Try Spotterno description
| "added in version" 1.0.0 of chillancezen.fortimanager"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install chillancezen.fortimanager:==2.1.6
collections:
- name: chillancezen.fortimanager
version: 2.1.6This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: no description
fmgr_fsp_vlan_interface:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
vlan: <your own value>
fsp_vlan_interface:
ac-name: <value of string>
aggregate: <value of string>
algorithm: <value in [L2, L3, L4, ...]>
alias: <value of string>
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
ap-discover: <value in [disable, enable]>
arpforward: <value in [disable, enable]>
atm-protocol: <value in [none, ipoa]>
auth-type: <value in [auto, pap, chap, ...]>
auto-auth-extension-device: <value in [disable, enable]>
bfd: <value in [global, enable, disable]>
bfd-desired-min-tx: <value of integer>
bfd-detect-mult: <value of integer>
bfd-required-min-rx: <value of integer>
broadcast-forticlient-discovery: <value in [disable, enable]>
broadcast-forward: <value in [disable, enable]>
captive-portal: <value of integer>
cli-conn-status: <value of integer>
color: <value of integer>
ddns: <value in [disable, enable]>
ddns-auth: <value in [disable, tsig]>
ddns-domain: <value of string>
ddns-key: <value of string>
ddns-keyname: <value of string>
ddns-password: <value of string>
ddns-server: <value in [dhs.org, dyndns.org, dyns.net, ...]>
ddns-server-ip: <value of string>
ddns-sn: <value of string>
ddns-ttl: <value of integer>
ddns-username: <value of string>
ddns-zone: <value of string>
dedicated-to: <value in [none, management]>
defaultgw: <value in [disable, enable]>
description: <value of string>
detected-peer-mtu: <value of integer>
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <value of string>
device-access-list: <value of string>
device-identification: <value in [disable, enable]>
device-identification-active-scan: <value in [disable, enable]>
device-netscan: <value in [disable, enable]>
device-user-identification: <value in [disable, enable]>
devindex: <value of integer>
dhcp-client-identifier: <value of string>
dhcp-relay-agent-option: <value in [disable, enable]>
dhcp-relay-ip: <value of string>
dhcp-relay-service: <value in [disable, enable]>
dhcp-relay-type: <value in [regular, ipsec]>
dhcp-renew-time: <value of integer>
disc-retry-timeout: <value of integer>
disconnect-threshold: <value of integer>
distance: <value of integer>
dns-query: <value in [disable, recursive, non-recursive]>
dns-server-override: <value in [disable, enable]>
drop-fragment: <value in [disable, enable]>
drop-overlapped-fragment: <value in [disable, enable]>
egress-cos: <value in [disable, cos0, cos1, ...]>
egress-shaping-profile: <value of string>
endpoint-compliance: <value in [disable, enable]>
estimated-downstream-bandwidth: <value of integer>
estimated-upstream-bandwidth: <value of integer>
explicit-ftp-proxy: <value in [disable, enable]>
explicit-web-proxy: <value in [disable, enable]>
external: <value in [disable, enable]>
fail-action-on-extender: <value in [soft-restart, hard-restart, reboot]>
fail-alert-interfaces: <value of string>
fail-alert-method: <value in [link-failed-signal, link-down]>
fail-detect: <value in [disable, enable]>
fail-detect-option:
- detectserver
- link-down
fdp: <value in [disable, enable]>
fortiheartbeat: <value in [disable, enable]>
fortilink: <value in [disable, enable]>
fortilink-backup-link: <value of integer>
fortilink-split-interface: <value in [disable, enable]>
fortilink-stacking: <value in [disable, enable]>
forward-domain: <value of integer>
forward-error-correction: <value in [disable, enable, rs-fec, ...]>
fp-anomaly:
- drop_tcp_fin_noack
- pass_winnuke
- pass_tcpland
- pass_udpland
- pass_icmpland
- pass_ipland
- pass_iprr
- pass_ipssrr
- pass_iplsrr
- pass_ipstream
- pass_ipsecurity
- pass_iptimestamp
- pass_ipunknown_option
- pass_ipunknown_prot
- pass_icmp_frag
- pass_tcp_no_flag
- pass_tcp_fin_noack
- drop_winnuke
- drop_tcpland
- drop_udpland
- drop_icmpland
- drop_ipland
- drop_iprr
- drop_ipssrr
- drop_iplsrr
- drop_ipstream
- drop_ipsecurity
- drop_iptimestamp
- drop_ipunknown_option
- drop_ipunknown_prot
- drop_icmp_frag
- drop_tcp_no_flag
fp-disable:
