drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_fsp_vlan no description | "added in version" 2.0.0 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_fsp_vlan (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: no description fmgr_fsp_vlan: bypass_validation: False workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 rc_succeeded: [0, -2, -3, ...] rc_failed: [-2, -3, ...] adom: <your own value> state: <value in [present, absent]> fsp_vlan: _dhcp-status: <value in [disable, enable]> auth: <value in [radius, usergroup]> color: <value of integer> comments: <value of string> dynamic_mapping: - _dhcp-status: <value in [disable, enable]> _scope: - name: <value of string> vdom: <value of string> dhcp-server: auto-configuration: <value in [disable, enable]> auto-managed-status: <value in [disable, enable]> conflicted-ip-timeout: <value of integer> ddns-auth: <value in [disable, tsig]> ddns-key: <value of string> ddns-keyname: <value of string> ddns-server-ip: <value of string> ddns-ttl: <value of integer> ddns-update: <value in [disable, enable]> ddns-update-override: <value in [disable, enable]> ddns-zone: <value of string> default-gateway: <value of string> dhcp-settings-from-fortiipam: <value in [disable, enable]> dns-server1: <value of string> dns-server2: <value of string> dns-server3: <value of string> dns-server4: <value of string> dns-service: <value in [default, specify, local]> domain: <value of string> enable: <value in [disable, enable]> exclude-range: - end-ip: <value of string> id: <value of integer> start-ip: <value of string> vci-match: <value in [disable, enable]> vci-string: <value of string> lease-time: <value of integer> uci-match: <value in [disable, enable]> uci-string: <value of string> filename: <value of string> forticlient-on-net-status: <value in [disable, enable]> id: <value of integer> ip-mode: <value in [range, usrgrp]> ip-range: - end-ip: <value of string> id: <value of integer> start-ip: <value of string> vci-match: <value in [disable, enable]> vci-string: <value of string> lease-time: <value of integer> uci-match: <value in [disable, enable]> uci-string: <value of string> ipsec-lease-hold: <value of integer> lease-time: <value of integer> mac-acl-default-action: <value in [assign, block]> netmask: <value of string> next-server: <value of string> ntp-server1: <value of string> ntp-server2: <value of string> ntp-server3: <value of string> ntp-service: <value in [default, specify, local]> option1: <value of string> option2: <value of string> option3: <value of string> option4: <value of string> option5: <value of string> option6: <value of string> options: - code: <value of integer> id: <value of integer> ip: <value of string> type: <value in [hex, string, ip, ...]> value: <value of string> vci-match: <value in [disable, enable]> vci-string: <value of string> uci-match: <value in [disable, enable]> uci-string: <value of string> reserved-address: - action: <value in [assign, block, reserved]> circuit-id: <value of string> circuit-id-type: <value in [hex, string]> description: <value of string> id: <value of integer> ip: <value of string> mac: <value of string> remote-id: <value of string> remote-id-type: <value in [hex, string]> type: <value in [mac, option82]> server-type: <value in [regular, ipsec]> status: <value in [disable, enable]> tftp-server: <value of string> timezone: <value in [00, 01, 02, ...]> timezone-option: <value in [disable, default, specify]> vci-match: <value in [disable, enable]> vci-string: <value of string> wifi-ac-service: <value in [specify, local]> wifi-ac1: <value of string> wifi-ac2: <value of string> wifi-ac3: <value of string> wins-server1: <value of string> wins-server2: <value of string> relay-agent: <value of string> shared-subnet: <value in [disable, enable]> interface: dhcp-relay-agent-option: <value in [disable, enable]> dhcp-relay-ip: <value of string> dhcp-relay-service: <value in [disable, enable]> dhcp-relay-type: <value in [regular, ipsec]> ip: <value of string> ipv6: autoconf: <value in [disable, enable]> dhcp6-client-options: - rapid - iapd - iana - dns - dnsname dhcp6-information-request: <value in [disable, enable]> dhcp6-prefix-delegation: <value in [disable, enable]> dhcp6-prefix-hint: <value of string> dhcp6-prefix-hint-plt: <value of integer> dhcp6-prefix-hint-vlt: <value of integer> dhcp6-relay-ip: <value of string> dhcp6-relay-service: <value in [disable, enable]> dhcp6-relay-type: <value in [regular]> icmp6-send-redirect: <value in [disable, enable]> interface-identifier: <value of string> ip6-address: <value of string> ip6-allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - capwap - fabric ip6-default-life: <value of integer> ip6-delegated-prefix-list: - autonomous-flag: <value in [disable, enable]> onlink-flag: <value in [disable, enable]> prefix-id: <value of integer> rdnss: <value of string> rdnss-service: <value in [delegated, default, specify]> subnet: <value of string> upstream-interface: <value of string> delegated-prefix-iaid: <value of integer> ip6-dns-server-override: <value in [disable, enable]> ip6-extra-addr: - prefix: <value of string> ip6-hop-limit: <value of integer> ip6-link-mtu: <value of integer> ip6-manage-flag: <value in [disable, enable]> ip6-max-interval: <value of integer> ip6-min-interval: <value of integer> ip6-mode: <value in [static, dhcp, pppoe, ...]> ip6-other-flag: <value in [disable, enable]> ip6-prefix-list: - autonomous-flag: <value in [disable, enable]> dnssl: <value of string> onlink-flag: <value in [disable, enable]> preferred-life-time: <value of integer> prefix: <value of string> rdnss: <value of string> valid-life-time: <value of integer> ip6-reachable-time: <value of integer> ip6-retrans-time: <value of integer> ip6-send-adv: <value in [disable, enable]> ip6-subnet: <value of string> ip6-upstream-interface: <value of string> nd-cert: <value of string> nd-cga-modifier: <value of string> nd-mode: <value in [basic, SEND-compatible]> nd-security-level: <value of integer> nd-timestamp-delta: <value of integer> nd-timestamp-fuzz: <value of integer> unique-autoconf-addr: <value in [disable, enable]> vrip6_link_local: <value of string> vrrp-virtual-mac6: <value in [disable, enable]> vrrp6: - accept-mode: <value in [disable, enable]> adv-interval: <value of integer> preempt: <value in [disable, enable]> priority: <value of integer> start-time: <value of integer> status: <value in [disable, enable]> vrdst6: <value of string> vrgrp: <value of integer> vrid: <value of integer> vrip6: <value of string> cli-conn6-status: <value of integer> ip6-prefix-mode: <value in [dhcp6, ra]> ra-send-mtu: <value in [disable, enable]> ip6-delegated-prefix-iaid: <value of integer> dhcp6-relay-source-interface: <value in [disable, enable]> secondary-IP: <value in [disable, enable]> secondaryip: - allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test detectprotocol: - ping - tcp-echo - udp-echo detectserver: <value of string> gwdetect: <value in [disable, enable]> ha-priority: <value of integer> id: <value of integer> ip: <value of string> ping-serv-status: <value of integer> seq: <value of integer> secip-relay-ip: <value of string> vlanid: <value of integer> dhcp-relay-interface-select-method: <value in [auto, sdwan, specify]> vrrp: - accept-mode: <value in [disable, enable]> adv-interval: <value of integer> ignore-default-route: <value in [disable, enable]> preempt: <value in [disable, enable]> priority: <value of integer> proxy-arp: - id: <value of integer> ip: <value of string> start-time: <value of integer> status: <value in [disable, enable]> version: <value in [2, 3]> vrdst: <value of string> vrdst-priority: <value of integer> vrgrp: <value of integer> vrid: <value of integer> vrip: <value of string> name: <value of string> portal-message-override-group: <value of string> radius-server: <value of string> security: <value in [open, captive-portal, 8021x]> selected-usergroups: <value of string> usergroup: <value of string> vdom: <value of string> vlanid: <value of integer> dhcp-server: auto-configuration: <value in [disable, enable]> auto-managed-status: <value in [disable, enable]> conflicted-ip-timeout: <value of integer> ddns-auth: <value in [disable, tsig]> ddns-key: <value of string> ddns-keyname: <value of string> ddns-server-ip: <value of string> ddns-ttl: <value of integer> ddns-update: <value in [disable, enable]> ddns-update-override: <value in [disable, enable]> ddns-zone: <value of string> default-gateway: <value of string> dhcp-settings-from-fortiipam: <value in [disable, enable]> dns-server1: <value of string> dns-server2: <value of string> dns-server3: <value of string> dns-server4: <value of string> dns-service: <value in [default, specify, local]> domain: <value of string> enable: <value in [disable, enable]> exclude-range: - end-ip: <value of string> id: <value of integer> start-ip: <value of string> vci-match: <value in [disable, enable]> vci-string: <value of string> lease-time: <value of integer> uci-match: <value in [disable, enable]> uci-string: <value of string> filename: <value of string> forticlient-on-net-status: <value in [disable, enable]> id: <value of integer> ip-mode: <value in [range, usrgrp]> ip-range: - end-ip: <value of string> id: <value of integer> start-ip: <value of string> vci-match: <value in [disable, enable]> vci-string: <value of string> lease-time: <value of integer> uci-match: <value in [disable, enable]> uci-string: <value of string> ipsec-lease-hold: <value of integer> lease-time: <value of integer> mac-acl-default-action: <value in [assign, block]> netmask: <value of string> next-server: <value of string> ntp-server1: <value of string> ntp-server2: <value of string> ntp-server3: <value of string> ntp-service: <value in [default, specify, local]> option1: <value of string> option2: <value of string> option3: <value of string> option4: <value of string> option5: <value of string> option6: <value of string> options: - code: <value of integer> id: <value of integer> ip: <value of string> type: <value in [hex, string, ip, ...]> value: <value of string> vci-match: <value in [disable, enable]> vci-string: <value of string> uci-match: <value in [disable, enable]> uci-string: <value of string> reserved-address: - action: <value in [assign, block, reserved]> circuit-id: <value of string> circuit-id-type: <value in [hex, string]> description: <value of string> id: <value of integer> ip: <value of string> mac: <value of string> remote-id: <value of string> remote-id-type: <value in [hex, string]> type: <value in [mac, option82]> server-type: <value in [regular, ipsec]> status: <value in [disable, enable]> tftp-server: <value of string> timezone: <value in [00, 01, 02, ...]> timezone-option: <value in [disable, default, specify]> vci-match: <value in [disable, enable]> vci-string: <value of string> wifi-ac-service: <value in [specify, local]> wifi-ac1: <value of string> wifi-ac2: <value of string> wifi-ac3: <value of string> wins-server1: <value of string> wins-server2: <value of string> relay-agent: <value of string> shared-subnet: <value in [disable, enable]> interface: ac-name: <value of string> aggregate: <value of string> algorithm: <value in [L2, L3, L4, ...]> alias: <value of string> allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test ap-discover: <value in [disable, enable]> arpforward: <value in [disable, enable]> atm-protocol: <value in [none, ipoa]> auth-type: <value in [auto, pap, chap, ...]