fortinet / fortinet.fortimanager / 2.4.0 / module / fmgr_vap Configure Virtual Access Points | "added in version" 2.0.0 of fortinet.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communityfortinet.fortimanager.fmgr_vap (2.4.0) — module
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections: - name: fortinet.fortimanager version: 2.4.0
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Configure Virtual Access Points fortinet.fortimanager.fmgr_vap: # bypass_validation: false workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 # rc_succeeded: [0, -2, -3, ...] # rc_failed: [-2, -3, ...] adom: <your own value> state: present # <value in [present, absent]> vap: _centmgmt: <value in [disable, enable]> _dhcp_svr_id: <string> _intf_allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test _intf_device_identification: <value in [disable, enable]> _intf_device_netscan: <value in [disable, enable]> _intf_dhcp_relay_ip: <list or string> _intf_dhcp_relay_service: <value in [disable, enable]> _intf_dhcp_relay_type: <value in [regular, ipsec]> _intf_dhcp6_relay_ip: <string> _intf_dhcp6_relay_service: <value in [disable, enable]> _intf_dhcp6_relay_type: <value in [regular]> _intf_ip: <string> _intf_ip6_address: <string> _intf_ip6_allowaccess: - https - ping - ssh - snmp - http - telnet - any - fgfm - capwap _intf_listen_forticlient_connection: <value in [disable, enable]> acct_interim_interval: <integer> alias: <string> auth: <value in [PSK, psk, RADIUS, ...]> broadcast_ssid: <value in [disable, enable]> broadcast_suppression: - dhcp - arp - dhcp2 - arp2 - netbios-ns - netbios-ds - arp3 - dhcp-up - dhcp-down - arp-known - arp-unknown - arp-reply - ipv6 - dhcp-starvation - arp-poison - all-other-mc - all-other-bc - arp-proxy - dhcp-ucast captive_portal_ac_name: <string> captive_portal_macauth_radius_secret: <list or string> captive_portal_macauth_radius_server: <string> captive_portal_radius_secret: <list or string> captive_portal_radius_server: <string> captive_portal_session_timeout_interval: <integer> dhcp_lease_time: <integer> dhcp_option82_circuit_id_insertion: <value in [disable, style-1, style-2, ...]> dhcp_option82_insertion: <value in [disable, enable]> dhcp_option82_remote_id_insertion: <value in [disable, style-1]> dynamic_vlan: <value in [disable, enable]> dynamic_mapping: - _centmgmt: <value in [disable, enable]> _dhcp_svr_id: <string> _intf_allowaccess: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test _intf_device_identification: <value in [disable, enable]> _intf_device_netscan: <value in [disable, enable]> _intf_dhcp_relay_ip: <list or string> _intf_dhcp_relay_service: <value in [disable, enable]> _intf_dhcp_relay_type: <value in [regular, ipsec]> _intf_dhcp6_relay_ip: <string> _intf_dhcp6_relay_service: <value in [disable, enable]> _intf_dhcp6_relay_type: <value in [regular]> _intf_ip: <string> _intf_ip6_address: <string> _intf_ip6_allowaccess: - https - ping - ssh - snmp - http - telnet - any - fgfm - capwap _intf_listen_forticlient_connection: <value in [disable, enable]> _scope: - name: <string> vdom: <string> acct_interim_interval: <integer> address_group: <string> alias: <string> atf_weight: <integer> auth: <value in [PSK, psk, RADIUS, ...]