drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_fsp_vlan_interface Configure interfaces. | "added in version" 2.0.0 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_fsp_vlan_interface (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: Configure interfaces. fmgr_fsp_vlan_interface: bypass_validation: False workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 rc_succeeded: [0, -2, -3, ...] rc_failed: [-2, -3, ...] adom: <your own value> vlan: <your own value> fsp_vlan_interface: ac-name: <value of string> aggregate: <value of string> algorithm: <value in [L2, L3, L4, ...]> alias: <value of string> allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test ap-discover: <value in [disable, enable]> arpforward: <value in [disable, enable]> atm-protocol: <value in [none, ipoa]> auth-type: <value in [auto, pap, chap, ...]> auto-auth-extension-device: <value in [disable, enable]> bfd: <value in [global, enable, disable]> bfd-desired-min-tx: <value of integer> bfd-detect-mult: <value of integer> bfd-required-min-rx: <value of integer> broadcast-forticlient-discovery: <value in [disable, enable]> broadcast-forward: <value in [disable, enable]> captive-portal: <value of integer> cli-conn-status: <value of integer> color: <value of integer> ddns: <value in [disable, enable]> ddns-auth: <value in [disable, tsig]> ddns-domain: <value of string> ddns-key: <value of string> ddns-keyname: <value of string> ddns-password: <value of string> ddns-server: <value in [dhs.org, dyndns.org, dyns.net, ...]> ddns-server-ip: <value of string> ddns-sn: <value of string> ddns-ttl: <value of integer> ddns-username: <value of string> ddns-zone: <value of string> dedicated-to: <value in [none, management]> defaultgw: <value in [disable, enable]> description: <value of string> detected-peer-mtu: <value of integer> detectprotocol: - ping - tcp-echo - udp-echo detectserver: <value of string> device-access-list: <value of string> device-identification: <value in [disable, enable]> device-identification-active-scan: <value in [disable, enable]> device-netscan: <value in [disable, enable]> device-user-identification: <value in [disable, enable]> devindex: <value of integer> dhcp-client-identifier: <value of string> dhcp-relay-agent-option: <value in [disable, enable]> dhcp-relay-ip: <value of string> dhcp-relay-service: <value in [disable, enable]> dhcp-relay-type: <value in [regular, ipsec]> dhcp-renew-time: <value of integer> disc-retry-timeout: <value of integer> disconnect-threshold: <value of integer> distance: <value of integer> dns-query: <value in [disable, recursive, non-recursive]> dns-server-override: <value in [disable, enable]> drop-fragment: <value in [disable, enable]> drop-overlapped-fragment: <value in [disable, enable]> egress-cos: <value in [disable, cos0, cos1, ...]> egress-shaping-profile: <value of string> endpoint-compliance: <value in [disable, enable]> estimated-downstream-bandwidth: <value of integer> estimated-upstream-bandwidth: <value of integer> explicit-ftp-proxy: <value in [disable, enable]> explicit-web-proxy: <value in [disable, enable]> external: <value in [disable, enable]> fail-action-on-extender: <value in [soft-restart, hard-restart, reboot]> fail-alert-interfaces: <value of string> fail-alert-method: <value in [link-failed-signal, link-down]> fail-detect: <value in [disable, enable]> fail-detect-option: - detectserver - link-down fdp: <value in [disable, enable]> fortiheartbeat: <value in [disable, enable]> fortilink: <value in [disable, enable]> fortilink-backup-link: <value of integer> fortilink-split-interface: <value in [disable, enable]> fortilink-stacking: <value in [disable, enable]> forward-domain: <value of integer> forward-error-correction: <value in [disable, enable, rs-fec, ...]> fp-anomaly: - drop_tcp_fin_noack - pass_winnuke - pass_tcpland - pass_udpland - pass_icmpland - pass_ipland - pass_iprr - pass_ipssrr - pass_iplsrr - pass_ipstream - pass_ipsecurity - pass_iptimestamp - pass_ipunknown_option - pass_ipunknown_prot - pass_icmp_frag - pass_tcp_no_flag - pass_tcp_fin_noack - drop_winnuke - drop_tcpland - drop_udpland - drop_icmpland - drop_ipland - drop_iprr - drop_ipssrr - drop_iplsrr - drop_ipstream - drop_ipsecurity - drop_iptimestamp - drop_ipunknown_option - drop_ipunknown_prot - drop_icmp_frag - drop_tcp_no_flag fp-disable: - all - ipsec - none gateway-address: <value of string> gi-gk: <value in [disable, enable]> gwaddr: <value of string> gwdetect: <value in [disable, enable]> ha-priority: <value of integer> icmp-accept-redirect: <value in [disable, enable]> icmp-redirect: <value in [disable, enable]> icmp-send-redirect: <value in [disable, enable]> ident-accept: <value in [disable, enable]> idle-timeout: <value of integer> if-mdix: <value in [auto, normal, crossover]> if-media: <value in [auto, copper, fiber]> in-force-vlan-cos: <value of integer> inbandwidth: <value of integer> ingress-cos: <value in [disable, cos0, cos1, ...]> ingress-spillover-threshold: <value of integer> internal: <value of integer> ip: <value of string> ipmac: <value in [disable, enable]> ips-sniffer-mode: <value in [disable, enable]> ipunnumbered: <value of string> ipv6: autoconf: <value in [disable, enable]> dhcp6-client-options: - rapid - iapd - iana - dns - dnsname dhcp6-information-request: <value in [disable, enable]> dhcp6-prefix-delegation: <value in [disable, enable]> dhcp6-prefix-hint: <value of string> dhcp6-prefix-hint-plt: <value of integer> dhcp6-prefix-hint-vlt: <value of integer> dhcp6-relay-ip: <value of string> dhcp6-relay-service: <value in [disable, enable]> dhcp6-relay-type: <value in [regular]> ip6-address: <value of string> ip6-allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - capwap - fabric ip6-default-life: <value of integer> ip6-dns-server-override: <value in [disable, enable]> ip6-hop-limit: <value of integer> ip6-link-mtu: <value of integer> ip6-manage-flag: <value in [disable, enable]> ip6-max-interval: <value of integer> ip6-min-interval: <value of integer> ip6-mode: <value in [static, dhcp, pppoe, ...]