit. protocol: choices: - any - icmp - tcp - udp description: - Specifies protocol to match against. state: choices: - present - query default: present description: - Create or modify an organization. net_id: description: - ID of network containing access points. number: aliases: - ssid_number description: - Number of SSID to apply firewall rule to. org_id: description: - ID of organization. type: str timeout: default: 30 description: - Time to timeout for HTTP requests. type: int auth_key: description: - Authentication key provided by the dashboard. Required if environmental variable C(MERAKI_KEY) is not set. required: true type: str net_name: description: - Name of network containing access points. org_name: aliases: - organization description: - Name of organization. type: str ssid_name: aliases: - ssid description: - Name of SSID to apply firewall rule to. use_https: default: true description: - If C(no), it will use HTTP. Otherwise it will use HTTPS. - Only useful for internal Meraki developers. type: bool use_proxy: default: false description: - If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts. type: bool output_level: choices: - debug - normal default: normal description: - Set amount of debug output during module execution. type: str output_format: choices: - snakecase - camelcase default: snakecase description: - Instructs module whether response keys should be snake case (ex. C(net_id)) or camel case (ex. C(netId)). type: str validate_certs: default: true description: - Whether to validate HTTP certificates. type: bool allow_lan_access: default: true description: - Sets whether devices can talk to other devices on the same LAN. type: bool rate_limit_retry_time: default: 165 description: - Number of seconds to retry if rate limiter is triggered. type: int internal_error_retry_time: default: 60 description: - Number of seconds to retry if server returns an internal server error. type: int