> broadcast_ssid: <value in [disable, enable]> broadcast_suppression: - dhcp - arp - dhcp2 - arp2 - netbios-ns - netbios-ds - arp3 - dhcp-up - dhcp-down - arp-known - arp-unknown - arp-reply - ipv6 - dhcp-starvation - arp-poison - all-other-mc - all-other-bc - arp-proxy - dhcp-ucast captive_portal_ac_name: <string> captive_portal_macauth_radius_secret: <list or string> captive_portal_macauth_radius_server: <string> captive_portal_radius_secret: <list or string> captive_portal_radius_server: <string> captive_portal_session_timeout_interval: <integer> client_count: <integer> dhcp_lease_time: <integer> dhcp_option82_circuit_id_insertion: <value in [disable, style-1, style-2, ...]> dhcp_option82_insertion: <value in [disable, enable]> dhcp_option82_remote_id_insertion: <value in [disable, style-1]> dynamic_vlan: <value in [disable, enable]> eap_reauth: <value in [disable, enable]> eap_reauth_intv: <integer> eapol_key_retries: <value in [disable, enable]> encrypt: <value in [TKIP, AES, TKIP-AES]> external_fast_roaming: <value in [disable, enable]> external_logout: <string> external_web: <string> fast_bss_transition: <value in [disable, enable]> fast_roaming: <value in [disable, enable]> ft_mobility_domain: <integer> ft_over_ds: <value in [disable, enable]> ft_r0_key_lifetime: <integer> gtk_rekey: <value in [disable, enable]> gtk_rekey_intv: <integer> hotspot20_profile: <string> intra_vap_privacy: <value in [disable, enable]> ip: <string> key: <list or string> keyindex: <integer> ldpc: <value in [disable, tx, rx, ...]> local_authentication: <value in [disable, enable]> local_bridging: <value in [disable, enable]> local_lan: <value in [deny, allow]> local_standalone: <value in [disable, enable]> local_standalone_nat: <value in [disable, enable]> local_switching: <value in [disable, enable]> mac_auth_bypass: <value in [disable, enable]> mac_filter: <value in [disable, enable]> mac_filter_policy_other: <value in [deny, allow]> max_clients: <integer> max_clients_ap: <integer> me_disable_thresh: <integer> mesh_backhaul: <value in [disable, enable]> mpsk: <value in [disable, enable]> mpsk_concurrent_clients: <integer> multicast_enhance: <value in [disable, enable]> multicast_rate: <value in [0, 6000, 12000, ...]> okc: <value in [disable, enable]> owe_groups: - 19 - 20 - 21 owe_transition: <value in [disable, enable]> owe_transition_ssid: <string> passphrase: <list or string> pmf: <value in [disable, enable, optional]> pmf_assoc_comeback_timeout: <integer> pmf_sa_query_retry_timeout: <integer> portal_message_override_group: <string> portal_type: <value in [auth, auth+disclaimer, disclaimer, ...]> probe_resp_suppression: <value in [disable, enable]> probe_resp_threshold: <string> ptk_rekey: <value in [disable, enable]> ptk_rekey_intv: <integer> qos_profile: <string> quarantine: <value in [disable, enable]> radio_2g_threshold: <string> radio_5g_threshold: <string> radio_sensitivity: <value in [disable, enable]> radius_mac_auth: <value in [disable, enable]> radius_mac_auth_server: <string> radius_mac_auth_usergroups: <list or string> radius_server: <string> rates_11a: - 1 - 1-basic - 2 - 2-basic - 5.5 - 5.5-basic - 6 - 6-basic - 9 - 9-basic - 12 - 