> ip6-other-flag: <value in [disable, enable]> ip6-reachable-time: <value of integer> ip6-retrans-time: <value of integer> ip6-send-adv: <value in [disable, enable]> ip6-subnet: <value of string> ip6-upstream-interface: <value of string> nd-cert: <value of string> nd-cga-modifier: <value of string> nd-mode: <value in [basic, SEND-compatible]> nd-security-level: <value of integer> nd-timestamp-delta: <value of integer> nd-timestamp-fuzz: <value of integer> vrip6_link_local: <value of string> vrrp-virtual-mac6: <value in [disable, enable]> ip6-delegated-prefix-list: - autonomous-flag: <value in [disable, enable]> onlink-flag: <value in [disable, enable]> prefix-id: <value of integer> rdnss: <value of string> rdnss-service: <value in [delegated, default, specify]> subnet: <value of string> upstream-interface: <value of string> delegated-prefix-iaid: <value of integer> ip6-extra-addr: - prefix: <value of string> ip6-prefix-list: - autonomous-flag: <value in [disable, enable]> dnssl: <value of string> onlink-flag: <value in [disable, enable]> preferred-life-time: <value of integer> prefix: <value of string> rdnss: <value of string> valid-life-time: <value of integer> vrrp6: - accept-mode: <value in [disable, enable]> adv-interval: <value of integer> preempt: <value in [disable, enable]> priority: <value of integer> start-time: <value of integer> status: <value in [disable, enable]> vrdst6: <value of string> vrgrp: <value of integer> vrid: <value of integer> vrip6: <value of string> interface-identifier: <value of string> unique-autoconf-addr: <value in [disable, enable]> icmp6-send-redirect: <value in [disable, enable]> cli-conn6-status: <value of integer> ip6-prefix-mode: <value in [dhcp6, ra]> ra-send-mtu: <value in [disable, enable]> ip6-delegated-prefix-iaid: <value of integer> dhcp6-relay-source-interface: <value in [disable, enable]> l2forward: <value in [disable, enable]> l2tp-client: <value in [disable, enable]> lacp-ha-slave: <value in [disable, enable]> lacp-mode: <value in [static, passive, active]> lacp-speed: <value in [slow, fast]> lcp-echo-interval: <value of integer> lcp-max-echo-fails: <value of integer> link-up-delay: <value of integer> listen-forticlient-connection: <value in [disable, enable]> lldp-network-policy: <value of string> lldp-reception: <value in [disable, enable, vdom]> lldp-transmission: <value in [enable, disable, vdom]> log: <value in [disable, enable]> macaddr: <value of string> management-ip: <value of string> max-egress-burst-rate: <value of integer> max-egress-rate: <value of integer> mediatype: <value in [serdes-sfp, sgmii-sfp, cfp2-sr10, ...]> member: <value of string> min-links: <value of integer> min-links-down: <value in [operational, administrative]> mode: <value in [static, dhcp, pppoe, ...]> mtu: <value of integer> mtu-override: <value in [disable, enable]> mux-type: <value in [llc-encaps, vc-encaps]> name: <value of string> ndiscforward: <value in [disable, enable]> netbios-forward: <value in [disable, enable]> netflow-sampler: <value in [disable, tx, rx, ...]> npu-fastpath: <value in [disable, enable]> nst: <value in [disable, enable]> out-force-vlan-cos: <value of integer> outbandwidth: <value of integer> padt-retry-timeout: <value of integer> password: <value of string> peer-interface: <value of string> phy-mode: <value in [auto, adsl, vdsl, ...]> ping-serv-status: <value of integer> poe: <value in [disable, enable]> polling-interval: <value of integer> pppoe-unnumbered-negotiate: <value in [disable, enable]> pptp-auth-type: <value in [auto, pap, chap, ...]> pptp-client: <value in [disable, enable]> pptp-password: <value of string> pptp-server-ip: <value of string> pptp-timeout: <value of integer> pptp-user: <value of string> preserve-session-route: <value in [disable, enable]> priority: <value of integer> priority-override: <value in [disable, enable]> proxy-captive-portal: <value in [disable, enable]> redundant-interface: <value of string> remote-ip: <value of string> replacemsg-override-group: <value of string> retransmission: <value in [disable, enable]> role: <value in [lan, wan, dmz, ...]> sample-direction: <value in [rx, tx, both]> sample-rate: <value of integer> scan-botnet-connections: <value in [disable, block, monitor]> secondary-IP: <value in [disable, enable]> secondaryip: - allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test detectprotocol: - ping - tcp-echo - udp-echo detectserver: <value of string> gwdetect: <value in [disable, enable]> ha-priority: <value of integer> id: <value of integer> ip: <value of string> ping-serv-status: <value of integer> seq: <value of integer> secip-relay-ip: <value of string> security-8021x-dynamic-vlan-id: <value of integer> security-8021x-master: <value of string> security-8021x-mode: <value in [default, dynamic-vlan, fallback, ...]> security-exempt-list: <value of string> security-external-logout: <value of string> security-external-web: <value of string> security-groups: <value of string> security-mac-auth-bypass: <value in [disable, enable, mac-auth-only]> security-mode: <value in [none, captive-portal, 802.1X]> security-redirect-url: <value of string> service-name: <value of string> sflow-sampler: <value in [disable, enable]> speed: <value in [auto, 10full, 10half, ...]> spillover-threshold: <value of integer> src-check: <value in [disable, enable]> status: <value in [down, up]> stp: <value in [disable, enable]> stp-ha-slave: <value in [disable, enable, priority-adjust]> stpforward: <value in [disable, enable]> stpforward-mode: <value in [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]> strip-priority-vlan-tag: <value in [disable, enable]> subst: <value in [disable, enable]> substitute-dst-mac: <value of string> switch: <value of string> switch-controller-access-vlan: <value in [disable, enable]> switch-controller-arp-inspection: <value in [disable, enable]> switch-controller-auth: <value in [radius, usergroup]> switch-controller-dhcp-snooping: <value in [disable, enable]> switch-controller-dhcp-snooping-option82: <value in [disable, enable]> switch-controller-dhcp-snooping-verify-mac: <value in [disable, enable]> switch-controller-igmp-snooping: <value in [disable, enable]> switch-controller-learning-limit: <value of integer> switch-controller-radius-server: <value of string> switch-controller-traffic-policy: <value of string> tc-mode: <value in [ptm, atm]> tcp-mss: <value of integer> trunk: <value in [disable, enable]> trust-ip-1: <value of string> trust-ip-2: <value of string> trust-ip-3: <value of string> trust-ip6-1: <value of string> trust-ip6-2: <value of string> trust-ip6-3: <value of string> type: <value in [physical, vlan, aggregate, ...]