Try SpotterVPN node for VPN Manager.
| "added in version" 2.0.0 of drmofu.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections:
- name: drmofu.fortimanager
version: 2.2.2This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: VPN node for VPN Manager.
fmgr_vpnmgr_node:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
vpnmgr_node:
add-route: <value in [disable, enable]>
assign-ip: <value in [disable, enable]>
assign-ip-from: <value in [range, usrgrp, dhcp, ...]>
authpasswd: <value of string>
authusr: <value of string>
authusrgrp: <value of string>
auto-configuration: <value in [disable, enable]>
automatic_routing: <value in [disable, enable]>
banner: <value of string>
default-gateway: <value of string>
dhcp-server: <value in [disable, enable]>
dns-mode: <value in [auto, manual]>
dns-service: <value in [default, specify, local]>
domain: <value of string>
extgw: <value of string>
extgw_hubip: <value of string>
extgw_p2_per_net: <value in [disable, enable]>
extgwip: <value of string>
hub_iface: <value of string>
id: <value of integer>
iface: <value of string>
ip-range:
-
end-ip: <value of string>
id: <value of integer>
start-ip: <value of string>
ipsec-lease-hold: <value of integer>
ipv4-dns-server1: <value of string>
ipv4-dns-server2: <value of string>
ipv4-dns-server3: <value of string>
ipv4-end-ip: <value of string>
ipv4-exclude-range:
-
end-ip: <value of string>
id: <value of integer>
start-ip: <value of string>
ipv4-netmask: <value of string>
ipv4-split-include: <value of string>
ipv4-start-ip: <value of string>
ipv4-wins-server1: <value of string>
ipv4-wins-server2: <value of string>
local-gw: <value of string>
localid: <value of string>
mode-cfg: <value in [disable, enable]>
mode-cfg-ip-version: <value in [4, 6]>
net-device: <value in [disable, enable]>
peer: <value of string>
peergrp: <value of string>
peerid: <value of string>
peertype: <value in [any, one, dialup, ...]>
protected_subnet:
-
addr: <value of string>
seq: <value of integer>
public-ip: <value of string>
role: <value in [hub, spoke]>
route-overlap: <value in [use-old, use-new, allow]>
spoke-zone: <value of string>
summary_addr:
-
addr: <value of string>
priority: <value of integer>
seq: <value of integer>
tunnel-search: <value in [selectors, nexthop]>
unity-support: <value in [disable, enable]>
usrgrp: <value of string>
vpn-interface-priority: <value of integer>
vpn-zone: <value of string>
vpntable: <value of string>
xauthtype: <value in [disable, client, pap, ...]>
exchange-interface-ip: <value in [disable, enable]>
hub-public-ip: <value of string>
ipv4-split-exclude: <value of string>
scope member:
-
name: <value of string>
vdom: <value of string>
dhcp-ra-giaddr: <value of string>
encapsulation: <value in [tunnel-mode, transport-mode]>
ipv4-name: <value of string>
l2tp: <value in [disable, enable]>
auto-discovery-receiver: <value in [disable, enable]>
auto-discovery-sender: <value in [disable, enable]>
network-id: <value of integer>
network-overlay: <value in [enable, disable]>
adom:
description: the parameter (adom) in requested url
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
required: false
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
required: false
type: bool
vpnmgr_node:
description: the top level parameters set
required: false
suboptions:
add-route:
choices:
- disable
- enable
description: Add-Route.
type: str
assign-ip:
choices:
- disable
- enable
description: Assign-Ip.
type: str
assign-ip-from:
choices:
- range
- usrgrp
- dhcp
- name
description: Assign-Ip-From.
type: str
authpasswd:
description: Authpasswd.
type: str
authusr:
description: Authusr.
type: str
authusrgrp:
description: Authusrgrp.
type: str
auto-configuration:
choices:
- disable
- enable
description: Auto-Configuration.
type: str
auto-discovery-receiver:
choices:
- disable
- enable
description: no description
type: str
auto-discovery-sender:
choices:
- disable
- enable
description: no description
type: str
automatic_routing:
choices:
- disable
- enable
description: Automatic_Routing.
type: str
banner:
description: Banner.
type: str
default-gateway:
description: Default-Gateway.
type: str
dhcp-ra-giaddr:
description: no description
type: str
dhcp-server:
choices:
- disable
- enable
description: Dhcp-Server.