12-basic - 18 - 18-basic - 24 - 24-basic - 36 - 36-basic - 48 - 48-basic - 54 - 54-basic - 11 - 11-basic rates_11ac_ss12: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/1 - mcs9/1 - mcs0/2 - mcs1/2 - mcs2/2 - mcs3/2 - mcs4/2 - mcs5/2 - mcs6/2 - mcs7/2 - mcs8/2 - mcs9/2 - mcs10/1 - mcs11/1 - mcs10/2 - mcs11/2 rates_11ac_ss34: - mcs0/3 - mcs1/3 - mcs2/3 - mcs3/3 - mcs4/3 - mcs5/3 - mcs6/3 - mcs7/3 - mcs8/3 - mcs9/3 - mcs0/4 - mcs1/4 - mcs2/4 - mcs3/4 - mcs4/4 - mcs5/4 - mcs6/4 - mcs7/4 - mcs8/4 - mcs9/4 - mcs10/3 - mcs11/3 - mcs10/4 - mcs11/4 rates_11bg: - 1 - 1-basic - 2 - 2-basic - 5.5 - 5.5-basic - 6 - 6-basic - 9 - 9-basic - 12 - 12-basic - 18 - 18-basic - 24 - 24-basic - 36 - 36-basic - 48 - 48-basic - 54 - 54-basic - 11 - 11-basic rates_11n_ss12: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/2 - mcs9/2 - mcs10/2 - mcs11/2 - mcs12/2 - mcs13/2 - mcs14/2 - mcs15/2 rates_11n_ss34: - mcs16/3 - mcs17/3 - mcs18/3 - mcs19/3 - mcs20/3 - mcs21/3 - mcs22/3 - mcs23/3 - mcs24/4 - mcs25/4 - mcs26/4 - mcs27/4 - mcs28/4 - mcs29/4 - mcs30/4 - mcs31/4 sae_groups: - 1 - 2 - 5 - 14 - 15 - 16 - 17 - 18 - 19 - 20 - 21 - 27 - 28 - 29 - 30 - 31 sae_password: <list or string> schedule: <list or string> security: <value in [None, WEP64, wep64, ...]> security_exempt_list: <string> security_obsolete_option: <value in [disable, enable]> security_redirect_url: <string> selected_usergroups: <list or string> split_tunneling: <value in [disable, enable]> ssid: <string> tkip_counter_measure: <value in [disable, enable]> usergroup: <list or string> utm_profile: <string> vdom: <list or string> vlan_auto: <value in [disable, enable]> vlan_pooling: <value in [wtp-group, round-robin, hash, ...]> vlanid: <integer> voice_enterprise: <value in [disable, enable]> mu_mimo: <value in [disable, enable]> _intf_device_access_list: <string> external_web_format: <value in [auto-detect, no-query-string, partial-query-string]> high_efficiency: <value in [disable, enable]> primary_wag_profile: <string> secondary_wag_profile: <string> target_wake_time: <value in [disable, enable]> tunnel_echo_interval: <integer> tunnel_fallback_interval: <integer> access_control_list: <string> captive_portal_auth_timeout: <integer> ipv6_rules: - drop-icmp6ra - drop-icmp6rs - drop-llmnr6 - drop-icmp6mld2 - drop-dhcp6s - drop-dhcp6c - ndp-proxy - drop-ns-dad - drop-ns-nondad sticky_client_remove: <value in [disable, enable]> sticky_client_threshold_2g: <string> sticky_client_threshold_5g: <string> bss_color_partial: <value in [disable, enable]> dhcp_option43_insertion: <value in [disable, enable]> mpsk_profile: <string> igmp_snooping: <value in [disable, enable]> port_macauth: <value in [disable, radius, address-group]> port_macauth_reauth_timeout: <integer> port_macauth_timeout: <integer> additional_akms: - akm6 bstm_disassociation_imminent: <value in [disable, enable]> bstm_load_balancing_disassoc_timer: <integer> bstm_rssi_disassoc_timer: <integer> dhcp_address_enforcement: <value in [disable, enable]> gas_comeback_delay: <integer> gas_fragmentation_limit: <integer> mac_called_station_delimiter: <value in [hyphen, single-hyphen, colon, ...]> mac_calling_station_delimiter: <value in [hyphen, single-hyphen, colon, ...]