fortinet / fortinet.fortimanager / 1.0.5 / module / fmgr_firewall_vip Configure virtual IP for IPv4. | "added in version" 2.10 of fortinet.fortimanager" Authors: Frank Shen (@fshen01), Link Zheng (@zhengl) preview | supported by communityfortinet.fortimanager.fmgr_firewall_vip (1.0.5) — module
Install with ansible-galaxy collection install fortinet.fortimanager:==1.0.5
collections: - name: fortinet.fortimanager version: 1.0.5
This module is able to configure a FortiManager device by allowing the user to [ add get set update ] the following apis.
/pm/config/adom/{adom}/obj/firewall/vip
/pm/config/global/obj/firewall/vip
Examples include all parameters and values need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: REQUESTING /PM/CONFIG/OBJ/FIREWALL/VIP fmgr_firewall_vip: loose_validation: False workspace_locking_adom: <value in [global, custom adom]> workspace_locking_timeout: 300 method: <value in [add, set, update]> url_params: adom: <value in [none, global, custom dom]> params: - data: - arp-reply: <value in [disable, enable]> color: <value of integer> comment: <value of string> dns-mapping-ttl: <value of integer> dynamic_mapping: - _scope: - name: <value of string> vdom: <value of string> arp-reply: <value in [disable, enable]> color: <value of integer> comment: <value of string> dns-mapping-ttl: <value of integer> extaddr: <value of string> extintf: <value of string> extip: <value of string> extport: <value of string> gratuitous-arp-interval: <value of integer> http-cookie-age: <value of integer> http-cookie-domain: <value of string> http-cookie-domain-from-host: <value in [disable, enable]> http-cookie-generation: <value of integer> http-cookie-path: <value of string> http-cookie-share: <value in [disable, same-ip]> http-ip-header: <value in [disable, enable]> http-ip-header-name: <value of string> http-multiplex: <value in [disable, enable]> https-cookie-secure: <value in [disable, enable]> id: <value of integer> ldb-method: <value in [static, round-robin, weighted, ...]> mapped-addr: <value of string> mappedip: - <value of string> mappedport: <value of string> max-embryonic-connections: <value of integer> monitor: - <value of string> nat-source-vip: <value in [disable, enable]> outlook-web-access: <value in [disable, enable]> persistence: <value in [none, http-cookie, ssl-session-id]> portforward: <value in [disable, enable]> portmapping-type: <value in [1-to-1, m-to-n]> protocol: <value in [tcp, udp, sctp, ...]> realservers: - client-ip: - <value of string> healthcheck: <value in [disable, enable, vip]> holddown-interval: <value of integer> http-host: <value of string> ip: <value of string> max-connections: <value of integer> monitor: <value of string> port: <value of integer> seq: <value of integer> status: <value in [active, standby, disable]> weight: <value of integer> server-type: <value in [http, https, ssl, ...]> service: <value of string> src-filter: - <value of string> srcintf-filter: - <value of string> ssl-algorithm: <value in [high, medium, low, ...]> ssl-certificate: <value of string> ssl-cipher-suites: - cipher: <value in [TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, ...]> id: <value of integer> versions: - <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-client-fallback: <value in [disable, enable]> ssl-client-renegotiation: <value in [deny, allow, secure]> ssl-client-session-state-max: <value of integer> ssl-client-session-state-timeout: <value of integer> ssl-client-session-state-type: <value in [disable, time, count, ...]> ssl-dh-bits: <value in [768, 1024, 1536, ...]> ssl-hpkp: <value in [disable, enable, report-only]> ssl-hpkp-age: <value of integer> ssl-hpkp-backup: <value of string> ssl-hpkp-include-subdomains: <value in [disable, enable]> ssl-hpkp-primary: <value of string> ssl-hpkp-report-uri: <value of string> ssl-hsts: <value in [disable, enable]> ssl-hsts-age: <value of integer> ssl-hsts-include-subdomains: <value in [disable, enable]> ssl-http-location-conversion: <value in [disable, enable]> ssl-http-match-host: <value in [disable, enable]> ssl-max-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-min-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-mode: <value in [half, full]> ssl-pfs: <value in [require, deny, allow]> ssl-send-empty-frags: <value in [disable, enable]> ssl-server-algorithm: <value in [high, low, medium, ...]> ssl-server-max-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-server-min-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-server-session-state-max: <value of integer> ssl-server-session-state-timeout: <value of integer> ssl-server-session-state-type: <value in [disable, time, count, ...]> type: <value in [static-nat, load-balance, server-load-balance, ...]> uuid: <value of string> weblogic-server: <value in [disable, enable]> websphere-server: <value in [disable, enable]> extaddr: <value of string> extintf: <value of string> extip: <value of string> extport: <value of string> gratuitous-arp-interval: <value of integer> http-cookie-age: <value of integer> http-cookie-domain: <value of string> http-cookie-domain-from-host: <value in [disable, enable]> http-cookie-generation: <value of integer> http-cookie-path: <value of string> http-cookie-share: <value in [disable, same-ip]> http-ip-header: <value in [disable, enable]> http-ip-header-name: <value of string> http-multiplex: <value in [disable, enable]> https-cookie-secure: <value in [disable, enable]> id: <value of integer> ldb-method: <value in [static, round-robin, weighted, ...]