drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_wanprof_system_virtualwanlink Configure redundant internet connections using SD-WAN | "added in version" 2.0.0 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_wanprof_system_virtualwanlink (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: Configure redundant internet connections using SD-WAN fmgr_wanprof_system_virtualwanlink: bypass_validation: False workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 rc_succeeded: [0, -2, -3, ...] rc_failed: [-2, -3, ...] adom: <your own value> wanprof: <your own value> wanprof_system_virtualwanlink: fail-detect: <value in [disable, enable]> health-check: - _dynamic-server: <value of string> addr-mode: <value in [ipv4, ipv6]> failtime: <value of integer> http-agent: <value of string> http-get: <value of string> http-match: <value of string> interval: <value of integer> members: <value of string> name: <value of string> packet-size: <value of integer> password: <value of string> port: <value of integer> protocol: <value in [ping, tcp-echo, udp-echo, ...]> recoverytime: <value of integer> security-mode: <value in [none, authentication]> server: <value of string> sla: - id: <value of integer> jitter-threshold: <value of integer> latency-threshold: <value of integer> link-cost-factor: - latency - jitter - packet-loss packetloss-threshold: <value of integer> threshold-alert-jitter: <value of integer> threshold-alert-latency: <value of integer> threshold-alert-packetloss: <value of integer> threshold-warning-jitter: <value of integer> threshold-warning-latency: <value of integer> threshold-warning-packetloss: <value of integer> update-cascade-interface: <value in [disable, enable]> update-static-route: <value in [disable, enable]> internet-service-id: <value of string> probe-packets: <value in [disable, enable]> sla-fail-log-period: <value of integer> sla-pass-log-period: <value of integer> timeout: <value of integer> ha-priority: <value of integer> diffservcode: <value of string> probe-timeout: <value of integer> dns-request-domain: <value of string> probe-count: <value of integer> system-dns: <value in [disable, enable]> load-balance-mode: <value in [source-ip-based, weight-based, usage-based, ...]> members: - _dynamic-member: <value of string> comment: <value of string> gateway: <value of string> gateway6: <value of string> ingress-spillover-threshold: <value of integer> interface: <value of string> priority: <value of integer> seq-num: <value of integer> source: <value of string> source6: <value of string> spillover-threshold: <value of integer> status: <value in [disable, enable]> volume-ratio: <value of integer> weight: <value of integer> cost: <value of integer> service: - addr-mode: <value in [ipv4, ipv6]> bandwidth-weight: <value of integer> default: <value in [disable, enable]> dscp-forward: <value in [disable, enable]> dscp-forward-tag: <value of string> dscp-reverse: <value in [disable, enable]> dscp-reverse-tag: <value of string> dst: <value of string> dst-negate: <value in [disable, enable]> dst6: <value of string> end-port: <value of integer> gateway: <value in [disable, enable]> groups: <value of string> health-check: <value of string> hold-down-time: <value of integer> id: <value of integer> internet-service: <value in [disable, enable]> internet-service-ctrl: <value of integer> internet-service-ctrl-group: <value of string> internet-service-custom: <value of string> internet-service-custom-group: <value of string> internet-service-group: <value of string> internet-service-id: <value of string> jitter-weight: <value of integer> latency-weight: <value of integer> link-cost-factor: <value in [latency, jitter, packet-loss, ...]> link-cost-threshold: <value of integer> member: <value of string> mode: <value in [auto, manual, priority, ...]> name: <value of string> packet-loss-weight: <value of integer> priority-members: <value of string> protocol: <value of integer> quality-link: <value of integer> route-tag: <value of integer> sla: - health-check: <value of string> id: <value of integer> src: <value of string> src-negate: <value in [disable, enable]> src6: <value of string> start-port: <value of integer> status: <value in [disable, enable]> tos: <value of string> tos-mask: <value of string> users: <value of string> internet-service-app-ctrl: <value of integer> internet-service-app-ctrl-group: <value of string> role: <value in [primary, secondary, standalone]> sla-compare-method: <value in [order, number]> standalone-action: <value in [disable, enable]> input-device: <value of string> internet-service-name: <value of string> input-device-negate: <value in [disable, enable]> status: <value in [disable, enable]> neighbor: - health-check: <value of string> ip: <value of string> member: <value of string> role: <value in [primary, secondary, standalone]> sla-id: <value of integer> neighbor-hold-boot-time: <value of integer> neighbor-hold-down: <value in [disable, enable]> neighbor-hold-down-time: <value of integer> fail-alert-interfaces: <value of string>