> mac_case: <value in [uppercase, lowercase]> mac_password_delimiter: <value in [hyphen, single-hyphen, colon, ...]> mac_username_delimiter: <value in [hyphen, single-hyphen, colon, ...]> mbo: <value in [disable, enable]> mbo_cell_data_conn_pref: <value in [excluded, prefer-not, prefer-use]> nac: <value in [disable, enable]> nac_profile: <string> neighbor_report_dual_band: <value in [disable, enable]> address_group_policy: <value in [disable, allow, deny]> antivirus_profile: <string> application_detection_engine: <value in [disable, enable]> application_list: <string> application_report_intv: <integer> auth_cert: <string> auth_portal_addr: <string> beacon_advertising: - name - model - serial-number ips_sensor: <string> l3_roaming: <value in [disable, enable]> local_standalone_dns: <value in [disable, enable]> local_standalone_dns_ip: <list or string> osen: <value in [disable, enable]> radius_mac_mpsk_auth: <value in [disable, enable]> radius_mac_mpsk_timeout: <integer> rates_11ax_ss12: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/1 - mcs9/1 - mcs10/1 - mcs11/1 - mcs0/2 - mcs1/2 - mcs2/2 - mcs3/2 - mcs4/2 - mcs5/2 - mcs6/2 - mcs7/2 - mcs8/2 - mcs9/2 - mcs10/2 - mcs11/2 rates_11ax_ss34: - mcs0/3 - mcs1/3 - mcs2/3 - mcs3/3 - mcs4/3 - mcs5/3 - mcs6/3 - mcs7/3 - mcs8/3 - mcs9/3 - mcs10/3 - mcs11/3 - mcs0/4 - mcs1/4 - mcs2/4 - mcs3/4 - mcs4/4 - mcs5/4 - mcs6/4 - mcs7/4 - mcs8/4 - mcs9/4 - mcs10/4 - mcs11/4 scan_botnet_connections: <value in [disable, block, monitor]> utm_log: <value in [disable, enable]> utm_status: <value in [disable, enable]> webfilter_profile: <string> sae_h2e_only: <value in [disable, enable]> sae_pk: <value in [disable, enable]> sae_private_key: <string> sticky_client_threshold_6g: <string> application_dscp_marking: <value in [disable, enable]> l3_roaming_mode: <value in [direct, indirect]> rates_11ac_mcs_map: <string> rates_11ax_mcs_map: <string> captive_portal_fw_accounting: <value in [disable, enable]> radius_mac_auth_block_interval: <integer> _is_factory_setting: <value in [disable, enable, ext]> d80211k: <value in [disable, enable]> d80211v: <value in [disable, enable]> roaming_acct_interim_update: <value in [disable, enable]> sae_hnp_only: <value in [disable, enable]> eap_reauth: <value in [disable, enable]> eap_reauth_intv: <integer> eapol_key_retries: <value in [disable, enable]> encrypt: <value in [TKIP, AES, TKIP-AES]> external_fast_roaming: <value in [disable, enable]> external_logout: <string> external_web: <string> fast_bss_transition: <value in [disable, enable]> fast_roaming: <value in [disable, enable]> ft_mobility_domain: <integer> ft_over_ds: <value in [disable, enable]> ft_r0_key_lifetime: <integer> gtk_rekey: <value in [disable, enable]> gtk_rekey_intv: <integer> hotspot20_profile: <string> intra_vap_privacy: <value in [disable, enable]> ip: <string> key: <list or string> keyindex: <integer> ldpc: <value in [disable, tx, rx, ...]