> username: <value of string> vci: <value of integer> vectoring: <value in [disable, enable]> vindex: <value of integer> vlanforward: <value in [disable, enable]> vlanid: <value of integer> vpi: <value of integer> vrf: <value of integer> vrrp: - accept-mode: <value in [disable, enable]> adv-interval: <value of integer> ignore-default-route: <value in [disable, enable]> preempt: <value in [disable, enable]> priority: <value of integer> start-time: <value of integer> status: <value in [disable, enable]> version: <value in [2, 3]> vrdst: <value of string> vrdst-priority: <value of integer> vrgrp: <value of integer> vrid: <value of integer> vrip: <value of string> proxy-arp: - id: <value of integer> ip: <value of string> vrrp-virtual-mac: <value in [disable, enable]> wccp: <value in [disable, enable]> weight: <value of integer> wifi-5g-threshold: <value of string> wifi-acl: <value in [deny, allow]> wifi-ap-band: <value in [any, 5g-preferred, 5g-only]> wifi-auth: <value in [PSK, RADIUS, radius, ...]> wifi-auto-connect: <value in [disable, enable]> wifi-auto-save: <value in [disable, enable]> wifi-broadcast-ssid: <value in [disable, enable]> wifi-encrypt: <value in [TKIP, AES]> wifi-fragment-threshold: <value of integer> wifi-key: <value of string> wifi-keyindex: <value of integer> wifi-mac-filter: <value in [disable, enable]> wifi-passphrase: <value of string> wifi-radius-server: <value of string> wifi-rts-threshold: <value of integer> wifi-security: <value in [None, WEP64, wep64, ...]> wifi-ssid: <value of string> wifi-usergroup: <value of string> wins-ip: <value of string> eip: <value of string> fortilink-neighbor-detect: <value in [lldp, fortilink]> ingress-shaping-profile: <value of string> ring-rx: <value of integer> ring-tx: <value of integer> switch-controller-igmp-snooping-fast-leave: <value in [disable, enable]> switch-controller-igmp-snooping-proxy: <value in [disable, enable]> switch-controller-rspan-mode: <value in [disable, enable]> bandwidth-measure-time: <value of integer> ip-managed-by-fortiipam: <value in [disable, enable, inherit-global]> managed-subnetwork-size: <value in [256, 512, 1024, ...]> measured-downstream-bandwidth: <value of integer> measured-upstream-bandwidth: <value of integer> monitor-bandwidth: <value in [disable, enable]> swc-vlan: <value of integer> switch-controller-feature: <value in [none, default-vlan, quarantine, ...]> switch-controller-mgmt-vlan: <value of integer> switch-controller-nac: <value of string> vlan-protocol: <value in [8021q, 8021ad]> dhcp-relay-interface: <value of string> dhcp-relay-interface-select-method: <value in [auto, sdwan, specify]> np-qos-profile: <value of integer> swc-first-create: <value of integer> switch-controller-iot-scanning: <value in [disable, enable]> switch-controller-source-ip: <value in [outbound, fixed]> dhcp-relay-request-all-server: <value in [disable, enable]> stp-ha-secondary: <value in [disable, enable, priority-adjust]> switch-controller-dynamic: <value of string> auth-cert: <value of string> auth-portal-addr: <value of string> dhcp-classless-route-addition: <value in [disable, enable]> dhcp-relay-link-selection: <value of string> dns-server-protocol: - cleartext - dot - doh eap-ca-cert: <value of string> eap-identity: <value of string> eap-method: <value in [tls, peap]> eap-password: <value of string> eap-supplicant: <value in [disable, enable]> eap-user-cert: <value of string> ike-saml-server: <value of string> lacp-ha-secondary: <value in [disable, enable]> pvc-atm-qos: <value in [cbr, rt-vbr, nrt-vbr]> pvc-chan: <value of integer> pvc-crc: <value of integer> pvc-pcr: <value of integer> pvc-scr: <value of integer> pvc-vlan-id: <value of integer> pvc-vlan-rx-id: <value of integer> pvc-vlan-rx-op: <value in [pass-through, replace, remove]> pvc-vlan-tx-id: <value of integer> pvc-vlan-tx-op: <value in [pass-through, replace, remove]> reachable-time: <value of integer> select-profile-30a-35b: <value in [30A, 35B]> sfp-dsl: <value in [disable, enable]> sfp-dsl-adsl-fallback: <value in [disable, enable]> sfp-dsl-autodetect: <value in [disable, enable]> sfp-dsl-mac: <value of string> sw-algorithm: <value in [l2, l3, eh]> system-id: <value of string> system-id-type: <value in [auto, user]> vlan-id: <value of integer> vlan-op-mode: <value in [tag, untag, passthrough]> generic-receive-offload: <value in [disable, enable]> interconnect-profile: <value in [default, profile1, profile2]> large-receive-offload: <value in [disable, enable]> aggregate-type: <value in [physical, vxlan]> switch-controller-netflow-collect: <value in [disable, enable]> wifi-dns-server1: <value of string> wifi-dns-server2: <value of string> wifi-gateway: <value of string> default-purdue-level: <value in [1, 2, 3, ...]> dhcp-broadcast-flag: <value in [disable, enable]> dhcp-smart-relay: <value in [disable, enable]> switch-controller-offloading: <value in [disable, enable]> switch-controller-offloading-gw: <value in [disable, enable]> switch-controller-offloading-ip: <value of string>
adom: description: the parameter (adom) in requested url required: true type: str vlan: description: the parameter (vlan) in requested url required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool fsp_vlan_interface: description: the top level parameters set required: false suboptions: ac-name: description: no description type: str aggregate: description: no description type: str aggregate-type: choices: - physical - vxlan description: Type of aggregation. type: str algorithm: choices: - L2 - L3 - L4 - LB - Source-MAC description: no description type: str alias: description: no description type: str allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test description: description elements: str type: list ap-discover: choices: - disable - enable description: no description type: str arpforward: choices: - disable - enable description: no description type: str atm-protocol: choices: - none - ipoa description: no description type: str auth-cert: description: HTTPS server certificate. type: str auth-portal-addr: description: Address of captive portal. type: str auth-type: choices: - auto - pap - chap - mschapv1 - mschapv2 description: no description type: str auto-auth-extension-device: choices: - disable - enable description: no description type: str bandwidth-measure-time: description: no description type: int bfd: choices: - global - enable - disable description: no description type: str bfd-desired-min-tx: description: no description type: int bfd-detect-mult: description: no description type: int bfd-required-min-rx: description: no description type: int broadcast-forticlient-discovery: choices: - disable - enable description: no description type: str broadcast-forward: choices: - disable - enable description: no description type: str captive-portal: description: no description type: int cli-conn-status: description: no description type: int color: description: no description type: int ddns: choices: - disable - enable description: no description type: str ddns-auth: choices: - disable - tsig description: no description type: str ddns-domain: description: no description type: str ddns-key: description: no description type: str ddns-keyname: description: no description type: str ddns-password: description: description type: str ddns-server: choices: - dhs.org - dyndns.org - dyns.net - tzo.com - ods.org - vavic.com - now.net.cn - dipdns.net - easydns.com - genericDDNS description: no description type: str ddns-server-ip: description: no description type: str ddns-sn: description: no description type: str ddns-ttl: description: no description type: int ddns-username: description: no description type: str ddns-zone: description: no description type: str dedicated-to: choices: - none - management description: no description type: str default-purdue-level: choices: - '1' - '2' - '3' - '4' - '5' - '1.5' - '2.5' - '3.5' - '5.5' description: default purdue level of device detected on this interface. type: str defaultgw: choices: - disable - enable description: no description type: str description: description: no description type: str detected-peer-mtu: description: no description type: int detectprotocol: choices: - ping - tcp-echo - udp-echo description: description elements: str type: list detectserver: description: no description type: str device-access-list: description: no description type: str device-identification: choices: - disable - enable description: no description type: str device-identification-active-scan: choices: - disable - enable description: no description type: str device-netscan: choices: - disable - enable description: no description type: str device-user-identification: choices: - disable - enable description: no description type: str devindex: description: no description type: int dhcp-broadcast-flag: choices: - disable - enable description: Enable/disable setting of the broadcast flag in messages sent by the DHCP client type: str dhcp-classless-route-addition: choices: - disable - enable description: Enable/disable addition of classless static routes retrieved from DHCP server. type: str dhcp-client-identifier: description: no description type: str dhcp-relay-agent-option: choices: - disable - enable description: no description type: str dhcp-relay-interface: description: no description type: str dhcp-relay-interface-select-method: choices: - auto - sdwan - specify description: no description type: str dhcp-relay-ip: description: description type: str dhcp-relay-link-selection: description: DHCP relay link selection. type: str dhcp-relay-request-all-server: choices: - disable - enable description: Enable/disable sending of DHCP requests to all servers. type: str dhcp-relay-service: choices: - disable - enable description: no description type: str dhcp-relay-type: choices: - regular - ipsec description: no description type: str dhcp-renew-time: description: no description type: int dhcp-smart-relay: choices: - disable - enable description: Enable/disable DHCP smart relay. type: str disc-retry-timeout: description: no description type: int disconnect-threshold: description: no description type: int distance: description: no description type: int dns-query: choices: - disable - recursive - non-recursive description: no description type: str dns-server-override: choices: - disable - enable description: no description type: str dns-server-protocol: choices: - cleartext - dot - doh description: description elements: str type: list drop-fragment: choices: - disable - enable description: no description type: str drop-overlapped-fragment: choices: - disable - enable description: no description type: str eap-ca-cert: description: EAP CA certificate name. type: str eap-identity: description: EAP identity. type: str eap-method: choices: - tls - peap description: EAP method. type: str eap-password: description: description type: str eap-supplicant: choices: - disable - enable description: Enable/disable EAP-Supplicant. type: str eap-user-cert: description: EAP user certificate name. type: str egress-cos: choices: - disable - cos0 - cos1 - cos2 - cos3 - cos4 - cos5 - cos6 - cos7 description: no description type: str egress-shaping-profile: description: no description type: str eip: description: no description type: str endpoint-compliance: choices: - disable - enable description: no description type: str estimated-downstream-bandwidth: description: no description type: int estimated-upstream-bandwidth: description: no description type: int explicit-ftp-proxy: choices: - disable - enable description: no description type: str explicit-web-proxy: choices: - disable - enable description: no description type: str external: choices: - disable - enable description: no description type: str fail-action-on-extender: choices: - soft-restart - hard-restart - reboot description: no description type: str fail-alert-interfaces: description: no description type: str fail-alert-method: choices: - link-failed-signal - link-down description: no description type: str fail-detect: choices: - disable - enable description: no description type: str fail-detect-option: choices: - detectserver - link-down description: description elements: str type: list fdp: choices: - disable - enable description: no description