adom: description: the parameter (adom) in requested url required: true type: str wanprof: description: the parameter (wanprof) in requested url required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int wanprof_system_virtualwanlink: description: the top level parameters set required: false suboptions: fail-alert-interfaces: description: description type: str fail-detect: choices: - disable - enable description: Enable/disable SD-WAN Internet connection status checking type: str health-check: description: description elements: dict suboptions: _dynamic-server: description: no description type: str addr-mode: choices: - ipv4 - ipv6 description: Address mode type: str diffservcode: description: Differentiated services code point type: str dns-request-domain: description: Fully qualified domain name to resolve for the DNS probe. type: str failtime: description: Number of failures before server is considered lost type: int ha-priority: description: HA election priority type: int http-agent: description: String in the http-agent field in the HTTP header. type: str http-get: description: URL used to communicate with the server if the protocol if the protocol is HTTP. type: str http-match: description: Response string expected from the server if the protocol is HTTP. type: str internet-service-id: description: Internet service ID. type: str interval: description: Status check interval, or the time between attempting to connect to the server type: int members: description: Member sequence number list. type: str name: description: Status check or health check name. type: str packet-size: description: Packet size of a twamp test session, type: int password: description: description type: str port: description: Port number used to communicate with the server over the selected protocol. type: int probe-count: description: Number of most recent probes that should be used to calculate latency and jitter type: int probe-packets: choices: - disable - enable description: Enable/disable transmission of probe packets. type: str probe-timeout: description: Time to wait before a probe packet is considered lost type: int protocol: choices: - ping - tcp-echo - udp-echo - http - twamp - ping6 - dns description: Protocol used to determine if the FortiGate can communicate with the server. type: str recoverytime: description: Number of successful responses received before server is considered recovered type: int security-mode: choices: - none - authentication description: Twamp controller security mode. type: str server: description: description type: str sla: description: description elements: dict suboptions: id: description: SLA ID. type: int jitter-threshold: description: Jitter for SLA to make decision in milliseconds. type: int latency-threshold: description: Latency for SLA to make decision in milliseconds. type: int link-cost-factor: choices: - latency - jitter - packet-loss description: description elements: str type: list packetloss-threshold: description: Packet loss for SLA to make decision in percentage. type: int type: list sla-fail-log-period: description: Time interval in seconds that SLA fail log messages will be generated type: int sla-pass-log-period: description: Time interval in seconds that SLA pass log messages will be generated type: int system-dns: choices: - disable - enable description: Enable/disable system DNS as the probe server. type: str threshold-alert-jitter: description: Alert threshold for jitter type: int threshold-alert-latency: description: Alert threshold for latency type: int threshold-alert-packetloss: description: Alert threshold for packet loss type: int threshold-warning-jitter: description: Warning threshold for jitter type: int threshold-warning-latency: description: Warning threshold for latency type: int threshold-warning-packetloss: description: Warning threshold for packet loss type: int timeout: description: How long to wait before not receiving a reply from the server to consider the connetion attempt a failure type: int update-cascade-interface: choices: - disable - enable description: Enable/disable update cascade interface. type: str update-static-route: choices: - disable - enable description: Enable/disable updating the static route. type: str type: list load-balance-mode: choices: - source-ip-based - weight-based - usage-based - source-dest-ip-based - measured-volume-based description: Algorithm or mode to use for load balancing Internet traffic to SD-WAN members. type: str members: description: description elements: dict suboptions: _dynamic-member: description: no description type: str comment: description: Comments. type: str cost: description: Cost of this interface for services in SLA mode type: int gateway: description: The default gateway for this interface. type: str gateway6: description: IPv6 gateway. type: str ingress-spillover-threshold: description: Ingress spillover threshold for this interface type: int interface: description: Interface name. type: str priority: description: Priority of the interface type: int seq-num: description: Sequence number type: int source: description: Source IP address used in the health-check packet to the server. type: str source6: description: Source IPv6 address used in the health-check packet to the server. type: str spillover-threshold: description: Egress spillover threshold for this interface type: int status: choices: - disable - enable description: Enable/disable this interface in the SD-WAN. type: str volume-ratio: description: Measured volume ratio type: int weight: description: Weight of this interface for weighted load balancing. type: int type: list neighbor: description: description elements: dict suboptions: health-check: description: SD-WAN health-check name. type: str ip: description: IP address of neighbor. type: str member: description: Member