> local_authentication: <value in [disable, enable]> local_bridging: <value in [disable, enable]> local_lan: <value in [deny, allow]> local_standalone: <value in [disable, enable]> local_standalone_nat: <value in [disable, enable]> mac_auth_bypass: <value in [disable, enable]> mac_filter: <value in [disable, enable]> mac_filter_list: - id: <integer> mac: <string> mac_filter_policy: <value in [deny, allow]> mac_filter_policy_other: <value in [deny, allow]> max_clients: <integer> max_clients_ap: <integer> me_disable_thresh: <integer> mesh_backhaul: <value in [disable, enable]> mpsk: <value in [disable, enable]> mpsk_concurrent_clients: <integer> mpsk_key: - comment: <string> concurrent_clients: <string> key_name: <string> passphrase: <list or string> mpsk_schedules: <list or string> multicast_enhance: <value in [disable, enable]> multicast_rate: <value in [0, 6000, 12000, ...]> name: <string> okc: <value in [disable, enable]> passphrase: <list or string> pmf: <value in [disable, enable, optional]> pmf_assoc_comeback_timeout: <integer> pmf_sa_query_retry_timeout: <integer> portal_message_override_group: <string> portal_type: <value in [auth, auth+disclaimer, disclaimer, ...]> probe_resp_suppression: <value in [disable, enable]> probe_resp_threshold: <string> ptk_rekey: <value in [disable, enable]> ptk_rekey_intv: <integer> qos_profile: <string> quarantine: <value in [disable, enable]> radio_2g_threshold: <string> radio_5g_threshold: <string> radio_sensitivity: <value in [disable, enable]> radius_mac_auth: <value in [disable, enable]> radius_mac_auth_server: <string> radius_mac_auth_usergroups: <list or string> radius_server: <string> rates_11a: - 1 - 1-basic - 2 - 2-basic - 5.5 - 5.5-basic - 6 - 6-basic - 9 - 9-basic - 12 - 12-basic - 18 - 18-basic - 24 - 24-basic - 36 - 36-basic - 48 - 48-basic - 54 - 54-basic - 11 - 11-basic rates_11ac_ss12: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/1 - mcs9/1 - mcs0/2 - mcs1/2 - mcs2/2 - mcs3/2 - mcs4/2 - mcs5/2 - mcs6/2 - mcs7/2 - mcs8/2 - mcs9/2 - mcs10/1 - mcs11/1 - mcs10/2 - mcs11/2 rates_11ac_ss34: - mcs0/3 - mcs1/3 - mcs2/3 - mcs3/3 - mcs4/3 - mcs5/3 - mcs6/3 - mcs7/3 - mcs8/3 - mcs9/3 - mcs0/4 - mcs1/4 - mcs2/4 - mcs3/4 - mcs4/4 - mcs5/4 - mcs6/4 - mcs7/4 - mcs8/4 - mcs9/4 - mcs10/3 - mcs11/3 - mcs10/4 - mcs11/4 rates_11bg: - 1 - 1-basic - 2 - 2-basic - 5.5 - 5.5-basic - 6 - 6-basic - 9 - 9-basic - 12 - 12-basic - 18 - 18-basic - 24 - 24-basic - 36 - 36-basic - 48 - 48-basic - 54 - 54-basic - 11 - 11-basic rates_11n_ss12: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/2 - mcs9/2 - mcs10/2 - mcs11/2 - mcs12/2 - mcs13/2 - mcs14/2 - mcs15/2 rates_11n_ss34: - mcs16/3 - mcs17/3 - mcs18/3 - mcs19/3 - mcs20/3 - mcs21/3 - mcs22/3 - mcs23/3 - mcs24/4 - mcs25/4 - mcs26/4 - mcs27/4 - mcs28/4 - mcs29/4 - mcs30/4 - mcs31/4 schedule: <list or string> security: <value in [None, WEP64, wep64, ...]> security_exempt_list: <string> security_obsolete_option: <value in [disable, enable]> security_redirect_url: <string> selected_usergroups: <list or string> split_tunneling: <value in [disable, enable]> ssid: <string> tkip_counter_measure: <value in [disable, enable]> usergroup: <list or string> utm_profile: <string> vdom: <string> vlan_auto: <value in [disable, enable]> vlan_pool: - _wtp_group: <string> id: <integer> wtp_group: <string> vlan_pooling: <value in [wtp-group, round-robin, hash, ...]