type: str fortiheartbeat: choices: - disable - enable description: no description type: str fortilink: choices: - disable - enable description: no description type: str fortilink-backup-link: description: no description type: int fortilink-neighbor-detect: choices: - lldp - fortilink description: no description type: str fortilink-split-interface: choices: - disable - enable description: no description type: str fortilink-stacking: choices: - disable - enable description: no description type: str forward-domain: description: no description type: int forward-error-correction: choices: - disable - enable - rs-fec - base-r-fec - fec-cl91 - fec-cl74 - rs-544 - none - cl91-rs-fec - cl74-fc-fec description: no description type: str fp-anomaly: choices: - drop_tcp_fin_noack - pass_winnuke - pass_tcpland - pass_udpland - pass_icmpland - pass_ipland - pass_iprr - pass_ipssrr - pass_iplsrr - pass_ipstream - pass_ipsecurity - pass_iptimestamp - pass_ipunknown_option - pass_ipunknown_prot - pass_icmp_frag - pass_tcp_no_flag - pass_tcp_fin_noack - drop_winnuke - drop_tcpland - drop_udpland - drop_icmpland - drop_ipland - drop_iprr - drop_ipssrr - drop_iplsrr - drop_ipstream - drop_ipsecurity - drop_iptimestamp - drop_ipunknown_option - drop_ipunknown_prot - drop_icmp_frag - drop_tcp_no_flag description: description elements: str type: list fp-disable: choices: - all - ipsec - none description: description elements: str type: list gateway-address: description: no description type: str generic-receive-offload: choices: - disable - enable description: no description type: str gi-gk: choices: - disable - enable description: no description type: str gwaddr: description: no description type: str gwdetect: choices: - disable - enable description: no description type: str ha-priority: description: no description type: int icmp-accept-redirect: choices: - disable - enable description: no description type: str icmp-redirect: choices: - disable - enable description: no description type: str icmp-send-redirect: choices: - disable - enable description: no description type: str ident-accept: choices: - disable - enable description: no description type: str idle-timeout: description: no description type: int if-mdix: choices: - auto - normal - crossover description: no description type: str if-media: choices: - auto - copper - fiber description: no description type: str ike-saml-server: description: Configure IKE authentication SAML server. type: str in-force-vlan-cos: description: no description type: int inbandwidth: description: no description type: int ingress-cos: choices: - disable - cos0 - cos1 - cos2 - cos3 - cos4 - cos5 - cos6 - cos7 description: no description type: str ingress-shaping-profile: description: no description type: str ingress-spillover-threshold: description: no description type: int interconnect-profile: choices: - default - profile1 - profile2 description: Set interconnect profile. type: str internal: description: no description type: int ip: description: no description type: str ip-managed-by-fortiipam: choices: - disable - enable - inherit-global description: no description type: str ipmac: choices: - disable - enable description: no description type: str ips-sniffer-mode: choices: - disable - enable description: no description type: str ipunnumbered: description: no description type: str ipv6: description: no description required: false suboptions: autoconf: choices: - disable - enable description: no description type: str cli-conn6-status: description: no description type: int dhcp6-client-options: choices: - rapid - iapd - iana - dns - dnsname description: description elements: str type: list dhcp6-information-request: choices: - disable - enable description: no description type: str dhcp6-prefix-delegation: choices: - disable - enable description: no description type: str dhcp6-prefix-hint: description: no description type: str dhcp6-prefix-hint-plt: description: no description type: int dhcp6-prefix-hint-vlt: description: no description type: int dhcp6-relay-ip: description: no description type: str dhcp6-relay-service: choices: - disable - enable description: no description type: str dhcp6-relay-source-interface: choices: - disable - enable description: Enable/disable use of address on this interface as the source address of the relay message. type: str dhcp6-relay-type: choices: - regular description: no description type: str icmp6-send-redirect: choices: - disable - enable description: Enable/disable sending of ICMPv6 redirects. type: str interface-identifier: description: no description type: str ip6-address: description: no description type: str ip6-allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - capwap - fabric description: description elements: str type: list ip6-default-life: description: no description type: int ip6-delegated-prefix-iaid: description: IAID of obtained delegated-prefix from the upstream interface. type: int ip6-delegated-prefix-list: description: description elements: dict suboptions: autonomous-flag: choices: - disable - enable description: no description type: str delegated-prefix-iaid: description: IAID of obtained delegated-prefix from the upstream interface. type: int onlink-flag: choices: - disable - enable description: no description type: str prefix-id: description: no description type: int rdnss: description: description type: str rdnss-service: choices: - delegated - default - specify description: no description type: str subnet: description: no description type: str upstream-interface: description: no description type: str type: list ip6-dns-server-override: choices: - disable - enable description: no description type: str ip6-extra-addr: description: description elements: dict suboptions: prefix: description: no description type: str type: list ip6-hop-limit: description: no description type: int ip6-link-mtu: description: no description type: int ip6-manage-flag: choices: - disable - enable description: no description type: str ip6-max-interval: description: no description type: int ip6-min-interval: description: no description type: int ip6-mode: choices: - static - dhcp - pppoe - delegated description: no description type: str ip6-other-flag: choices: - disable - enable description: no description type: str ip6-prefix-list: description: description elements: dict suboptions: autonomous-flag: choices: - disable - enable description: no description type: str dnssl: description: description type: str onlink-flag: choices: - disable - enable description: no description type: str preferred-life-time: description: no description type: int prefix: description: no description type: str rdnss: description: description type: str valid-life-time: description: no description type: int type: list ip6-prefix-mode: choices: - dhcp6 - ra description: Assigning a prefix from DHCP or RA. type: str ip6-reachable-time: description: no description type: int ip6-retrans-time: description: no description type: int ip6-send-adv: choices: - disable - enable description: no description type: str ip6-subnet: description: no description type: str ip6-upstream-interface: description: no description type: str nd-cert: description: no description type: str nd-cga-modifier: description: no description type: str nd-mode: choices: - basic - SEND-compatible description: no description type: str nd-security-level: description: no description type: int nd-timestamp-delta: description: no description type: int nd-timestamp-fuzz: description: no description type: int ra-send-mtu: choices: - disable - enable description: Enable/disable sending link MTU in RA packet. type: str unique-autoconf-addr: choices: - disable - enable description: no description type: str vrip6_link_local: description: no description type: str vrrp-virtual-mac6: choices: - disable - enable description: no description type: str vrrp6: description: description elements: dict suboptions: accept-mode: choices: - disable - enable description: no description type: str adv-interval: description: no description type: int preempt: choices: - disable - enable description: no description type: str priority: description: no description type: int start-time: description: no description type: int status: choices: - disable - enable description: no description type: str vrdst6: description: no description type: str vrgrp: description: no description type: int vrid: description: no description type: int vrip6: description: no description type: str type: list type: dict l2forward: choices: - disable - enable description: no description type: str l2tp-client: choices: - disable - enable description: no description type: str lacp-ha-secondary: choices: - disable - enable description: no description type: str lacp-ha-slave: choices: - disable - enable description: no description type: str lacp-mode: choices: - static - passive - active description: no description type: str lacp-speed: choices: - slow - fast description: no description type: str large-receive-offload: choices: - disable - enable description: no description type: str lcp-echo-interval: description: no description type: int lcp-max-echo-fails: description: no description type: int link-up-delay: description: no description type: int listen-forticlient-connection: choices: - disable - enable description: no description type: str lldp-network-policy: description: no description type: str lldp-reception: choices: - disable - enable - vdom description: no description type: str lldp-transmission: choices: - enable - disable - vdom description: no description type: str log: choices: - disable - enable description: no description type: str macaddr: description: no description type: str managed-subnetwork-size: choices: - '256' - '512' - '1024' - '2048' - '4096' - '8192' - '16384' - '32768' - '65536' - '32' - '64' - '128' description: no description type: str management-ip: description: no description type: str max-egress-burst-rate: description: no description type: int max-egress-rate: description: no description type: int measured-downstream-bandwidth: description: no description type: int measured-upstream-bandwidth: description: no description type: int mediatype: choices: - serdes-sfp - sgmii-sfp - cfp2-sr10 - cfp2-lr4 - serdes-copper-sfp - sr - cr - lr - qsfp28-sr4 - qsfp28-lr4 - qsfp28-cr4 - sr4 - cr4 - lr4 - none - gmii - sgmii - sr2 - lr2 - cr2 - sr8 - lr8 - cr8 description: no description type: str member: description: no description type: str min-links: description: no description type: int min-links-down: choices: - operational - administrative description: no description type: str mode: choices: - static - dhcp - pppoe - pppoa - ipoa - eoa description: no description type: str monitor-bandwidth: choices: - disable - enable description: no description type: str mtu: description: no description type: int mtu-override: choices: - disable - enable description: no description type: str mux-type: choices: - llc-encaps - vc-encaps description: no description type: str name: description: no description type: str ndiscforward: choices: - disable - enable description: no description type: str netbios-forward: choices: - disable - enable description: no description type: str netflow-sampler: choices: - disable - tx - rx - both description: no description type: str np-qos-profile: description: NP QoS profile ID. type: int npu-fastpath: choices: - disable - enable description: no description type: str nst: choices: - disable - enable description: no description type: str out-force-vlan-cos: description: no description type: int outbandwidth: description: no description type: int padt-retry-timeout: description: no description type: int password: description: description type: str peer-interface: description: no description type: str phy-mode: choices: - auto - adsl - vdsl - adsl-auto - vdsl2 - adsl2+ - adsl2 - g.dmt - t1.413 - g.lite description: no description type: str ping-serv-status: description: no description type: int poe: choices: - disable - enable description: no description type: str polling-interval: description: no description type: int pppoe-unnumbered-negotiate: choices: - disable - enable description: no description type: str pptp-auth-type: choices: - auto - pap - chap - mschapv1 - mschapv2 description: no description type: str pptp-client: choices: - disable - enable description: no description type: str pptp-password: description: description type: str pptp-server-ip: description: no description type: str pptp-timeout: description: no description type: int pptp-user: description: no description type: str preserve-session-route: choices: - disable - enable description: no description type: str priority: description: no description type: int priority-override: choices: - disable - enable description: no description type: str proxy-captive-portal: choices: - disable - enable description: no description type: str pvc-atm-qos: choices: - cbr - rt-vbr - nrt-vbr description: SFP-DSL ADSL Fallback PVC ATM QoS. type: str pvc-chan: description: SFP-DSL ADSL Fallback PVC Channel. type: int pvc-crc: description: SFP-DSL ADSL Fallback PVC CRC Option type: int pvc-pcr: description: SFP-DSL ADSL Fallback PVC Packet Cell Rate in cells type: int pvc-scr: description: SFP-DSL ADSL Fallback PVC Sustainable Cell Rate in cells type: int pvc-vlan-id: description: SFP-DSL ADSL Fallback PVC VLAN ID. type: int pvc-vlan-rx-id: description: SFP-DSL ADSL Fallback PVC VLANID RX. type: int pvc-vlan-rx-op: choices: - pass-through - replace - remove description: SFP-DSL ADSL Fallback PVC VLAN RX op. type: str pvc-vlan-tx-id: description: SFP-DSL ADSL Fallback PVC VLAN ID TX. type: int pvc-vlan-tx-op: choices: - pass-through - replace - remove description: SFP-DSL ADSL Fallback PVC VLAN TX op. type: str reachable-time: description: IPv4 reachable time in milliseconds type: int redundant-interface: description: no description type: str remote-ip: description: no description type: str replacemsg-override-group: description: no description type: str retransmission: choices: - disable - enable description: no description type: str ring-rx: description: no description type: int ring-tx: description: no description type: int role: choices: - lan - wan - dmz - undefined description: no description type: str sample-direction: choices: - rx - tx - both description: no description type: str sample-rate: description: no description type: int scan-botnet-connections: choices: - disable - block - monitor description: no description type: str secondary-IP: choices: - disable - enable description: no description type: str secondaryip: description: description elements: dict suboptions: allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test description: description elements: str type: list detectprotocol: choices: - ping - tcp-echo - udp-echo description: description elements: str type: list detectserver: description: no description type: str gwdetect: choices: - disable - enable description: no description type: str ha-priority: description: no description type: int id: description: no description type: int ip: description: no description type: str ping-serv-status: description: no description type: int secip-relay-ip: description: DHCP relay IP address. type: str seq: description: no description type: int type: list security-8021x-dynamic-vlan-id: description: no description type: int security-8021x-master: description: no description type: str security-8021x-mode: choices: - default - dynamic-vlan - fallback - slave description: no description type: str security-exempt-list: description: no description type: str security-external-logout: description: no description type: str security-external-web: description: no description type: str security-groups: description: no description type: str security-mac-auth-bypass: choices: - disable - enable - mac-auth-only description: no description type: str security-mode: choices: - none - captive-portal - 802.1X description: no description type: str security-redirect-url: description: no description type: str select-profile-30a-35b: choices: - 30A - 35B description: Select VDSL Profile 30a or 35b. type: str service-name: description: no description type: str sflow-sampler: choices: - disable - enable description: no description type: str sfp-dsl: choices: - disable - enable description: Enable/disable SFP DSL. type: str sfp-dsl-adsl-fallback: choices: - disable - enable description: Enable/disable SFP DSL ADSL fallback. type: str sfp-dsl-autodetect: choices: - disable - enable description: Enable/disable SFP DSL MAC address autodetect. type: str sfp-dsl-mac: description: SFP DSL MAC address. type: str speed: choices: - auto - 10full - 10half - 100full - 100half - 1000full - 1000half - 10000full - 1000auto - 10000auto - 40000full - 100Gfull - 25000full - 40000auto - 25000auto - 100Gauto - 400Gfull - 400Gauto - 50000full - 2500auto - 5000auto - 50000auto - 200Gfull - 200Gauto - 100auto description: no description type: str spillover-threshold: description: no description type: int src-check: choices: - disable - enable description: no description type: str status: choices: - down - up description: no description type: str stp: choices: - disable - enable description: no description type: str stp-ha-secondary: choices: - disable - enable - priority-adjust description: Control STP behaviour on HA secondary. type: str stp-ha-slave: choices: - disable - enable - priority-adjust description: no description type: str stpforward: choices: - disable - enable description: no description type: str stpforward-mode: choices: - rpl-all-ext-id - rpl-bridge-ext-id - rpl-nothing description: no description type: str strip-priority-vlan-tag: choices: - disable - enable description: no description type: str subst: choices: - disable - enable description: no description type: str substitute-dst-mac: description: no description type: str sw-algorithm: choices: - l2 - l3 - eh description: Frame distribution algorithm for switch. type: str swc-first-create: description: Initial create for switch-controller VLANs. type: int swc-vlan: description: no description type: int switch: description: no description type: str switch-controller-access-vlan: choices: - disable - enable description: no description type: str switch-controller-arp-inspection: choices: - disable - enable description: no description type: str switch-controller-auth: choices: - radius - usergroup description: no description type: str switch-controller-dhcp-snooping: choices: - disable - enable description: no description type: str switch-controller-dhcp-snooping-option82: choices: - disable - enable description: no description type: str switch-controller-dhcp-snooping-verify-mac: choices: - disable - enable description: no description type: str switch-controller-dynamic: description: Integrated FortiLink settings for managed FortiSwitch. type: str switch-controller-feature: choices: - none - default-vlan - quarantine - sniffer - voice - camera - rspan - video - nac - nac-segment description: no description type: str switch-controller-igmp-snooping: choices: - disable - enable description: no description type: str switch-controller-igmp-snooping-fast-leave: choices: - disable - enable description: no description type: str switch-controller-igmp-snooping-proxy: choices: - disable - enable description: no description type: str switch-controller-iot-scanning: choices: - disable - enable description: Enable/disable managed FortiSwitch IoT scanning. type: str switch-controller-learning-limit: description: no description type: int switch-controller-mgmt-vlan: description: no description type: int switch-controller-nac: description: no description type: str switch-controller-netflow-collect: choices: - disable - enable description: NetFlow collection and processing. type: str switch-controller-offloading: choices: - disable - enable description: no description type: str switch-controller-offloading-gw: choices: - disable - enable description: no description type: str switch-controller-offloading-ip: description: no description type: str switch-controller-radius-server: description: no description type: str switch-controller-rspan-mode: choices: - disable - enable description: no description type: str switch-controller-source-ip: choices: - outbound - fixed description: Source IP address used in FortiLink over L3 connections. type: str switch-controller-traffic-policy: description: no description type: str system-id: description: Define a system ID for the aggregate interface. type: str system-id-type: choices: - auto - user description: Method in which system ID is generated. type: str tc-mode: choices: - ptm - atm description: no description type: str tcp-mss: description: no description type: int trunk: choices: - disable - enable description: no description type: str trust-ip-1: description: no description type: str trust-ip-2: description: no description type: str trust-ip-3: description: no description type: str trust-ip6-1: description: no description type: str trust-ip6-2: description: no description type: str trust-ip6-3: description: no description type: str type: choices: - physical - vlan - aggregate - redundant - tunnel - wireless - vdom-link - loopback - switch - hard-switch - hdlc - vap-switch - wl-mesh - fortilink - switch-vlan - fctrl-trunk - tdm - fext-wan - vxlan - emac-vlan - geneve - ssl - lan-extension description: no description type: str username: description: no description type: str vci: description: no description type: int vectoring: choices: - disable - enable description: no description type: str vindex: description: no description type: int vlan-id: description: Vlan ID type: int vlan-op-mode: choices: - tag - untag - passthrough description: Configure DSL 802. type: str vlan-protocol: choices: - 8021q - 8021ad description: no description type: str vlanforward: choices: - disable - enable description: no description type: str vlanid: description: no description type: int vpi: description: no description type: int vrf: description: no description type: int vrrp: description: description elements: dict suboptions: accept-mode: choices: - disable - enable description: no description type: str adv-interval: description: no description type: int ignore-default-route: choices: - disable - enable description: no description type: str preempt: choices: - disable - enable description: no description type: str priority: description: no description type: int proxy-arp: description: description elements: dict suboptions: id: description: ID. type: int ip: description: Set IP addresses of proxy ARP. type: str type: list start-time: description: no description type: int status: choices: - disable - enable description: no description type: str version: choices: - '2' - '3' description: no description type: str vrdst: description: description type: str vrdst-priority: description: no description type: int vrgrp: description: no description type: int vrid: description: no description type: int vrip: description: no description type: str type: list vrrp-virtual-mac: choices: - disable - enable description: no description type: str wccp: choices: - disable - enable description: no description type: str weight: description: no description type: int wifi-5g-threshold: description: no description type: str wifi-acl: choices: - deny - allow description: no description type: str wifi-ap-band: choices: - any - 5g-preferred - 5g-only description: no description type: str wifi-auth: choices: - PSK - RADIUS - radius - usergroup description: no description type: str wifi-auto-connect: choices: - disable - enable description: no description type: str wifi-auto-save: choices: - disable - enable description: no description type: str wifi-broadcast-ssid: choices: - disable - enable description: no description type: str wifi-dns-server1: description: DNS server 1. type: str wifi-dns-server2: description: DNS server 2. type: str wifi-encrypt: choices: - TKIP - AES description: no description type: str wifi-fragment-threshold: description: no description type: int wifi-gateway: description: IPv4 default gateway IP address. type: str wifi-key: description: description type: str wifi-keyindex: description: no description type: int wifi-mac-filter: choices: - disable - enable description: no description type: str wifi-passphrase: description: description type: str wifi-radius-server: description: no description type: str wifi-rts-threshold: description: no description type: int wifi-security: choices: - None - WEP64 - wep64 - WEP128 - wep128 - WPA_PSK - WPA_RADIUS - WPA - WPA2 - WPA2_AUTO - open - wpa-personal - wpa-enterprise - wpa-only-personal - wpa-only-enterprise - wpa2-only-personal - wpa2-only-enterprise description: no description type: str wifi-ssid: description: no description type: str wifi-usergroup: description: no description type: str wins-ip: description: no description type: str type: dict workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list