> auto-auth-extension-device: <value in [disable, enable]> bandwidth-measure-time: <value of integer> bfd: <value in [global, enable, disable]> bfd-desired-min-tx: <value of integer> bfd-detect-mult: <value of integer> bfd-required-min-rx: <value of integer> broadcast-forticlient-discovery: <value in [disable, enable]> broadcast-forward: <value in [disable, enable]> captive-portal: <value of integer> cli-conn-status: <value of integer> color: <value of integer> ddns: <value in [disable, enable]> ddns-auth: <value in [disable, tsig]> ddns-domain: <value of string> ddns-key: <value of string> ddns-keyname: <value of string> ddns-password: <value of string> ddns-server: <value in [dhs.org, dyndns.org, dyns.net, ...]> ddns-server-ip: <value of string> ddns-sn: <value of string> ddns-ttl: <value of integer> ddns-username: <value of string> ddns-zone: <value of string> dedicated-to: <value in [none, management]> defaultgw: <value in [disable, enable]> description: <value of string> detected-peer-mtu: <value of integer> detectprotocol: - ping - tcp-echo - udp-echo detectserver: <value of string> device-access-list: <value of string> device-identification: <value in [disable, enable]> device-identification-active-scan: <value in [disable, enable]> device-netscan: <value in [disable, enable]> device-user-identification: <value in [disable, enable]> devindex: <value of integer> dhcp-client-identifier: <value of string> dhcp-relay-agent-option: <value in [disable, enable]> dhcp-relay-interface: <value of string> dhcp-relay-interface-select-method: <value in [auto, sdwan, specify]> dhcp-relay-ip: <value of string> dhcp-relay-service: <value in [disable, enable]> dhcp-relay-type: <value in [regular, ipsec]> dhcp-renew-time: <value of integer> disc-retry-timeout: <value of integer> disconnect-threshold: <value of integer> distance: <value of integer> dns-query: <value in [disable, recursive, non-recursive]> dns-server-override: <value in [disable, enable]> drop-fragment: <value in [disable, enable]> drop-overlapped-fragment: <value in [disable, enable]> egress-cos: <value in [disable, cos0, cos1, ...]> egress-shaping-profile: <value of string> eip: <value of string> endpoint-compliance: <value in [disable, enable]> estimated-downstream-bandwidth: <value of integer> estimated-upstream-bandwidth: <value of integer> explicit-ftp-proxy: <value in [disable, enable]> explicit-web-proxy: <value in [disable, enable]> external: <value in [disable, enable]> fail-action-on-extender: <value in [soft-restart, hard-restart, reboot]> fail-alert-interfaces: <value of string> fail-alert-method: <value in [link-failed-signal, link-down]> fail-detect: <value in [disable, enable]> fail-detect-option: - detectserver - link-down fdp: <value in [disable, enable]> fortiheartbeat: <value in [disable, enable]> fortilink: <value in [disable, enable]> fortilink-backup-link: <value of integer> fortilink-neighbor-detect: <value in [lldp, fortilink]> fortilink-split-interface: <value in [disable, enable]> fortilink-stacking: <value in [disable, enable]> forward-domain: <value of integer> forward-error-correction: <value in [disable, enable, rs-fec, ...]> fp-anomaly: - drop_tcp_fin_noack - pass_winnuke - pass_tcpland - pass_udpland - pass_icmpland - pass_ipland - pass_iprr - pass_ipssrr - pass_iplsrr - pass_ipstream - pass_ipsecurity - pass_iptimestamp - pass_ipunknown_option - pass_ipunknown_prot - pass_icmp_frag - pass_tcp_no_flag - pass_tcp_fin_noack - drop_winnuke - drop_tcpland - drop_udpland - drop_icmpland - drop_ipland - drop_iprr - drop_ipssrr - drop_iplsrr - drop_ipstream - drop_ipsecurity - drop_iptimestamp - drop_ipunknown_option - drop_ipunknown_prot - drop_icmp_frag - drop_tcp_no_flag fp-disable: - all - ipsec - none gateway-address: <value of string> gi-gk: <value in [disable, enable]> gwaddr: <value of string> gwdetect: <value in [disable, enable]> ha-priority: <value of integer> icmp-accept-redirect: <value in [disable, enable]> icmp-redirect: <value in [disable, enable]> icmp-send-redirect: <value in [disable, enable]> ident-accept: <value in [disable, enable]> idle-timeout: <value of integer> if-mdix: <value in [auto, normal, crossover]> if-media: <value in [auto, copper, fiber]> in-force-vlan-cos: <value of integer> inbandwidth: <value of integer> ingress-cos: <value in [disable, cos0, cos1, ...]> ingress-shaping-profile: <value of string> ingress-spillover-threshold: <value of integer> internal: <value of integer> ip: <value of string> ip-managed-by-fortiipam: <value in [disable, enable, inherit-global]> ipmac: <value in [disable, enable]> ips-sniffer-mode: <value in [disable, enable]> ipunnumbered: <value of string> ipv6: autoconf: <value in [disable, enable]> dhcp6-client-options: - rapid - iapd - iana - dns - dnsname dhcp6-information-request: <value in [disable, enable]> dhcp6-prefix-delegation: <value in [disable, enable]> dhcp6-prefix-hint: <value of string> dhcp6-prefix-hint-plt: <value of integer> dhcp6-prefix-hint-vlt: <value of integer> dhcp6-relay-ip: <value of string> dhcp6-relay-service: <value in [disable, enable]> dhcp6-relay-type: <value in [regular]> icmp6-send-redirect: <value in [disable, enable]> interface-identifier: <value of string> ip6-address: <value of string> ip6-allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - capwap - fabric ip6-default-life: <value of integer> ip6-delegated-prefix-list: - autonomous-flag: <value in [disable, enable]> onlink-flag: <value in [disable, enable]> prefix-id: <value of integer> rdnss: <value of string> rdnss-service: <value in [delegated, default, specify]> subnet: <value of string> upstream-interface: <value of string> delegated-prefix-iaid: <value of integer> ip6-dns-server-override: <value in [disable, enable]> ip6-extra-addr: - prefix: <value of string> ip6-hop-limit: <value of integer> ip6-link-mtu: <value of integer> ip6-manage-flag: <value in [disable, enable]> ip6-max-interval: <value of integer> ip6-min-interval: <value of integer> ip6-mode: <value in [static, dhcp, pppoe, ...]> ip6-other-flag: <value in [disable, enable]> ip6-prefix-list: - autonomous-flag: <value in [disable, enable]> dnssl: <value of string> onlink-flag: <value in [disable, enable]> preferred-life-time: <value of integer> prefix: <value of string> rdnss: <value of string> valid-life-time: <value of integer> ip6-reachable-time: <value of integer> ip6-retrans-time: <value of integer> ip6-send-adv: <value in [disable, enable]> ip6-subnet: <value of string> ip6-upstream-interface: <value of string> nd-cert: <value of string> nd-cga-modifier: <value of string> nd-mode: <value in [basic, SEND-compatible]> nd-security-level: <value of integer> nd-timestamp-delta: <value of integer> nd-timestamp-fuzz: <value of integer> unique-autoconf-addr: <value in [disable, enable]> vrip6_link_local: <value of string> vrrp-virtual-mac6: <value in [disable, enable]> vrrp6: - accept-mode: <value in [disable, enable]> adv-interval: <value of integer> preempt: <value in [disable, enable]> priority: <value of integer> start-time: <value of integer> status: <value in [disable, enable]> vrdst6: <value of string> vrgrp: <value of integer> vrid: <value of integer> vrip6: <value of string> cli-conn6-status: <value of integer> ip6-prefix-mode: <value in [dhcp6, ra]> ra-send-mtu: <value in [disable, enable]> ip6-delegated-prefix-iaid: <value of integer> dhcp6-relay-source-interface: <value in [disable, enable]> l2forward: <value in [disable, enable]> l2tp-client: <value in [disable, enable]> lacp-ha-slave: <value in [disable, enable]> lacp-mode: <value in [static, passive, active]> lacp-speed: <value in [slow, fast]> lcp-echo-interval: <value of integer> lcp-max-echo-fails: <value of integer> link-up-delay: <value of integer> listen-forticlient-connection: <value in [disable, enable]> lldp-network-policy: <value of string> lldp-reception: <value in [disable, enable, vdom]> lldp-transmission: <value in [enable, disable, vdom]> log: <value in [disable, enable]> macaddr: <value of string> managed-subnetwork-size: <value in [256, 512, 1024, ...]> management-ip: <value of string> max-egress-burst-rate: <value of integer> max-egress-rate: <value of integer> measured-downstream-bandwidth: <value of integer> measured-upstream-bandwidth: <value of integer> mediatype: <value in [serdes-sfp, sgmii-sfp, cfp2-sr10, ...]> member: <value of string> min-links: <value of integer> min-links-down: <value in [operational, administrative]> mode: <value in [static, dhcp, pppoe, ...]> monitor-bandwidth: <value in [disable, enable]> mtu: <value of integer> mtu-override: <value in [disable, enable]> mux-type: <value in [llc-encaps, vc-encaps]> name: <value of string> ndiscforward: <value in [disable, enable]> netbios-forward: <value in [disable, enable]> netflow-sampler: <value in [disable, tx, rx, ...]> np-qos-profile: <value of integer> npu-fastpath: <value in [disable, enable]> nst: <value in [disable, enable]> out-force-vlan-cos: <value of integer> outbandwidth: <value of integer> padt-retry-timeout: <value of integer> password: <value of string> peer-interface: <value of string> phy-mode: <value in [auto, adsl, vdsl, ...]> ping-serv-status: <value of integer> poe: <value in [disable, enable]> polling-interval: <value of integer> pppoe-unnumbered-negotiate: <value in [disable, enable]> pptp-auth-type: <value in [auto, pap, chap, ...]> pptp-client: <value in [disable, enable]> pptp-password: <value of string> pptp-server-ip: <value of string> pptp-timeout: <value of integer> pptp-user: <value of string> preserve-session-route: <value in [disable, enable]> priority: <value of integer> priority-override: <value in [disable, enable]> proxy-captive-portal: <value in [disable, enable]> redundant-interface: <value of string> remote-ip: <value of string> replacemsg-override-group: <value of string> retransmission: <value in [disable, enable]> ring-rx: <value of integer> ring-tx: <value of integer> role: <value in [lan, wan, dmz, ...]> sample-direction: <value in [rx, tx, both]> sample-rate: <value of integer> scan-botnet-connections: <value in [disable, block, monitor]> secondary-IP: <value in [disable, enable]> secondaryip: - allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test detectprotocol: - ping - tcp-echo - udp-echo detectserver: <value of string> gwdetect: <value in [disable, enable]> ha-priority: <value of integer> id: <value of integer> ip: <value of string> ping-serv-status: <value of integer> seq: <value of integer> secip-relay-ip: <value of string> security-8021x-dynamic-vlan-id: <value of integer> security-8021x-master: <value of string> security-8021x-mode: <value in [default, dynamic-vlan, fallback, ...]> security-exempt-list: <value of string> security-external-logout: <value of string> security-external-web: <value of string> security-groups: <value of string> security-mac-auth-bypass: <value in [disable, enable, mac-auth-only]> security-mode: <value in [none, captive-portal, 802.1X]> security-redirect-url: <value of string> service-name: <value of string> sflow-sampler: <value in [disable, enable]> speed: <value in [auto, 10full, 10half, ...]> spillover-threshold: <value of integer> src-check: <value in [disable, enable]> status: <value in [down, up]> stp: <value in [disable, enable]> stp-ha-slave: <value in [disable, enable, priority-adjust]> stpforward: <value in [disable, enable]> stpforward-mode: <value in [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]> strip-priority-vlan-tag: <value in [disable, enable]> subst: <value in [disable, enable]> substitute-dst-mac: <value of string> swc-first-create: <value of integer> swc-vlan: <value of integer> switch: <value of string> switch-controller-access-vlan: <value in [disable, enable]> switch-controller-arp-inspection: <value in [disable, enable]> switch-controller-auth: <value in [radius, usergroup]> switch-controller-dhcp-snooping: <value in [disable, enable]> switch-controller-dhcp-snooping-option82: <value in [disable, enable]> switch-controller-dhcp-snooping-verify-mac: <value in [disable, enable]> switch-controller-feature: <value in [none, default-vlan, quarantine, ...]