sequence number. type: str role: choices: - primary - secondary - standalone description: Role of neighbor. type: str sla-id: description: SLA ID. type: int type: list neighbor-hold-boot-time: description: Waiting period in seconds when switching from the primary neighbor to the secondary neighbor from the neighbor start. type: int neighbor-hold-down: choices: - disable - enable description: Enable/disable hold switching from the secondary neighbor to the primary neighbor. type: str neighbor-hold-down-time: description: Waiting period in seconds when switching from the secondary neighbor to the primary neighbor when hold-down is disabled. type: int service: description: description elements: dict suboptions: addr-mode: choices: - ipv4 - ipv6 description: Address mode type: str bandwidth-weight: description: Coefficient of reciprocal of available bidirectional bandwidth in the formula of custom-profile-1. type: int default: choices: - disable - enable description: Enable/disable use of SD-WAN as default service. type: str dscp-forward: choices: - disable - enable description: Enable/disable forward traffic DSCP tag. type: str dscp-forward-tag: description: Forward traffic DSCP tag. type: str dscp-reverse: choices: - disable - enable description: Enable/disable reverse traffic DSCP tag. type: str dscp-reverse-tag: description: Reverse traffic DSCP tag. type: str dst: description: Destination address name. type: str dst-negate: choices: - disable - enable description: Enable/disable negation of destination address match. type: str dst6: description: Destination address6 name. type: str end-port: description: End destination port number. type: int gateway: choices: - disable - enable description: Enable/disable SD-WAN service gateway. type: str groups: description: User groups. type: str health-check: description: Health check. type: str hold-down-time: description: Waiting period in seconds when switching from the back-up member to the primary member type: int id: description: Priority rule ID type: int input-device: description: Source interface name. type: str input-device-negate: choices: - disable - enable description: Enable/disable negation of input device match. type: str internet-service: choices: - disable - enable description: Enable/disable use of Internet service for application-based load balancing. type: str internet-service-app-ctrl: description: description type: int internet-service-app-ctrl-group: description: Application control based Internet Service group list. type: str internet-service-ctrl: description: description type: int internet-service-ctrl-group: description: Control-based Internet Service group list. type: str internet-service-custom: description: Custom Internet service name list. type: str internet-service-custom-group: description: Custom Internet Service group list. type: str internet-service-group: description: Internet Service group list. type: str internet-service-id: description: Internet service ID list. type: str internet-service-name: description: Internet service name list. type: str jitter-weight: description: Coefficient of jitter in the formula of custom-profile-1. type: int latency-weight: description: Coefficient of latency in the formula of custom-profile-1. type: int link-cost-factor: choices: - latency - jitter - packet-loss - inbandwidth - outbandwidth - bibandwidth - custom-profile-1 description: Link cost factor. type: str link-cost-threshold: description: Percentage threshold change of link cost values that will result in policy route regeneration type: int member: description: Member sequence number. type: str mode: choices: - auto - manual - priority - sla - load-balance description: Control how the priority rule sets the priority of interfaces in the SD-WAN. type: str name: description: Priority rule name. type: str packet-loss-weight: description: Coefficient of packet-loss in the formula of custom-profile-1. type: int priority-members: description: Member sequence number list. type: str protocol: description: Protocol number. type: int quality-link: description: Quality grade. type: int role: choices: - primary - secondary - standalone description: Service role to work with neighbor. type: str route-tag: description: IPv4 route map route-tag. type: int sla: description: description elements: dict suboptions: health-check: description: Virtual WAN Link health-check. type: str id: description: SLA ID. type: int type: list sla-compare-method: choices: - order - number description: Method to compare SLA value for sla and load balance mode. type: str src: description: Source address name. type: str src-negate: choices: - disable - enable description: Enable/disable negation of source address match. type: str src6: description: Source address6 name. type: str standalone-action: choices: - disable - enable description: Enable/disable service when selected neighbor role is standalone while service role is not standalone. type: str start-port: description: Start destination port number. type: int status: choices: - disable - enable description: Enable/disable SD-WAN service. type: str tos: description: Type of service bit pattern. type: str tos-mask: description: Type of service evaluated bits. type: str users: description: User name. type: str type: list status: choices: - disable - enable description: Enable/disable SD-WAN. type: str type: dict
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list