type: str
dns-mode:
choices:
- auto
- manual
description: Dns-Mode.
type: str
dns-service:
choices:
- default
- specify
- local
description: Dns-Service.
type: str
domain:
description: Domain.
type: str
encapsulation:
choices:
- tunnel-mode
- transport-mode
description: no description
type: str
exchange-interface-ip:
choices:
- disable
- enable
description: Exchange-Interface-Ip.
type: str
extgw:
description: Extgw.
type: str
extgw_hubip:
description: Extgw_Hubip.
type: str
extgw_p2_per_net:
choices:
- disable
- enable
description: Extgw_P2_Per_Net.
type: str
extgwip:
description: Extgwip.
type: str
hub-public-ip:
description: Hub-Public-Ip.
type: str
hub_iface:
description: Hub_Iface.
type: str
id:
description: Id.
type: int
iface:
description: Iface.
type: str
ip-range:
description: Ip-Range.
elements: dict
suboptions:
end-ip:
description: End-Ip.
type: str
id:
description: Id.
type: int
start-ip:
description: Start-Ip.
type: str
type: list
ipsec-lease-hold:
description: Ipsec-Lease-Hold.
type: int
ipv4-dns-server1:
description: Ipv4-Dns-Server1.
type: str
ipv4-dns-server2:
description: Ipv4-Dns-Server2.
type: str
ipv4-dns-server3:
description: Ipv4-Dns-Server3.
type: str
ipv4-end-ip:
description: Ipv4-End-Ip.
type: str
ipv4-exclude-range:
description: Ipv4-Exclude-Range.
elements: dict
suboptions:
end-ip:
description: End-Ip.
type: str
id:
description: Id.
type: int
start-ip:
description: Start-Ip.
type: str
type: list
ipv4-name:
description: no description
type: str
ipv4-netmask:
description: Ipv4-Netmask.
type: str
ipv4-split-exclude:
description: Ipv4-Split-Exclude.
type: str
ipv4-split-include:
description: Ipv4-Split-Include.
type: str
ipv4-start-ip:
description: Ipv4-Start-Ip.
type: str
ipv4-wins-server1:
description: Ipv4-Wins-Server1.
type: str
ipv4-wins-server2:
description: Ipv4-Wins-Server2.
type: str
l2tp:
choices:
- disable
- enable
description: no description
type: str
local-gw:
description: Local-Gw.
type: str
localid:
description: Localid.
type: str
mode-cfg:
choices:
- disable
- enable
description: Mode-Cfg.
type: str
mode-cfg-ip-version:
choices:
- '4'
- '6'
description: Mode-Cfg-Ip-Version.
type: str
net-device:
choices:
- disable
- enable
description: Net-Device.
type: str
network-id:
description: no description
type: int
network-overlay:
choices:
- enable
- disable
description: no description
type: str
peer:
description: Peer.
type: str
peergrp:
description: Peergrp.
type: str
peerid:
description: Peerid.
type: str
peertype:
choices:
- any
- one
- dialup
- peer
- peergrp
description: Peertype.
type: str
protected_subnet:
description: Protected_Subnet.
elements: dict
suboptions:
addr:
description: Addr.
type: str
seq:
description: Seq.
type: int
type: list
public-ip:
description: Public-Ip.
type: str
role:
choices:
- hub
- spoke
description: Role.
type: str
route-overlap:
choices:
- use-old
- use-new
- allow
description: Route-Overlap.
type: str
scope member:
description: description
elements: dict
suboptions:
name:
description: no description
type: str
vdom:
description: no description
type: str
type: list
spoke-zone:
description: Spoke-Zone.
type: str
summary_addr:
description: Summary_Addr.
elements: dict
suboptions:
addr:
description: Addr.
type: str
priority:
description: Priority.
type: int
seq:
description: Seq.
type: int
type: list
tunnel-search:
choices:
- selectors
- nexthop
description: Tunnel-Search.
type: str
unity-support:
choices:
- disable
- enable
description: Unity-Support.
type: str
usrgrp:
description: Usrgrp.
type: str
vpn-interface-priority:
description: Vpn-Interface-Priority.
type: int
vpn-zone:
description: Vpn-Zone.
type: str
vpntable:
description: Vpntable.
type: str
xauthtype:
choices:
- disable
- client
- pap
- chap
- auto
description: Xauthtype.
type: str
type: dict
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
required: false
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
required: false
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
required: false
type: bool
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
required: false
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
required: false
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list