> switch-controller-igmp-snooping: <value in [disable, enable]> switch-controller-igmp-snooping-fast-leave: <value in [disable, enable]> switch-controller-igmp-snooping-proxy: <value in [disable, enable]> switch-controller-iot-scanning: <value in [disable, enable]> switch-controller-learning-limit: <value of integer> switch-controller-mgmt-vlan: <value of integer> switch-controller-nac: <value of string> switch-controller-radius-server: <value of string> switch-controller-rspan-mode: <value in [disable, enable]> switch-controller-source-ip: <value in [outbound, fixed]> switch-controller-traffic-policy: <value of string> tc-mode: <value in [ptm, atm]> tcp-mss: <value of integer> trunk: <value in [disable, enable]> trust-ip-1: <value of string> trust-ip-2: <value of string> trust-ip-3: <value of string> trust-ip6-1: <value of string> trust-ip6-2: <value of string> trust-ip6-3: <value of string> type: <value in [physical, vlan, aggregate, ...]> username: <value of string> vci: <value of integer> vectoring: <value in [disable, enable]> vindex: <value of integer> vlan-protocol: <value in [8021q, 8021ad]> vlanforward: <value in [disable, enable]> vlanid: <value of integer> vpi: <value of integer> vrf: <value of integer> vrrp: - accept-mode: <value in [disable, enable]> adv-interval: <value of integer> ignore-default-route: <value in [disable, enable]> preempt: <value in [disable, enable]> priority: <value of integer> start-time: <value of integer> status: <value in [disable, enable]> version: <value in [2, 3]> vrdst: <value of string> vrdst-priority: <value of integer> vrgrp: <value of integer> vrid: <value of integer> vrip: <value of string> proxy-arp: - id: <value of integer> ip: <value of string> vrrp-virtual-mac: <value in [disable, enable]> wccp: <value in [disable, enable]> weight: <value of integer> wifi-5g-threshold: <value of string> wifi-acl: <value in [deny, allow]> wifi-ap-band: <value in [any, 5g-preferred, 5g-only]> wifi-auth: <value in [PSK, RADIUS, radius, ...]> wifi-auto-connect: <value in [disable, enable]> wifi-auto-save: <value in [disable, enable]> wifi-broadcast-ssid: <value in [disable, enable]> wifi-encrypt: <value in [TKIP, AES]> wifi-fragment-threshold: <value of integer> wifi-key: <value of string> wifi-keyindex: <value of integer> wifi-mac-filter: <value in [disable, enable]> wifi-passphrase: <value of string> wifi-radius-server: <value of string> wifi-rts-threshold: <value of integer> wifi-security: <value in [None, WEP64, wep64, ...]> wifi-ssid: <value of string> wifi-usergroup: <value of string> wins-ip: <value of string> dhcp-relay-request-all-server: <value in [disable, enable]> stp-ha-secondary: <value in [disable, enable, priority-adjust]> switch-controller-dynamic: <value of string> auth-cert: <value of string> auth-portal-addr: <value of string> dhcp-classless-route-addition: <value in [disable, enable]> dhcp-relay-link-selection: <value of string> dns-server-protocol: - cleartext - dot - doh eap-ca-cert: <value of string> eap-identity: <value of string> eap-method: <value in [tls, peap]> eap-password: <value of string> eap-supplicant: <value in [disable, enable]> eap-user-cert: <value of string> ike-saml-server: <value of string> lacp-ha-secondary: <value in [disable, enable]> pvc-atm-qos: <value in [cbr, rt-vbr, nrt-vbr]> pvc-chan: <value of integer> pvc-crc: <value of integer> pvc-pcr: <value of integer> pvc-scr: <value of integer> pvc-vlan-id: <value of integer> pvc-vlan-rx-id: <value of integer> pvc-vlan-rx-op: <value in [pass-through, replace, remove]> pvc-vlan-tx-id: <value of integer> pvc-vlan-tx-op: <value in [pass-through, replace, remove]> reachable-time: <value of integer> select-profile-30a-35b: <value in [30A, 35B]> sfp-dsl: <value in [disable, enable]> sfp-dsl-adsl-fallback: <value in [disable, enable]> sfp-dsl-autodetect: <value in [disable, enable]> sfp-dsl-mac: <value of string> sw-algorithm: <value in [l2, l3, eh]> system-id: <value of string> system-id-type: <value in [auto, user]> vlan-id: <value of integer> vlan-op-mode: <value in [tag, untag, passthrough]> generic-receive-offload: <value in [disable, enable]> interconnect-profile: <value in [default, profile1, profile2]> large-receive-offload: <value in [disable, enable]> aggregate-type: <value in [physical, vxlan]> switch-controller-netflow-collect: <value in [disable, enable]> wifi-dns-server1: <value of string> wifi-dns-server2: <value of string> wifi-gateway: <value of string> default-purdue-level: <value in [1, 2, 3, ...]> dhcp-broadcast-flag: <value in [disable, enable]> dhcp-smart-relay: <value in [disable, enable]> switch-controller-offloading: <value in [disable, enable]> switch-controller-offloading-gw: <value in [disable, enable]> switch-controller-offloading-ip: <value of string>
adom: description: the parameter (adom) in requested url required: true type: str state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str fsp_vlan: description: the top level parameters set required: false suboptions: _dhcp-status: choices: - disable - enable description: _Dhcp-Status. type: str auth: choices: - radius - usergroup description: no description type: str color: description: Color. type: int comments: description: no description type: str dhcp-server: description: no description required: false suboptions: auto-configuration: choices: - disable - enable description: Enable/disable auto configuration. type: str auto-managed-status: choices: - disable - enable description: Enable/disable use of this DHCP server once this interface has been assigned an IP address from FortiIPAM. type: str conflicted-ip-timeout: description: Time in seconds to wait after a conflicted IP address is removed from the DHCP range before it can be reused. type: int ddns-auth: choices: - disable - tsig description: DDNS authentication mode. type: str ddns-key: description: DDNS update key type: str ddns-keyname: description: DDNS update key name. type: str ddns-server-ip: description: DDNS server IP. type: str ddns-ttl: description: TTL. type: int ddns-update: choices: - disable - enable description: Enable/disable DDNS update for DHCP. type: str ddns-update-override: choices: - disable - enable description: Enable/disable DDNS update override for DHCP. type: str ddns-zone: description: Zone of your domain name type: str default-gateway: description: Default gateway IP address assigned by the DHCP server. type: str dhcp-settings-from-fortiipam: choices: - disable - enable description: Enable/disable populating of DHCP server settings from FortiIPAM. type: str dns-server1: description: DNS server 1. type: str dns-server2: description: DNS server 2. type: str dns-server3: description: DNS server 3. type: str dns-server4: description: DNS server 4. type: str dns-service: choices: - default - specify - local description: Options for assigning DNS servers to DHCP clients. type: str domain: description: Domain name suffix for the IP addresses that the DHCP server assigns to clients. type: str enable: choices: - disable - enable description: Enable. type: str exclude-range: description: Exclude-Range. elements: dict suboptions: end-ip: description: End of IP range. type: str id: description: ID. type: int lease-time: description: Lease time in seconds, 0 means default lease time. type: int start-ip: description: Start of IP range. type: str uci-match: choices: - disable - enable description: Enable/disable user class identifier type: str uci-string: description: description type: str vci-match: choices: - disable - enable description: Enable/disable vendor class identifier type: str vci-string: description: description type: str type: list filename: description: Name of the boot file on the TFTP server. type: str forticlient-on-net-status: choices: - disable - enable description: Enable/disable FortiClient-On-Net service for this DHCP server. type: str id: description: ID. type: int ip-mode: choices: - range - usrgrp description: Method used to assign client IP. type: str ip-range: description: Ip-Range. elements: dict suboptions: end-ip: description: End of IP range. type: str id: description: ID. type: int lease-time: description: Lease time in seconds, 0 means default lease time. type: int start-ip: description: Start of IP range. type: str uci-match: choices: - disable - enable description: Enable/disable user class identifier type: str uci-string: description: description type: str vci-match: choices: - disable - enable description: Enable/disable vendor class identifier type: str vci-string: description: description type: str type: list ipsec-lease-hold: description: DHCP over IPsec leases expire this many seconds after tunnel down type: int lease-time: description: Lease time in seconds, 0 means unlimited. type: int mac-acl-default-action: choices: - assign - block description: MAC access control default action type: str netmask: description: Netmask assigned by the DHCP server. type: str next-server: description: IP address of a server type: str ntp-server1: description: NTP server 1. type: str ntp-server2: description: NTP server 2. type: str ntp-server3: description: NTP server 3. type: str ntp-service: choices: - default - specify - local description: Options for assigning Network Time Protocol type: str option1: description: Option1. type: str option2: description: Option2. type: str option3: description: Option3. type: str option4: description: Option4. type: str option5: description: Option5. type: str option6: description: Option6. type: str options: description: Options. elements: dict suboptions: code: description: DHCP option code. type: int id: description: ID. type: int ip: description: DHCP option IPs. type: str type: choices: - hex - string - ip - fqdn description: DHCP option type. type: str uci-match: choices: - disable - enable description: Enable/disable user class identifier type: str uci-string: description: description type: str value: description: DHCP option value. type: str vci-match: choices: - disable - enable description: Enable/disable vendor class identifier type: str vci-string: description: description type: str type: list relay-agent: description: Relay agent IP. type: str reserved-address: description: Reserved-Address. elements: dict suboptions: action: choices: - assign - block - reserved description: Options for the DHCP server to configure the client with the reserved MAC address. type: str circuit-id: description: Option 82 circuit-ID of the client that will get the reserved IP address. type: str circuit-id-type: choices: - hex - string description: DHCP option type. type: str description: description: Description. type: str id: description: ID. type: int ip: description: IP address to be reserved for the MAC address. type: str mac: description: MAC address of the client that will get the reserved IP address. type: str remote-id: description: Option 82 remote-ID of the client that will get the reserved IP address. type: str remote-id-type: choices: - hex - string description: DHCP option type. type: str type: choices: - mac - option82 description: DHCP reserved-address type. type: str type: list server-type: choices: - regular - ipsec description: DHCP server can be a normal DHCP server or an IPsec DHCP server. type: str shared-subnet: choices: - disable - enable description: Enable/disable shared subnet. type: str status: choices: - disable - enable description: Enable/disable