- all
- ipsec
- none
gateway-address: <value of string>
gi-gk: <value in [disable, enable]>
gwaddr: <value of string>
gwdetect: <value in [disable, enable]>
ha-priority: <value of integer>
icmp-accept-redirect: <value in [disable, enable]>
icmp-redirect: <value in [disable, enable]>
icmp-send-redirect: <value in [disable, enable]>
ident-accept: <value in [disable, enable]>
idle-timeout: <value of integer>
if-mdix: <value in [auto, normal, crossover]>
if-media: <value in [auto, copper, fiber]>
in-force-vlan-cos: <value of integer>
inbandwidth: <value of integer>
ingress-cos: <value in [disable, cos0, cos1, ...]>
ingress-spillover-threshold: <value of integer>
internal: <value of integer>
ip: <value of string>
ipmac: <value in [disable, enable]>
ips-sniffer-mode: <value in [disable, enable]>
ipunnumbered: <value of string>
ipv6:
autoconf: <value in [disable, enable]>
dhcp6-client-options:
- rapid
- iapd
- iana
- dns
- dnsname
dhcp6-information-request: <value in [disable, enable]>
dhcp6-prefix-delegation: <value in [disable, enable]>
dhcp6-prefix-hint: <value of string>
dhcp6-prefix-hint-plt: <value of integer>
dhcp6-prefix-hint-vlt: <value of integer>
dhcp6-relay-ip: <value of string>
dhcp6-relay-service: <value in [disable, enable]>
dhcp6-relay-type: <value in [regular]>
ip6-address: <value of string>
ip6-allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- capwap
- fabric
ip6-default-life: <value of integer>
ip6-dns-server-override: <value in [disable, enable]>
ip6-hop-limit: <value of integer>
ip6-link-mtu: <value of integer>
ip6-manage-flag: <value in [disable, enable]>
ip6-max-interval: <value of integer>
ip6-min-interval: <value of integer>
ip6-mode: <value in [static, dhcp, pppoe, ...]>
ip6-other-flag: <value in [disable, enable]>
ip6-reachable-time: <value of integer>
ip6-retrans-time: <value of integer>
ip6-send-adv: <value in [disable, enable]>
ip6-subnet: <value of string>
ip6-upstream-interface: <value of string>
nd-cert: <value of string>
nd-cga-modifier: <value of string>
nd-mode: <value in [basic, SEND-compatible]>
nd-security-level: <value of integer>
nd-timestamp-delta: <value of integer>
nd-timestamp-fuzz: <value of integer>
vrip6_link_local: <value of string>
vrrp-virtual-mac6: <value in [disable, enable]>
ip6-delegated-prefix-list:
-
autonomous-flag: <value in [disable, enable]>
onlink-flag: <value in [disable, enable]>
prefix-id: <value of integer>
rdnss: <value of string>
rdnss-service: <value in [delegated, default, specify]>
subnet: <value of string>
upstream-interface: <value of string>
delegated-prefix-iaid: <value of integer>
ip6-extra-addr:
-
prefix: <value of string>
ip6-prefix-list:
-
autonomous-flag: <value in [disable, enable]>
dnssl: <value of string>
onlink-flag: <value in [disable, enable]>
preferred-life-time: <value of integer>
prefix: <value of string>
rdnss: <value of string>
valid-life-time: <value of integer>
vrrp6:
-
accept-mode: <value in [disable, enable]>
adv-interval: <value of integer>
preempt: <value in [disable, enable]>
priority: <value of integer>
start-time: <value of integer>
status: <value in [disable, enable]>
vrdst6: <value of string>
vrgrp: <value of integer>
vrid: <value of integer>
vrip6: <value of string>
interface-identifier: <value of string>
unique-autoconf-addr: <value in [disable, enable]>
icmp6-send-redirect: <value in [disable, enable]>
cli-conn6-status: <value of integer>
ip6-prefix-mode: <value in [dhcp6, ra]>
ra-send-mtu: <value in [disable, enable]>
ip6-delegated-prefix-iaid: <value of integer>
l2forward: <value in [disable, enable]>
l2tp-client: <value in [disable, enable]>
lacp-ha-slave: <value in [disable, enable]>
lacp-mode: <value in [static, passive, active]>
lacp-speed: <value in [slow, fast]>
lcp-echo-interval: <value of integer>
lcp-max-echo-fails: <value of integer>
link-up-delay: <value of integer>
listen-forticlient-connection: <value in [disable, enable]>
lldp-network-policy: <value of string>
lldp-reception: <value in [disable, enable, vdom]>
lldp-transmission: <value in [enable, disable, vdom]>
log: <value in [disable, enable]>
macaddr: <value of string>
management-ip: <value of string>
max-egress-burst-rate: <value of integer>
max-egress-rate: <value of integer>
mediatype: <value in [serdes-sfp, sgmii-sfp, cfp2-sr10, ...]>