> mapped-addr: <value of string> mappedip: - <value of string> mappedport: <value of string> max-embryonic-connections: <value of integer> monitor: <value of string> name: <value of string> nat-source-vip: <value in [disable, enable]> outlook-web-access: <value in [disable, enable]> persistence: <value in [none, http-cookie, ssl-session-id]> portforward: <value in [disable, enable]> portmapping-type: <value in [1-to-1, m-to-n]> protocol: <value in [tcp, udp, sctp, ...]> realservers: - client-ip: - <value of string> healthcheck: <value in [disable, enable, vip]> holddown-interval: <value of integer> http-host: <value of string> ip: <value of string> max-connections: <value of integer> monitor: <value of string> port: <value of integer> seq: <value of integer> status: <value in [active, standby, disable]> weight: <value of integer> server-type: <value in [http, https, ssl, ...]> service: <value of string> src-filter: - <value of string> srcintf-filter: <value of string> ssl-algorithm: <value in [high, medium, low, ...]> ssl-certificate: <value of string> ssl-cipher-suites: - cipher: <value in [TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, ...]> id: <value of integer> versions: - <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-client-fallback: <value in [disable, enable]> ssl-client-renegotiation: <value in [deny, allow, secure]> ssl-client-session-state-max: <value of integer> ssl-client-session-state-timeout: <value of integer> ssl-client-session-state-type: <value in [disable, time, count, ...]> ssl-dh-bits: <value in [768, 1024, 1536, ...]> ssl-hpkp: <value in [disable, enable, report-only]> ssl-hpkp-age: <value of integer> ssl-hpkp-backup: <value of string> ssl-hpkp-include-subdomains: <value in [disable, enable]> ssl-hpkp-primary: <value of string> ssl-hpkp-report-uri: <value of string> ssl-hsts: <value in [disable, enable]> ssl-hsts-age: <value of integer> ssl-hsts-include-subdomains: <value in [disable, enable]> ssl-http-location-conversion: <value in [disable, enable]> ssl-http-match-host: <value in [disable, enable]> ssl-max-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-min-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-mode: <value in [half, full]> ssl-pfs: <value in [require, deny, allow]> ssl-send-empty-frags: <value in [disable, enable]> ssl-server-algorithm: <value in [high, low, medium, ...]> ssl-server-cipher-suites: - cipher: <value in [TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, ...]> priority: <value of integer> versions: - <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-server-max-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-server-min-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-server-session-state-max: <value of integer> ssl-server-session-state-timeout: <value of integer> ssl-server-session-state-type: <value in [disable, time, count, ...]> type: <value in [static-nat, load-balance, server-load-balance, ...]> uuid: <value of string> weblogic-server: <value in [disable, enable]> websphere-server: <value in [disable, enable]> - name: REQUESTING /PM/CONFIG/OBJ/FIREWALL/VIP fmgr_firewall_vip: loose_validation: False workspace_locking_adom: <value in [global, custom adom]> workspace_locking_timeout: 300 method: <value in [get]> url_params: adom: <value in [none, global, custom dom]> params: - attr: <value of string> fields: - - <value in [arp-reply, color, comment, ...]> filter: - <value of string> get used: <value of integer> loadsub: <value of integer> option: <value in [count, object member, datasrc, ...]> range: - <value of integer> sortings: - varidic.attr_name: <value in [1, -1]>
method: choices: - add - get - set - update description: - The method in request required: true type: str params: description: - The parameters for each method - See full parameters list in https://ansible-galaxy-fortimanager-docs.readthedocs.io/en/latest required: false type: list url_params: description: - The parameters for each API request URL - Also see full URL parameters in https://ansible-galaxy-fortimanager-docs.readthedocs.io/en/latest required: false type: dict loose_validation: description: - Do parameter validation in a loose way required: false type: bool workspace_locking_adom: description: - the adom name to lock in case FortiManager running in workspace mode - it can be global or any other custom adom names required: false type: str workspace_locking_timeout: default: 300 description: - the maximum time in seconds to wait for other user to release the workspace lock required: false type: int
data: description: The payload returned in the request returned: always type: dict status: description: The status of api request returned: always type: dict url: description: The full url requested returned: always sample: /sys/login/user type: str