this DHCP configuration. type: str tftp-server: description: One or more hostnames or IP addresses of the TFTP servers in quotes separated by spaces. type: str timezone: choices: - '00' - '01' - '02' - '03' - '04' - '05' - '06' - '07' - 08 - 09 - '10' - '11' - '12' - '13' - '14' - '15' - '16' - '17' - '18' - '19' - '20' - '21' - '22' - '23' - '24' - '25' - '26' - '27' - '28' - '29' - '30' - '31' - '32' - '33' - '34' - '35' - '36' - '37' - '38' - '39' - '40' - '41' - '42' - '43' - '44' - '45' - '46' - '47' - '48' - '49' - '50' - '51' - '52' - '53' - '54' - '55' - '56' - '57' - '58' - '59' - '60' - '61' - '62' - '63' - '64' - '65' - '66' - '67' - '68' - '69' - '70' - '71' - '72' - '73' - '74' - '75' - '76' - '77' - '78' - '79' - '80' - '81' - '82' - '83' - '84' - '85' - '86' - '87' description: Select the time zone to be assigned to DHCP clients. type: str timezone-option: choices: - disable - default - specify description: Options for the DHCP server to set the clients time zone. type: str vci-match: choices: - disable - enable description: Enable/disable vendor class identifier type: str vci-string: description: One or more VCI strings in quotes separated by spaces. type: str wifi-ac-service: choices: - specify - local description: Options for assigning WiFi Access Controllers to DHCP clients type: str wifi-ac1: description: WiFi Access Controller 1 IP address type: str wifi-ac2: description: WiFi Access Controller 2 IP address type: str wifi-ac3: description: WiFi Access Controller 3 IP address type: str wins-server1: description: WINS server 1. type: str wins-server2: description: WINS server 2. type: str type: dict dynamic_mapping: description: Dynamic_Mapping. elements: dict suboptions: _dhcp-status: choices: - disable - enable description: _Dhcp-Status. type: str _scope: description: _Scope. elements: dict suboptions: name: description: Name. type: str vdom: description: Vdom. type: str type: list dhcp-server: description: no description required: false suboptions: auto-configuration: choices: - disable - enable description: Enable/disable auto configuration. type: str auto-managed-status: choices: - disable - enable description: Enable/disable use of this DHCP server once this interface has been assigned an IP address from FortiIPAM. type: str conflicted-ip-timeout: description: Time in seconds to wait after a conflicted IP address is removed from the DHCP range before it can be reused. type: int ddns-auth: choices: - disable - tsig description: DDNS authentication mode. type: str ddns-key: description: DDNS update key type: str ddns-keyname: description: DDNS update key name. type: str ddns-server-ip: description: DDNS server IP. type: str ddns-ttl: description: TTL. type: int ddns-update: choices: - disable - enable description: Enable/disable DDNS update for DHCP. type: str ddns-update-override: choices: - disable - enable description: Enable/disable DDNS update override for DHCP. type: str ddns-zone: description: Zone of your domain name type: str default-gateway: description: Default gateway IP address assigned by the DHCP server. type: str dhcp-settings-from-fortiipam: choices: - disable - enable description: Enable/disable populating of DHCP server settings from FortiIPAM. type: str dns-server1: description: DNS server 1. type: str dns-server2: description: DNS server 2. type: str dns-server3: description: DNS server 3. type: str dns-server4: description: DNS server 4. type: str dns-service: choices: - default - specify - local description: Options for assigning DNS servers to DHCP clients. type: str domain: description: Domain name suffix for the IP addresses that the DHCP server assigns to clients. type: str enable: choices: - disable - enable description: Enable. type: str exclude-range: description: Exclude-Range. elements: dict suboptions: end-ip: description: End of IP range. type: str id: description: ID. type: int lease-time: description: Lease time in seconds, 0 means default lease time. type: int start-ip: description: Start of IP range. type: str uci-match: choices: - disable - enable description: Enable/disable user class identifier type: str uci-string: description: description type: str vci-match: choices: - disable - enable description: Enable/disable vendor class identifier type: str vci-string: description: description type: str type: list filename: description: Name of the boot file on the TFTP server. type: str forticlient-on-net-status: choices: - disable - enable description: Enable/disable FortiClient-On-Net service for this DHCP server. type: str id: description: ID. type: int ip-mode: choices: - range - usrgrp description: Method used to assign client IP. type: str ip-range: description: Ip-Range. elements: dict suboptions: end-ip: description: End of IP range. type: str id: description: ID. type: int lease-time: description: Lease time in seconds, 0 means default lease time. type: int start-ip: description: Start of IP range. type: str uci-match: choices: - disable - enable description: Enable/disable user class identifier type: str uci-string: description: description type: str vci-match: choices: - disable - enable description: Enable/disable vendor class identifier type: str vci-string: description: description type: str type: list ipsec-lease-hold: description: DHCP over IPsec leases expire this many seconds after tunnel down type: int lease-time: description: Lease time in seconds, 0 means unlimited. type: int mac-acl-default-action: choices: - assign - block description: MAC access control default action type: str netmask: description: Netmask assigned by the DHCP server. type: str next-server: description: IP address of a server type: str ntp-server1: description: NTP server 1. type: str ntp-server2: description: NTP server 2. type: str ntp-server3: description: NTP server 3. type: str ntp-service: choices: - default - specify - local description: Options for assigning Network Time Protocol type: str option1: description: Option1. type: str option2: description: Option2. type: str option3: description: Option3. type: str option4: description: Option4. type: str option5: description: Option5. type: str option6: description: Option6. type: str options: description: Options. elements: dict suboptions: code: description: DHCP option code. type: int id: description: ID. type: int ip: description: DHCP option IPs. type: str type: choices: - hex - string - ip - fqdn description: DHCP option type. type: str uci-match: choices: - disable - enable description: Enable/disable user class identifier type: str uci-string: description: description type: str value: description: DHCP option value. type: str vci-match: choices: - disable - enable description: Enable/disable vendor class identifier type: str vci-string: description: description type: str type: list relay-agent: description: Relay agent IP. type: str reserved-address: description: Reserved-Address. elements: dict suboptions: action: choices: - assign - block - reserved description: Options for the DHCP server to configure the client with the reserved MAC address. type: str circuit-id: description: Option 82 circuit-ID of the client that will get the reserved IP address. type: str circuit-id-type: choices: - hex - string description: DHCP option type. type: str description: description: Description. type: str id: description: ID. type: int ip: description: IP address to be reserved for the MAC address. type: str mac: description: MAC address of the client that will get the reserved IP address. type: str remote-id: description: Option 82 remote-ID of the client that will get the reserved IP address. type: str remote-id-type: choices: - hex - string description: DHCP option type. type: str type: choices: - mac - option82 description: DHCP reserved-address type. type: str type: list server-type: choices: - regular - ipsec description: DHCP server can be a normal DHCP server or an IPsec DHCP server. type: str shared-subnet: choices: - disable - enable description: Enable/disable shared subnet. type: str status: choices: - disable - enable description: Enable/disable this DHCP configuration. type: str tftp-server: description: One or more hostnames or IP addresses of the TFTP servers in quotes separated by spaces. type: str timezone: choices: - '00' - '01' - '02' - '03' - '04' - '05' - '06' - '07' - 08 - 09 - '10' - '11' - '12' - '13' - '14' - '15' - '16' - '17' - '18' - '19' - '20' - '21' - '22' - '23' - '24' - '25' - '26' - '27' - '28' - '29' - '30' - '31' - '32' - '33' - '34' - '35' - '36' - '37' - '38' - '39' - '40' - '41' - '42' - '43' - '44' - '45' - '46' - '47' - '48' - '49' - '50' - '51' - '52' - '53' - '54' - '55' - '56' - '57' - '58' - '59' - '60' - '61' - '62' - '63' - '64' - '65' - '66' - '67' - '68' - '69' - '70' - '71' - '72' - '73' - '74' - '75' - '76' - '77' - '78' - '79' - '80' - '81' - '82' - '83' - '84' - '85' - '86' - '87' description: Select the time zone to be assigned to DHCP clients. type: str timezone-option: choices: - disable - default - specify description: Options for the DHCP server to set the clients time zone. type: str vci-match: choices: - disable - enable description: Enable/disable vendor class identifier type: str vci-string: description: One or more VCI strings in quotes separated by spaces. type: str wifi-ac-service: choices: - specify - local description: Options for assigning WiFi Access Controllers to DHCP clients type: str wifi-ac1: description: WiFi Access Controller 1 IP address type: str wifi-ac2: description: WiFi Access Controller 2 IP address type: str wifi-ac3: description: WiFi Access Controller 3 IP address type: str wins-server1: description: WINS server 1. type: str wins-server2: description: WINS server 2. type: str type: dict interface: description: no description required: false suboptions: dhcp-relay-agent-option: choices: - disable - enable description: Dhcp-Relay-Agent-Option. type: str dhcp-relay-interface-select-method: choices: - auto - sdwan - specify description: no description type: str dhcp-relay-ip: description: Dhcp-Relay-Ip. type: str dhcp-relay-service: choices: - disable - enable description: Dhcp-Relay-Service. type: str dhcp-relay-type: choices: - regular - ipsec description: Dhcp-Relay-Type. type: str ip: description: Ip. type: str ipv6: description: no description required: false suboptions: autoconf: choices: - disable - enable description: Enable/disable address auto config. type: str cli-conn6-status: description: Cli-Conn6-Status. type: int dhcp6-client-options: choices: - rapid - iapd - iana - dns - dnsname description: Dhcp6-Client-Options. elements: str type: list dhcp6-information-request: choices: - disable - enable description: Enable/disable DHCPv6 information request. type: str dhcp6-prefix-delegation: choices: - disable - enable description: Enable/disable DHCPv6 prefix delegation. type: str dhcp6-prefix-hint: description: DHCPv6 prefix that will be used as a hint to the upstream DHCPv6 server. type: str dhcp6-prefix-hint-plt: description: DHCPv6 prefix hint preferred life time type: int dhcp6-prefix-hint-vlt: description: DHCPv6 prefix hint valid life time type: int dhcp6-relay-ip: description: DHCPv6 relay IP address. type: str dhcp6-relay-service: choices: - disable - enable description: Enable/disable DHCPv6 relay. type: str dhcp6-relay-source-interface: choices: - disable - enable description: Enable/disable use of address on this interface as the source address of the relay message. type: str dhcp6-relay-type: choices: - regular description: DHCPv6 relay type. type: str icmp6-send-redirect: choices: - disable - enable description: Enable/disable sending of ICMPv6 redirects. type: str interface-identifier: description: IPv6 interface identifier. type: str ip6-address: description: Primary IPv6 address prefix, syntax type: str ip6-allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - capwap - fabric description: Allow management access to the interface. elements: str type: list ip6-default-life: description: Default life type: int ip6-delegated-prefix-iaid: description: IAID of obtained delegated-prefix from the upstream interface. type: int ip6-delegated-prefix-list: description: Ip6-Delegated-Prefix-List. elements: dict suboptions: autonomous-flag: choices: - disable - enable description: Enable/disable the autonomous flag. type: str delegated-prefix-iaid: description: IAID of obtained delegated-prefix from the upstream interface. type: int onlink-flag: choices: - disable - enable description: Enable/disable the onlink flag. type: str prefix-id: description: Prefix ID. type: int rdnss: description: Recursive DNS server option. type: str rdnss-service: choices: - delegated - default - specify description: Recursive DNS service option. type: str subnet: description: Add subnet ID to routing prefix. type: str upstream-interface: description: Name of the interface that provides delegated information. type: str type: list ip6-dns-server-override: choices: - disable - enable description: Enable/disable using the DNS server acquired by DHCP. type: str ip6-extra-addr: description: Ip6-Extra-Addr. elements: dict suboptions: prefix: description: IPv6 address prefix. type: str type: list ip6-hop-limit: description: Hop limit type: int ip6-link-mtu: description: IPv6 link MTU. type: int ip6-manage-flag: choices: - disable - enable description: Enable/disable the managed flag. type: str ip6-max-interval: description: IPv6 maximum interval type: int ip6-min-interval: description: IPv6 minimum interval type: int ip6-mode: choices: - static - dhcp - pppoe - delegated description: Addressing mode type: str ip6-other-flag: choices: - disable - enable description: Enable/disable the other IPv6 flag. type: str ip6-prefix-list: description: Ip6-Prefix-List. elements: dict suboptions: autonomous-flag: choices: - disable - enable description: Enable/disable the autonomous flag. type: str dnssl: description: DNS search list option. type: str onlink-flag: choices: - disable - enable description: Enable/disable the onlink flag. type: str preferred-life-time: description: Preferred life time type: int prefix: description: IPv6 prefix. type: str rdnss: description: Recursive DNS server option. type: str valid-life-time: description: Valid life time type: int type: list ip6-prefix-mode: choices: - dhcp6 - ra description: Assigning a prefix from DHCP or RA. type: str ip6-reachable-time: description: IPv6 reachable time type: int ip6-retrans-time: description: IPv6 retransmit time type: int ip6-send-adv: choices: - disable - enable description: Enable/disable sending advertisements about the interface. type: str ip6-subnet: description: Subnet to routing prefix, syntax type: str ip6-upstream-interface: description: Interface name providing delegated information. type: str nd-cert: description: Neighbor discovery certificate. type: str nd-cga-modifier: description: Neighbor discovery CGA modifier. type: str nd-mode: choices: - basic - SEND-compatible description: Neighbor discovery mode. type: str nd-security-level: description: Neighbor discovery security level type: int nd-timestamp-delta: description: Neighbor discovery timestamp delta value type: int nd-timestamp-fuzz: description: Neighbor discovery timestamp fuzz factor type: int ra-send-mtu: choices: - disable - enable description: Enable/disable sending link MTU in RA packet. type: str unique-autoconf-addr: choices: - disable - enable description: Enable/disable unique auto config address. type: str vrip6_link_local: description: Link-local IPv6 address of virtual router. type: str vrrp-virtual-mac6: choices: - disable - enable description: Enable/disable virtual MAC for VRRP. type: str vrrp6: description: Vrrp6. elements: dict suboptions: accept-mode: choices: - disable - enable description: Enable/disable accept mode. type: str adv-interval: description: Advertisement interval type: int preempt: choices: - disable - enable description: Enable/disable preempt mode. type: str priority: description: Priority of the virtual router type: int start-time: description: Startup time type: int status: choices: - disable - enable description: Enable/disable VRRP. type: str vrdst6: description: Monitor the route to this destination. type: str vrgrp: description: VRRP group ID type: int vrid: description: Virtual router identifier type: int vrip6: description: IPv6 address of the virtual router. type: str type: list type: dict secondary-IP: choices: - disable - enable description: Secondary-Ip. type: str secondaryip: description: Secondaryip. elements: dict suboptions: allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test description: Management access settings for the secondary IP address. elements: str type: list detectprotocol: choices: - ping - tcp-echo - udp-echo description: Protocols used to detect the server. elements: str type: list detectserver: description: Gateways ping server for this IP. type: str gwdetect: choices: - disable - enable description: Enable/disable detect gateway alive for first. type: str ha-priority: description: HA election priority for the PING server. type: int id: description: ID. type: int ip: description: Secondary IP address of the interface. type: str ping-serv-status: description: Ping-Serv-Status. type: int secip-relay-ip: description: DHCP relay IP address. type: str seq: description: Seq. type: int type: list vlanid: description: Vlanid. type: int vrrp: description: description elements: dict suboptions: accept-mode: choices: - disable - enable description: Enable/disable accept mode. type: str adv-interval: description: Advertisement interval type: int ignore-default-route: choices: - disable - enable description: Enable/disable ignoring of default route when checking destination. type: str preempt: choices: - disable - enable description: Enable/disable preempt mode. type: str priority: description: Priority of the virtual router type: int proxy-arp: description: description elements: dict suboptions: id: description: ID. type: int ip: description: Set IP addresses of proxy ARP. type: str type: list start-time: description: Startup time type: int status: choices: - disable - enable description: Enable/disable this VRRP configuration. type: str version: choices: - '2' - '3' description: VRRP version. type: str vrdst: description: description type: str vrdst-priority: description: Priority of the virtual router when the virtual router destination becomes unreachable type: int vrgrp: description: VRRP group ID type: int vrid: description: Virtual router identifier type: int vrip: description: IP address of the virtual router. type: str type: list type: dict type: list interface: description: no description required: false suboptions: ac-name: description: PPPoE server name. type: str aggregate: description: Aggregate. type: str aggregate-type: choices: - physical - vxlan description: Type of aggregation. type: str algorithm: choices: - L2 - L3 - L4 - LB - Source-MAC description: Frame distribution algorithm. type: str alias: description: Alias will be displayed with the interface name to make it easier to distinguish. type: str allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test description: Permitted types of management access to this interface. elements: str type: list ap-discover: choices: - disable - enable description: Enable/disable automatic registration of unknown FortiAP devices. type: str arpforward: choices: - disable - enable description: Enable/disable ARP forwarding. type: str atm-protocol: choices: - none - ipoa description: ATM protocol. type: str auth-cert: description: HTTPS server certificate. type: str auth-portal-addr: description: Address of captive portal. type: str auth-type: choices: - auto - pap - chap - mschapv1 - mschapv2 description: PPP authentication type to use. type: str auto-auth-extension-device: choices: - disable - enable description: Enable/disable automatic authorization of dedicated Fortinet extension device on this interface. type: str bandwidth-measure-time: description: Bandwidth measure time type: int bfd: choices: - global - enable - disable description: Bidirectional Forwarding Detection type: str bfd-desired-min-tx: description: BFD desired minimal transmit interval. type: int bfd-detect-mult: description: BFD detection multiplier. type: int bfd-required-min-rx: description: BFD required minimal receive interval. type: int broadcast-forticlient-discovery: choices: - disable - enable description: Enable/disable broadcasting FortiClient discovery messages. type: str broadcast-forward: choices: - disable - enable description: Enable/disable broadcast forwarding. type: str captive-portal: description: Enable/disable captive portal. type: int cli-conn-status: description: Cli-Conn-Status. type: int color: description: Color of icon on the GUI. type: int ddns: choices: - disable - enable description: Ddns. type: str ddns-auth: choices: - disable - tsig description: Ddns-Auth. type: str ddns-domain: description: Ddns-Domain. type: str ddns-key: description: Ddns-Key. type: str ddns-keyname: description: Ddns-Keyname. type: str ddns-password: description: Ddns-Password. type: str ddns-server: choices: - dhs.org - dyndns.org - dyns.net - tzo.com - ods.org - vavic.com - now.net.cn - dipdns.net - easydns.com - genericDDNS description: Ddns-Server. type: str ddns-server-ip: description: Ddns-Server-Ip. type: str ddns-sn: description: Ddns-Sn. type: str ddns-ttl: description: Ddns-Ttl. type: int ddns-username: description: Ddns-Username. type: str ddns-zone: description: Ddns-Zone. type: str dedicated-to: choices: - none - management description: Configure interface for single purpose. type: str default-purdue-level: choices: - '1' - '2' - '3' - '4' - '5' - '1.5' - '2.5' - '3.5' - '5.5' description: default purdue level of device detected on this interface. type: str defaultgw: choices: - disable - enable description: Enable to get the gateway IP from the DHCP or PPPoE server. type: str description: description: Description. type: str detected-peer-mtu: description: Detected-Peer-Mtu. type: int detectprotocol: choices: - ping - tcp-echo - udp-echo description: Protocols used to detect the server. elements: str type: list detectserver: description: Gateways ping server for this IP. type: str device-access-list: description: Device access list. type: str device-identification: choices: - disable - enable description: Enable/disable passively gathering of device identity information about the devices on the network connected to this in... type: str device-identification-active-scan: choices: - disable - enable description: Enable/disable active gathering of device identity information about the devices on the network connected to this inter... type: str device-netscan: choices: - disable - enable description: Enable/disable inclusion of devices detected on this interface in network vulnerability scans. type: str device-user-identification: choices: - disable - enable description: Enable/disable passive gathering of user identity information about users on this interface. type: str devindex: description: Devindex. type: int dhcp-broadcast-flag: choices: - disable - enable description: Enable/disable setting of the broadcast flag in messages sent by the DHCP client type: str dhcp-classless-route-addition: choices: - disable - enable