member: <value of string>
min-links: <value of integer>
min-links-down: <value in [operational, administrative]>
mode: <value in [static, dhcp, pppoe, ...]>
mtu: <value of integer>
mtu-override: <value in [disable, enable]>
mux-type: <value in [llc-encaps, vc-encaps]>
name: <value of string>
ndiscforward: <value in [disable, enable]>
netbios-forward: <value in [disable, enable]>
netflow-sampler: <value in [disable, tx, rx, ...]>
npu-fastpath: <value in [disable, enable]>
nst: <value in [disable, enable]>
out-force-vlan-cos: <value of integer>
outbandwidth: <value of integer>
padt-retry-timeout: <value of integer>
password: <value of string>
peer-interface: <value of string>
phy-mode: <value in [auto, adsl, vdsl, ...]>
ping-serv-status: <value of integer>
poe: <value in [disable, enable]>
polling-interval: <value of integer>
pppoe-unnumbered-negotiate: <value in [disable, enable]>
pptp-auth-type: <value in [auto, pap, chap, ...]>
pptp-client: <value in [disable, enable]>
pptp-password: <value of string>
pptp-server-ip: <value of string>
pptp-timeout: <value of integer>
pptp-user: <value of string>
preserve-session-route: <value in [disable, enable]>
priority: <value of integer>
priority-override: <value in [disable, enable]>
proxy-captive-portal: <value in [disable, enable]>
redundant-interface: <value of string>
remote-ip: <value of string>
replacemsg-override-group: <value of string>
retransmission: <value in [disable, enable]>
role: <value in [lan, wan, dmz, ...]>
sample-direction: <value in [rx, tx, both]>
sample-rate: <value of integer>
scan-botnet-connections: <value in [disable, block, monitor]>
secondary-IP: <value in [disable, enable]>
secondaryip:
-
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <value of string>
gwdetect: <value in [disable, enable]>
ha-priority: <value of integer>
id: <value of integer>
ip: <value of string>
ping-serv-status: <value of integer>
seq: <value of integer>
security-8021x-dynamic-vlan-id: <value of integer>
security-8021x-master: <value of string>
security-8021x-mode: <value in [default, dynamic-vlan, fallback, ...]>
security-exempt-list: <value of string>
security-external-logout: <value of string>
security-external-web: <value of string>
security-groups: <value of string>
security-mac-auth-bypass: <value in [disable, enable, mac-auth-only]>
security-mode: <value in [none, captive-portal, 802.1X]>
security-redirect-url: <value of string>
service-name: <value of string>
sflow-sampler: <value in [disable, enable]>
speed: <value in [auto, 10full, 10half, ...]>
spillover-threshold: <value of integer>
src-check: <value in [disable, enable]>
status: <value in [down, up]>
stp: <value in [disable, enable]>
stp-ha-slave: <value in [disable, enable, priority-adjust]>
stpforward: <value in [disable, enable]>
stpforward-mode: <value in [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]>
strip-priority-vlan-tag: <value in [disable, enable]>
subst: <value in [disable, enable]>
substitute-dst-mac: <value of string>
switch: <value of string>
switch-controller-access-vlan: <value in [disable, enable]>
switch-controller-arp-inspection: <value in [disable, enable]>
switch-controller-auth: <value in [radius, usergroup]>
switch-controller-dhcp-snooping: <value in [disable, enable]>
switch-controller-dhcp-snooping-option82: <value in [disable, enable]>
switch-controller-dhcp-snooping-verify-mac: <value in [disable, enable]>
switch-controller-igmp-snooping: <value in [disable, enable]>
switch-controller-learning-limit: <value of integer>
switch-controller-radius-server: <value of string>
switch-controller-traffic-policy: <value of string>
tc-mode: <value in [ptm, atm]>
tcp-mss: <value of integer>
trunk: <value in [disable, enable]>
trust-ip-1: <value of string>
trust-ip-2: <value of string>
trust-ip-3: <value of string>
trust-ip6-1: <value of string>
trust-ip6-2: <value of string>
trust-ip6-3: <value of string>
type: <value in [physical, vlan, aggregate, ...]>
username: <value of string>
vci: <value of integer>
vectoring: <value in [disable, enable]>
vindex: <value of integer>
vlanforward: <value in [disable, enable]>
vlanid: <value of integer>
vpi: <value of integer>
vrf: <value of integer>
vrrp:
-
accept-mode: <value in [disable, enable]>