description: Enable/disable addition of classless static routes retrieved from DHCP server. type: str dhcp-client-identifier: description: DHCP client identifier. type: str dhcp-relay-agent-option: choices: - disable - enable description: Enable/disable DHCP relay agent option. type: str dhcp-relay-interface: description: Specify outgoing interface to reach server. type: str dhcp-relay-interface-select-method: choices: - auto - sdwan - specify description: Specify how to select outgoing interface to reach server. type: str dhcp-relay-ip: description: DHCP relay IP address. type: str dhcp-relay-link-selection: description: DHCP relay link selection. type: str dhcp-relay-request-all-server: choices: - disable - enable description: Enable/disable sending of DHCP requests to all servers. type: str dhcp-relay-service: choices: - disable - enable description: Enable/disable allowing this interface to act as a DHCP relay. type: str dhcp-relay-type: choices: - regular - ipsec description: DHCP relay type type: str dhcp-renew-time: description: DHCP renew time in seconds type: int dhcp-smart-relay: choices: - disable - enable description: Enable/disable DHCP smart relay. type: str disc-retry-timeout: description: Time in seconds to wait before retrying to start a PPPoE discovery, 0 means no timeout. type: int disconnect-threshold: description: Time in milliseconds to wait before sending a notification that this interface is down or disconnected. type: int distance: description: Distance for routes learned through PPPoE or DHCP, lower distance indicates preferred route. type: int dns-query: choices: - disable - recursive - non-recursive description: Dns-Query. type: str dns-server-override: choices: - disable - enable description: Enable/disable use DNS acquired by DHCP or PPPoE. type: str dns-server-protocol: choices: - cleartext - dot - doh description: description elements: str type: list drop-fragment: choices: - disable - enable description: Enable/disable drop fragment packets. type: str drop-overlapped-fragment: choices: - disable - enable description: Enable/disable drop overlapped fragment packets. type: str eap-ca-cert: description: EAP CA certificate name. type: str eap-identity: description: EAP identity. type: str eap-method: choices: - tls - peap description: EAP method. type: str eap-password: description: description type: str eap-supplicant: choices: - disable - enable description: Enable/disable EAP-Supplicant. type: str eap-user-cert: description: EAP user certificate name. type: str egress-cos: choices: - disable - cos0 - cos1 - cos2 - cos3 - cos4 - cos5 - cos6 - cos7 description: Override outgoing CoS in user VLAN tag. type: str egress-shaping-profile: description: Outgoing traffic shaping profile. type: str eip: description: Eip. type: str endpoint-compliance: choices: - disable - enable description: Enable/disable endpoint compliance enforcement. type: str estimated-downstream-bandwidth: description: Estimated maximum downstream bandwidth type: int estimated-upstream-bandwidth: description: Estimated maximum upstream bandwidth type: int explicit-ftp-proxy: choices: - disable - enable description: Enable/disable the explicit FTP proxy on this interface. type: str explicit-web-proxy: choices: - disable - enable description: Enable/disable the explicit web proxy on this interface. type: str external: choices: - disable - enable description: Enable/disable identifying the interface as an external interface type: str fail-action-on-extender: choices: - soft-restart - hard-restart - reboot description: Action on extender when interface fail . type: str fail-alert-interfaces: description: Names of the FortiGate interfaces to which the link failure alert is sent. type: str fail-alert-method: choices: - link-failed-signal - link-down description: Select link-failed-signal or link-down method to alert about a failed link. type: str fail-detect: choices: - disable - enable description: Enable/disable fail detection features for this interface. type: str fail-detect-option: choices: - detectserver - link-down description: Options for detecting that this interface has failed. elements: str type: list fdp: choices: - disable - enable description: Fdp. type: str fortiheartbeat: choices: - disable - enable description: Enable/disable FortiHeartBeat type: str fortilink: choices: - disable - enable description: Enable FortiLink to dedicate this interface to manage other Fortinet devices. type: str fortilink-backup-link: description: Fortilink-Backup-Link. type: int fortilink-neighbor-detect: choices: - lldp - fortilink description: Protocol for FortiGate neighbor discovery. type: str fortilink-split-interface: choices: - disable - enable description: Enable/disable FortiLink split interface to connect member link to different FortiSwitch in stack for uplink redundancy. type: str fortilink-stacking: choices: - disable - enable description: Enable/disable FortiLink switch-stacking on this interface. type: str forward-domain: description: Transparent mode forward domain. type: int forward-error-correction: choices: - disable - enable - rs-fec - base-r-fec - fec-cl91 - fec-cl74 - rs-544 - none - cl91-rs-fec - cl74-fc-fec description: Enable/disable forward error correction type: str fp-anomaly: choices: - drop_tcp_fin_noack - pass_winnuke - pass_tcpland - pass_udpland - pass_icmpland - pass_ipland - pass_iprr - pass_ipssrr - pass_iplsrr - pass_ipstream - pass_ipsecurity - pass_iptimestamp - pass_ipunknown_option - pass_ipunknown_prot - pass_icmp_frag - pass_tcp_no_flag - pass_tcp_fin_noack - drop_winnuke - drop_tcpland - drop_udpland - drop_icmpland - drop_ipland - drop_iprr - drop_ipssrr - drop_iplsrr - drop_ipstream - drop_ipsecurity - drop_iptimestamp - drop_ipunknown_option - drop_ipunknown_prot - drop_icmp_frag - drop_tcp_no_flag description: Fp-Anomaly. elements: str type: list fp-disable: choices: - all - ipsec - none description: Fp-Disable. elements: str type: list gateway-address: description: Gateway address type: str generic-receive-offload: choices: - disable - enable description: no description type: str gi-gk: choices: - disable - enable description: Enable/disable Gi Gatekeeper. type: str gwaddr: description: Gateway address type: str gwdetect: choices: - disable - enable description: Enable/disable detect gateway alive for first. type: str ha-priority: description: HA election priority for the PING server. type: int icmp-accept-redirect: choices: - disable - enable description: Enable/disable ICMP accept redirect. type: str icmp-redirect: choices: - disable - enable description: Enable/disable ICMP redirect. type: str icmp-send-redirect: choices: - disable - enable description: Enable/disable sending of ICMP redirects. type: str ident-accept: choices: - disable - enable description: Enable/disable authentication for this interface. type: str idle-timeout: description: PPPoE auto disconnect after idle timeout seconds, 0 means no timeout. type: int if-mdix: choices: - auto - normal - crossover description: Interface MDIX mode type: str if-media: choices: - auto - copper - fiber description: Select interface media type type: str ike-saml-server: description: Configure IKE authentication SAML server. type: str in-force-vlan-cos: description: In-Force-Vlan-Cos. type: int inbandwidth: description: Bandwidth limit for incoming traffic type: int ingress-cos: choices: - disable - cos0 - cos1 - cos2 - cos3 - cos4 - cos5 - cos6 - cos7 description: Override incoming CoS in user VLAN tag on VLAN interface or assign a priority VLAN tag on physical interface. type: str ingress-shaping-profile: description: Incoming traffic shaping profile. type: str ingress-spillover-threshold: description: Ingress Spillover threshold type: int interconnect-profile: choices: - default - profile1 - profile2 description: Set interconnect profile. type: str internal: description: Implicitly created. type: int ip: description: Interface IPv4 address and subnet mask, syntax type: str ip-managed-by-fortiipam: choices: - disable - enable - inherit-global description: Enable/disable automatic IP address assignment of this interface by FortiIPAM. type: str ipmac: choices: - disable - enable description: Enable/disable IP/MAC binding. type: str ips-sniffer-mode: choices: - disable - enable description: Enable/disable the use of this interface as a one-armed sniffer. type: str ipunnumbered: description: Unnumbered IP used for PPPoE interfaces for which no unique local address is provided. type: str ipv6: description: no description required: false suboptions: autoconf: choices: - disable - enable description: Enable/disable address auto config. type: str cli-conn6-status: description: Cli-Conn6-Status. type: int dhcp6-client-options: choices: - rapid - iapd - iana - dns - dnsname description: Dhcp6-Client-Options. elements: str type: list dhcp6-information-request: choices: - disable - enable description: Enable/disable DHCPv6 information request. type: str dhcp6-prefix-delegation: choices: - disable - enable description: Enable/disable DHCPv6 prefix delegation. type: str dhcp6-prefix-hint: description: DHCPv6 prefix that will be used as a hint to the upstream DHCPv6 server. type: str dhcp6-prefix-hint-plt: description: DHCPv6 prefix hint preferred life time type: int dhcp6-prefix-hint-vlt: description: DHCPv6 prefix hint valid life time type: int dhcp6-relay-ip: description: DHCPv6 relay IP address. type: str dhcp6-relay-service: choices: - disable - enable description: Enable/disable DHCPv6 relay. type: str dhcp6-relay-source-interface: choices: - disable - enable description: Enable/disable use of address on this interface as the source address of the relay message. type: str dhcp6-relay-type: choices: - regular description: DHCPv6 relay type. type: str icmp6-send-redirect: choices: - disable - enable description: Enable/disable sending of ICMPv6 redirects. type: str interface-identifier: description: IPv6 interface identifier. type: str ip6-address: description: Primary IPv6 address prefix, syntax type: str ip6-allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - capwap - fabric description: Allow management access to the interface. elements: str type: list ip6-default-life: description: Default life type: int ip6-delegated-prefix-iaid: description: IAID of obtained delegated-prefix from the upstream interface. type: int ip6-delegated-prefix-list: description: Ip6-Delegated-Prefix-List. elements: dict suboptions: autonomous-flag: choices: - disable - enable description: Enable/disable the autonomous flag. type: str delegated-prefix-iaid: description: IAID of obtained delegated-prefix from the upstream interface. type: int onlink-flag: choices: - disable - enable description: Enable/disable the onlink flag. type: str prefix-id: description: Prefix ID. type: int rdnss: description: Recursive DNS server option. type: str rdnss-service: choices: - delegated - default - specify description: Recursive DNS service option. type: str subnet: description: Add subnet ID to routing prefix. type: str upstream-interface: description: Name of the interface that provides delegated information. type: str type: list ip6-dns-server-override: choices: - disable - enable description: Enable/disable using the DNS server acquired by DHCP. type: str ip6-extra-addr: description: Ip6-Extra-Addr. elements: dict suboptions: prefix: description: IPv6 address prefix. type: str type: list ip6-hop-limit: description: Hop limit type: int ip6-link-mtu: description: IPv6 link MTU. type: int ip6-manage-flag: choices: - disable - enable description: Enable/disable the managed flag. type: str ip6-max-interval: description: IPv6 maximum interval type: int ip6-min-interval: description: IPv6 minimum interval type: int ip6-mode: choices: - static - dhcp - pppoe - delegated description: Addressing mode type: str ip6-other-flag: choices: - disable - enable description: Enable/disable the other IPv6 flag. type: str ip6-prefix-list: description: Ip6-Prefix-List. elements: dict suboptions: autonomous-flag: choices: - disable - enable description: Enable/disable the autonomous flag. type: str dnssl: description: DNS search list option. type: str onlink-flag: choices: - disable - enable description: Enable/disable the onlink flag. type: str preferred-life-time: description: Preferred life time type: int prefix: description: IPv6 prefix. type: str rdnss: description: Recursive DNS server option. type: str valid-life-time: description: Valid life time type: int type: list ip6-prefix-mode: choices: - dhcp6 - ra description: Assigning a prefix from DHCP or RA. type: str ip6-reachable-time: description: IPv6 reachable time type: int ip6-retrans-time: description: IPv6 retransmit time type: int ip6-send-adv: choices: - disable - enable description: Enable/disable sending advertisements about the interface. type: str ip6-subnet: description: Subnet to routing prefix, syntax type: str ip6-upstream-interface: description: Interface name providing delegated information. type: str nd-cert: description: Neighbor discovery certificate. type: str nd-cga-modifier: description: Neighbor discovery CGA modifier. type: str nd-mode: choices: - basic - SEND-compatible description: Neighbor discovery mode. type: str nd-security-level: description: Neighbor discovery security level type: int nd-timestamp-delta: description: Neighbor discovery timestamp delta value type: int nd-timestamp-fuzz: description: Neighbor discovery timestamp fuzz factor type: int ra-send-mtu: choices: - disable - enable description: Enable/disable sending link MTU in RA packet. type: str unique-autoconf-addr: choices: - disable - enable description: Enable/disable unique auto config address. type: str vrip6_link_local: description: Link-local IPv6 address of virtual router. type: str vrrp-virtual-mac6: choices: - disable - enable description: Enable/disable virtual MAC for VRRP. type: str vrrp6: description: Vrrp6. elements: dict suboptions: accept-mode: choices: - disable - enable description: Enable/disable accept mode. type: str adv-interval: description: Advertisement interval type: int preempt: choices: - disable - enable description: Enable/disable preempt mode. type: str priority: description: Priority of the virtual router type: int start-time: description: Startup time type: int status: choices: - disable - enable description: Enable/disable VRRP. type: str vrdst6: description: Monitor the route to this destination. type: str vrgrp: description: VRRP group ID type: int vrid: description: Virtual router identifier type: int vrip6: description: IPv6 address of the virtual router. type: str type: list type: dict l2forward: choices: - disable - enable description: Enable/disable l2 forwarding. type: str l2tp-client: choices: - disable - enable description: Enable/disable this interface as a Layer 2 Tunnelling Protocol type: str lacp-ha-secondary: choices: - disable - enable description: no description type: str lacp-ha-slave: choices: - disable - enable description: LACP HA slave. type: str lacp-mode: choices: - static - passive - active description: LACP mode. type: str lacp-speed: choices: - slow - fast description: How often the interface sends LACP messages. type: str large-receive-offload: choices: - disable - enable description: no description type: str lcp-echo-interval: description: Time in seconds between PPPoE Link Control Protocol type: int lcp-max-echo-fails: description: Maximum missed LCP echo messages before disconnect. type: int link-up-delay: description: Number of milliseconds to wait before considering a link is up. type: int listen-forticlient-connection: choices: - disable - enable description: Listen-Forticlient-Connection. type: str lldp-network-policy: description: LLDP-MED network policy profile. type: str lldp-reception: choices: - disable - enable - vdom description: Enable/disable Link Layer Discovery Protocol type: str lldp-transmission: choices: - enable - disable - vdom description: Enable/disable Link Layer Discovery Protocol type: str log: choices: - disable - enable description: Log. type: str macaddr: description: Change the interfaces MAC address. type: str managed-subnetwork-size: choices: - '256' - '512' - '1024' - '2048' - '4096' - '8192' - '16384' - '32768' - '65536' - '32' - '64' - '128' description: Number of IP addresses to be allocated by FortiIPAM and used by this FortiGate units DHCP server settings. type: str management-ip: description: High Availability in-band management IP address of this interface. type: str max-egress-burst-rate: description: Max egress burst rate type: int max-egress-rate: description: Max egress rate type: int measured-downstream-bandwidth: description: Measured downstream bandwidth type: int measured-upstream-bandwidth: description: Measured upstream bandwidth type: int mediatype: choices: - serdes-sfp - sgmii-sfp - cfp2-sr10 - cfp2-lr4 - serdes-copper-sfp - sr - cr - lr - qsfp28-sr4 - qsfp28-lr4 - qsfp28-cr4 - sr4 - cr4 - lr4 - none - gmii - sgmii - sr2 - lr2 - cr2 - sr8 - lr8 - cr8 description: Select SFP media interface type type: str member: description: Physical interfaces that belong to the aggregate or redundant interface. type: str min-links: description: Minimum number of aggregated ports that must be up. type: int min-links-down: choices: - operational - administrative description: Action to take when less than the configured minimum number of links are active. type: str mode: choices: - static - dhcp - pppoe - pppoa - ipoa - eoa description: Addressing mode type: str monitor-bandwidth: choices: - disable - enable description: Enable monitoring bandwidth on this interface. type: str mtu: description: MTU value for this interface. type: int mtu-override: choices: - disable - enable description: Enable to set a custom MTU for this interface. type: str mux-type: choices: - llc-encaps - vc-encaps description: Multiplexer type type: str name: description: Name. type: str ndiscforward: choices: - disable - enable description: Enable/disable NDISC forwarding. type: str netbios-forward: choices: - disable - enable description: Enable/disable NETBIOS forwarding. type: str netflow-sampler: choices: - disable - tx - rx - both description: Enable/disable NetFlow on this interface and set the data that NetFlow collects type: str np-qos-profile: description: NP QoS profile ID. type: int npu-fastpath: choices: - disable - enable description: Npu-Fastpath. type: str nst: choices: - disable - enable description: Nst. type: str out-force-vlan-cos: description: Out-Force-Vlan-Cos. type: int outbandwidth: description: Bandwidth limit for outgoing traffic type: int padt-retry-timeout: description: PPPoE Active Discovery Terminate type: int password: description: PPPoE accounts password. type: str peer-interface: description: Peer-Interface. type: str phy-mode: choices: - auto - adsl - vdsl - adsl-auto - vdsl2 - adsl2+ - adsl2 - g.dmt - t1.413 - g.lite description: DSL physical mode. type: str ping-serv-status: description: Ping-Serv-Status. type: int poe: choices: - disable - enable description: Enable/disable PoE status. type: str polling-interval: description: sFlow polling interval type: int pppoe-unnumbered-negotiate: choices: - disable - enable description: Enable/disable PPPoE unnumbered negotiation. type: str pptp-auth-type: choices: - auto - pap - chap - mschapv1 - mschapv2 description: PPTP authentication type. type: str pptp-client: choices: - disable - enable description: Enable/disable PPTP client. type: str pptp-password: description: PPTP password. type: str pptp-server-ip: description: PPTP server IP address. type: str pptp-timeout: description: Idle timer in minutes type: int pptp-user: description: PPTP user name. type: str preserve-session-route: choices: - disable - enable description: Enable/disable preservation of session route when dirty. type: str priority: description: Priority of learned routes. type: int priority-override: choices: - disable - enable description: Enable/disable fail back to higher priority port once recovered. type: str proxy-captive-portal: choices: - disable - enable description: Enable/disable proxy captive portal on this interface. type: str pvc-atm-qos: choices: - cbr - rt-vbr - nrt-vbr description: SFP-DSL ADSL Fallback PVC ATM QoS. type: str pvc-chan: description: SFP-DSL ADSL Fallback PVC Channel. type: int pvc-crc: description: SFP-DSL ADSL Fallback PVC CRC Option type: int pvc-pcr: description: SFP-DSL ADSL Fallback PVC Packet Cell Rate in cells type: int pvc-scr: description: SFP-DSL ADSL Fallback PVC Sustainable Cell Rate in cells type: int pvc-vlan-id: description: SFP-DSL ADSL Fallback PVC VLAN ID. type: int pvc-vlan-rx-id: description: SFP-DSL ADSL Fallback PVC VLANID RX. type: int pvc-vlan-rx-op: choices: - pass-through - replace - remove description: SFP-DSL ADSL Fallback PVC VLAN RX op. type: str pvc-vlan-tx-id: description: SFP-DSL ADSL Fallback PVC VLAN ID TX. type: int pvc-vlan-tx-op: choices: - pass-through - replace - remove description: SFP-DSL ADSL Fallback PVC VLAN TX op. type: str reachable-time: description: IPv4 reachable time in milliseconds type: int redundant-interface: description: Redundant-Interface. type: str remote-ip: description: Remote IP address of tunnel. type: str replacemsg-override-group: description: Replacement message override group. type: str retransmission: choices: - disable - enable description: Enable/disable DSL retransmission. type: str ring-rx: description: RX ring size. type: int ring-tx: description: TX ring size. type: int role: choices: - lan - wan - dmz - undefined description: Interface role. type: str sample-direction: choices: - rx - tx - both description: Data that NetFlow collects type: str sample-rate: description: sFlow sample rate type: int scan-botnet-connections: choices: - disable - block - monitor description: Enable monitoring or blocking connections to Botnet servers through this interface. type: str secondary-IP: choices: - disable - enable description: Enable/disable adding a secondary IP to this interface. type: str secondaryip: description: Secondaryip. elements: dict suboptions: allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test description: Management access settings for the secondary IP address. elements: str type: list detectprotocol: choices: - ping - tcp-echo - udp-echo description: Protocols used to detect the server. elements: str type: list detectserver: description: Gateways ping server for this IP. type: str gwdetect: choices: - disable - enable description: Enable/disable detect gateway alive for first. type: str ha-priority: description: HA election priority for the PING server. type: int id: description: ID. type: int ip: description: Secondary IP address of the interface. type: str ping-serv-status: description: Ping-Serv-Status. type: int secip-relay-ip: description: DHCP relay IP address. type: str seq: description: Seq. type: int type: list security-8021x-dynamic-vlan-id: description: VLAN ID for virtual switch. type: int security-8021x-master: description: '802.' type: str security-8021x-mode: choices: - default - dynamic-vlan - fallback - slave description: '802.' type: str security-exempt-list: description: Name of security-exempt-list. type: str security-external-logout: description: URL of external authentication logout server. type: str security-external-web: description: URL of external authentication web server. type: str security-groups: description: User groups that can authenticate with the captive portal. type: str security-mac-auth-bypass: choices: - disable - enable - mac-auth-only description: Enable/disable MAC authentication bypass. type: str security-mode: choices: - none - captive-portal - 802.1X description: Turn on captive portal authentication for this interface. type: str security-redirect-url: description: URL redirection after disclaimer/authentication. type: str select-profile-30a-35b: choices: - 30A - 35B description: Select VDSL Profile 30a or 35b. type: str service-name: description: PPPoE service name. type: str sflow-sampler: choices: - disable - enable description: Enable/disable sFlow on this interface. type: str sfp-dsl: choices: - disable - enable description: Enable/disable SFP DSL. type: str sfp-dsl-adsl-fallback: choices: - disable - enable description: Enable/disable SFP DSL ADSL fallback. type: str sfp-dsl-autodetect: choices: - disable - enable description: Enable/disable SFP DSL MAC address autodetect. type: str sfp-dsl-mac: description: SFP DSL MAC address. type: str speed: choices: - auto - 10full - 10half - 100full - 100half - 1000full - 1000half - 10000full - 1000auto - 10000auto - 40000full - 100Gfull - 25000full - 40000auto - 25000auto - 100Gauto - 400Gfull - 400Gauto - 50000full - 2500auto - 5000auto - 50000auto - 200Gfull - 200Gauto - 100auto description: Interface speed. type: str spillover-threshold: description: Egress Spillover threshold type: int src-check: choices: - disable - enable description: Enable/disable source IP check. type: str status: choices: - down - up description: Bring the interface up or shut the interface down. type: str stp: choices: - disable - enable description: Enable/disable STP. type: str stp-ha-secondary: choices: - disable - enable - priority-adjust description: Control STP behaviour on HA secondary. type: str stp-ha-slave: choices: - disable - enable - priority-adjust description: Control STP behaviour on HA slave. type: str stpforward: choices: - disable - enable description: Enable/disable STP forwarding. type: str stpforward-mode: choices: - rpl-all-ext-id - rpl-bridge-ext-id - rpl-nothing description: Configure STP forwarding mode. type: str strip-priority-vlan-tag: choices: - disable - enable description: Strip-Priority-Vlan-Tag. type: str subst: choices: - disable - enable description: Enable to always send packets from this interface to a destination MAC address. type: str substitute-dst-mac: description: Destination MAC address that all packets are sent to from this interface. type: str sw-algorithm: choices: - l2 - l3 - eh description: Frame distribution algorithm for switch. type: str swc-first-create: description: Initial create for switch-controller VLANs. type: int swc-vlan: description: Swc-Vlan. type: int switch: description: Switch. type: str switch-controller-access-vlan: choices: - disable - enable description: Block FortiSwitch port-to-port traffic. type: str switch-controller-arp-inspection: choices: - disable - enable description: Enable/disable FortiSwitch ARP inspection. type: str switch-controller-auth: choices: - radius - usergroup description: Switch controller authentication. type: str switch-controller-dhcp-snooping: choices: - disable - enable description: Switch controller DHCP snooping. type: str switch-controller-dhcp-snooping-option82: choices: - disable - enable description: Switch controller DHCP snooping option82. type: str switch-controller-dhcp-snooping-verify-mac: choices: - disable - enable description: Switch controller DHCP snooping verify MAC. type: str switch-controller-dynamic: description: Integrated FortiLink settings for managed FortiSwitch. type: str switch-controller-feature: choices: - none - default-vlan - quarantine - sniffer - voice - camera - rspan - video - nac - nac-segment description: Interfaces purpose when assigning traffic type: str switch-controller-igmp-snooping: choices: - disable - enable description: Switch controller IGMP snooping. type: str switch-controller-igmp-snooping-fast-leave: choices: - disable - enable description: Switch controller IGMP snooping fast-leave. type: str switch-controller-igmp-snooping-proxy: choices: - disable - enable description: Switch controller IGMP snooping proxy. type: str switch-controller-iot-scanning: choices: - disable - enable description: Enable/disable managed FortiSwitch IoT scanning. type: str switch-controller-learning-limit: description: Limit the number of dynamic MAC addresses on this VLAN type: int switch-controller-mgmt-vlan: description: VLAN to use for FortiLink management purposes. type: int switch-controller-nac: description: Integrated NAC settings for managed FortiSwitch. type: str switch-controller-netflow-collect: choices: - disable - enable description: NetFlow collection and processing. type: str switch-controller-offloading: choices: - disable - enable description: no description type: str switch-controller-offloading-gw: choices: - disable - enable description: no description type: str switch-controller-offloading-ip: description: no description type: str switch-controller-radius-server: description: RADIUS server name for this FortiSwitch VLAN. type: str switch-controller-rspan-mode: choices: - disable - enable description: Stop Layer2 MAC learning and interception of BPDUs and other packets on this interface. type: str switch-controller-source-ip: choices: - outbound - fixed description: Source IP address used in FortiLink over L3 connections. type: str switch-controller-traffic-policy: description: Switch controller traffic policy for the VLAN. type: str system-id: description: Define a system ID for the aggregate interface. type: str system-id-type: choices: - auto - user description: Method in which system ID is generated. type: str tc-mode: choices: - ptm - atm description: DSL transfer mode. type: str tcp-mss: description: TCP maximum segment size. type: int trunk: choices: - disable - enable description: Enable/disable VLAN trunk. type: str trust-ip-1: description: Trusted host for dedicated management traffic type: str trust-ip-2: description: Trusted host for dedicated management traffic type: str trust-ip-3: description: Trusted host for dedicated management traffic type: str trust-ip6-1: description: Trusted IPv6 host for dedicated management traffic type: str trust-ip6-2: description: Trusted IPv6 host for dedicated management traffic type: str trust-ip6-3: description: Trusted IPv6 host for dedicated management traffic type: str type: choices: - physical - vlan - aggregate - redundant - tunnel - wireless - vdom-link - loopback - switch - hard-switch - hdlc - vap-switch - wl-mesh - fortilink - switch-vlan - fctrl-trunk - tdm - fext-wan - vxlan - emac-vlan - geneve - ssl - lan-extension description: Interface type. type: str username: description: Username of the PPPoE account, provided by your ISP. type: str vci: description: Virtual Channel ID type: int vectoring: choices: - disable - enable description: Enable/disable DSL vectoring. type: str vindex: description: Vindex. type: int vlan-id: description: Vlan ID type: int vlan-op-mode: choices: - tag - untag - passthrough description: Configure DSL 802. type: str vlan-protocol: choices: - 8021q - 8021ad description: Ethernet protocol of VLAN. type: str vlanforward: choices: - disable - enable description: Enable/disable traffic forwarding between VLANs on this interface. type: str vlanid: description: VLAN ID type: int vpi: description: Virtual Path ID type: int vrf: description: Virtual Routing Forwarding ID. type: int vrrp: description: Vrrp. elements: dict suboptions: accept-mode: choices: - disable - enable description: Enable/disable accept mode. type: str adv-interval: description: Advertisement interval type: int ignore-default-route: choices: - disable - enable description: Enable/disable ignoring of default route when checking destination. type: str preempt: choices: - disable - enable description: Enable/disable preempt mode. type: str priority: description: Priority of the virtual router type: int proxy-arp: description: description elements: dict suboptions: id: description: ID. type: int ip: description: Set IP addresses of proxy ARP. type: str type: list start-time: description: Startup time type: int status: choices: - disable - enable description: Enable/disable this VRRP configuration. type: str version: choices: - '2' - '3' description: VRRP version. type: str vrdst: description: Monitor the route to this destination. type: str vrdst-priority: description: Priority of the virtual router when the virtual router destination becomes unreachable type: int vrgrp: description: VRRP group ID type: int vrid: description: Virtual router identifier type: int vrip: description: IP address of the virtual router. type: str type: list vrrp-virtual-mac: choices: - disable - enable description: Enable/disable use of virtual MAC for VRRP. type: str wccp: choices: - disable - enable description: Enable/disable WCCP on this interface. type: str weight: description: Default weight for static routes type: int wifi-5g-threshold: description: Minimal signal strength to be considered as a good 5G AP. type: str wifi-acl: choices: - deny - allow description: Access control for MAC addresses in the MAC list. type: str wifi-ap-band: choices: - any - 5g-preferred - 5g-only description: How to select the AP to connect. type: str wifi-auth: choices: - PSK - RADIUS - radius - usergroup description: WiFi authentication. type: str wifi-auto-connect: choices: - disable - enable description: Enable/disable WiFi network auto connect. type: str wifi-auto-save: choices: - disable - enable description: Enable/disable WiFi network automatic save. type: str wifi-broadcast-ssid: choices: - disable - enable description: Enable/disable SSID broadcast in the beacon. type: str wifi-dns-server1: description: DNS server 1. type: str wifi-dns-server2: description: DNS server 2. type: str wifi-encrypt: choices: - TKIP - AES description: Data encryption. type: str wifi-fragment-threshold: description: WiFi fragment threshold type: int wifi-gateway: description: IPv4 default gateway IP address. type: str wifi-key: description: WiFi WEP Key. type: str wifi-keyindex: description: WEP key index type: int wifi-mac-filter: choices: - disable - enable description: Enable/disable MAC filter status. type: str wifi-passphrase: description: WiFi pre-shared key for WPA. type: str wifi-radius-server: description: WiFi RADIUS server for WPA. type: str wifi-rts-threshold: description: WiFi RTS threshold type: int wifi-security: choices: - None - WEP64 - wep64 - WEP128 - wep128 - WPA_PSK - WPA_RADIUS - WPA - WPA2 - WPA2_AUTO - open - wpa-personal - wpa-enterprise - wpa-only-personal - wpa-only-enterprise - wpa2-only-personal - wpa2-only-enterprise description: Wireless access security of SSID. type: str wifi-ssid: description: IEEE 802. type: str wifi-usergroup: description: WiFi user group for WPA. type: str wins-ip: description: WINS server IP. type: str type: dict name: description: Name. type: str portal-message-override-group: description: no description type: str radius-server: description: no description type: str security: choices: - open - captive-portal - 8021x description: no description type: str selected-usergroups: description: no description type: str usergroup: description: no description type: str vdom: description: Vdom. type: str vlanid: description: Vlanid. type: int type: dict rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list