adv-interval: <value of integer>
ignore-default-route: <value in [disable, enable]>
preempt: <value in [disable, enable]>
priority: <value of integer>
start-time: <value of integer>
status: <value in [disable, enable]>
version: <value in [2, 3]>
vrdst: <value of string>
vrdst-priority: <value of integer>
vrgrp: <value of integer>
vrid: <value of integer>
vrip: <value of string>
vrrp-virtual-mac: <value in [disable, enable]>
wccp: <value in [disable, enable]>
weight: <value of integer>
wifi-5g-threshold: <value of string>
wifi-acl: <value in [deny, allow]>
wifi-ap-band: <value in [any, 5g-preferred, 5g-only]>
wifi-auth: <value in [PSK, RADIUS, radius, ...]>
wifi-auto-connect: <value in [disable, enable]>
wifi-auto-save: <value in [disable, enable]>
wifi-broadcast-ssid: <value in [disable, enable]>
wifi-encrypt: <value in [TKIP, AES]>
wifi-fragment-threshold: <value of integer>
wifi-key: <value of string>
wifi-keyindex: <value of integer>
wifi-mac-filter: <value in [disable, enable]>
wifi-passphrase: <value of string>
wifi-radius-server: <value of string>
wifi-rts-threshold: <value of integer>
wifi-security: <value in [None, WEP64, wep64, ...]>
wifi-ssid: <value of string>
wifi-usergroup: <value of string>
wins-ip: <value of string>
eip: <value of string>
fortilink-neighbor-detect: <value in [lldp, fortilink]>
ingress-shaping-profile: <value of string>
ring-rx: <value of integer>
ring-tx: <value of integer>
switch-controller-igmp-snooping-fast-leave: <value in [disable, enable]>
switch-controller-igmp-snooping-proxy: <value in [disable, enable]>
switch-controller-rspan-mode: <value in [disable, enable]>
bandwidth-measure-time: <value of integer>
ip-managed-by-fortiipam: <value in [disable, enable]>
managed-subnetwork-size: <value in [256, 512, 1024, ...]>
measured-downstream-bandwidth: <value of integer>
measured-upstream-bandwidth: <value of integer>
monitor-bandwidth: <value in [disable, enable]>
swc-vlan: <value of integer>
switch-controller-feature: <value in [none, default-vlan, quarantine, ...]>
switch-controller-mgmt-vlan: <value of integer>
switch-controller-nac: <value of string>
vlan-protocol: <value in [8021q, 8021ad]>
dhcp-relay-interface: <value of string>
dhcp-relay-interface-select-method: <value in [auto, sdwan, specify]>
np-qos-profile: <value of integer>
swc-first-create: <value of integer>
switch-controller-iot-scanning: <value in [disable, enable]>
switch-controller-source-ip: <value in [outbound, fixed]>
dhcp-relay-request-all-server: <value in [disable, enable]>
stp-ha-secondary: <value in [disable, enable, priority-adjust]>
switch-controller-dynamic: <value of string>
auth-cert: <value of string>
auth-portal-addr: <value of string>
dhcp-classless-route-addition: <value in [disable, enable]>
dhcp-relay-link-selection: <value of string>
dns-server-protocol:
- cleartext
- dot
- doh
eap-ca-cert: <value of string>
eap-identity: <value of string>
eap-method: <value in [tls, peap]>
eap-password: <value of string>
eap-supplicant: <value in [disable, enable]>
eap-user-cert: <value of string>
ike-saml-server: <value of string>
lacp-ha-secondary: <value in [disable, enable]>
pvc-atm-qos: <value in [cbr, rt-vbr, nrt-vbr]>
pvc-chan: <value of integer>
pvc-crc: <value of integer>
pvc-pcr: <value of integer>
pvc-scr: <value of integer>
pvc-vlan-id: <value of integer>
pvc-vlan-rx-id: <value of integer>
pvc-vlan-rx-op: <value in [pass-through, replace, remove]>
pvc-vlan-tx-id: <value of integer>
pvc-vlan-tx-op: <value in [pass-through, replace, remove]>
reachable-time: <value of integer>
select-profile-30a-35b: <value in [30A, 35B]>
sfp-dsl: <value in [disable, enable]>
sfp-dsl-adsl-fallback: <value in [disable, enable]>
sfp-dsl-autodetect: <value in [disable, enable]>
sfp-dsl-mac: <value of string>
sw-algorithm: <value in [l2, l3, eh]>
system-id: <value of string>
system-id-type: <value in [auto, user]>
vlan-id: <value of integer>
vlan-op-mode: <value in [tag, untag, passthrough]>
request_url: description: The full url requested returned: always sample: /sys/login/user type: str response_code: description: The status of api request returned: always sample: 0 type: int response_message: description: The descriptive message of the api response returned: always sample: OK. type: str