> vlanid: <integer> voice_enterprise: <value in [disable, enable]> address_group: <string> atf_weight: <integer> mu_mimo: <value in [disable, enable]> owe_groups: - 19 - 20 - 21 owe_transition: <value in [disable, enable]> owe_transition_ssid: <string> sae_groups: - 1 - 2 - 5 - 14 - 15 - 16 - 17 - 18 - 19 - 20 - 21 - 27 - 28 - 29 - 30 - 31 sae_password: <list or string> _intf_device_access_list: <string> external_web_format: <value in [auto-detect, no-query-string, partial-query-string]> high_efficiency: <value in [disable, enable]> primary_wag_profile: <string> secondary_wag_profile: <string> target_wake_time: <value in [disable, enable]> tunnel_echo_interval: <integer> tunnel_fallback_interval: <integer> access_control_list: <string> captive_portal_auth_timeout: <integer> ipv6_rules: - drop-icmp6ra - drop-icmp6rs - drop-llmnr6 - drop-icmp6mld2 - drop-dhcp6s - drop-dhcp6c - ndp-proxy - drop-ns-dad - drop-ns-nondad sticky_client_remove: <value in [disable, enable]> sticky_client_threshold_2g: <string> sticky_client_threshold_5g: <string> bss_color_partial: <value in [disable, enable]> dhcp_option43_insertion: <value in [disable, enable]> mpsk_profile: <string> igmp_snooping: <value in [disable, enable]> port_macauth: <value in [disable, radius, address-group]> port_macauth_reauth_timeout: <integer> port_macauth_timeout: <integer> portal_message_overrides: auth_disclaimer_page: <string> auth_login_failed_page: <string> auth_login_page: <string> auth_reject_page: <string> additional_akms: - akm6 bstm_disassociation_imminent: <value in [disable, enable]> bstm_load_balancing_disassoc_timer: <integer> bstm_rssi_disassoc_timer: <integer> dhcp_address_enforcement: <value in [disable, enable]> gas_comeback_delay: <integer> gas_fragmentation_limit: <integer> mac_called_station_delimiter: <value in [hyphen, single-hyphen, colon, ...]> mac_calling_station_delimiter: <value in [hyphen, single-hyphen, colon, ...]> mac_case: <value in [uppercase, lowercase]> mac_password_delimiter: <value in [hyphen, single-hyphen, colon, ...]> mac_username_delimiter: <value in [hyphen, single-hyphen, colon, ...]> mbo: <value in [disable, enable]> mbo_cell_data_conn_pref: <value in [excluded, prefer-not, prefer-use]> nac: <value in [disable, enable]> nac_profile: <string> neighbor_report_dual_band: <value in [disable, enable]> address_group_policy: <value in [disable, allow, deny]> antivirus_profile: <string> application_detection_engine: <value in [disable, enable]> application_list: <string> application_report_intv: <integer> auth_cert: <string> auth_portal_addr: <string> beacon_advertising: - name - model - serial-number ips_sensor: <string> l3_roaming: <value in [disable, enable]> local_standalone_dns: <value in [disable, enable]> local_standalone_dns_ip: <list or string> osen: <value in [disable, enable]> radius_mac_mpsk_auth: <value in [disable, enable]> radius_mac_mpsk_timeout: <integer> rates_11ax_ss12: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/1 - mcs9/1 - mcs10/1 - mcs11/1 - mcs0/2 - mcs1/2 - mcs2/2 - mcs3/2 - mcs4/2 - mcs5/2 - mcs6/2 - mcs7/2 - mcs8/2 - mcs9/2 - mcs10/2 - mcs11/2 rates_11ax_ss34: - mcs0/3 - mcs1/3 - mcs2/3 - mcs3/3 - mcs4/3 - mcs5/3 - mcs6/3 - mcs7/3 - mcs8/3 - mcs9/3 - mcs10/3 - mcs11/3 - mcs0/4 - mcs1/4 - mcs2/4 - mcs3/4 - mcs4/4 - mcs5/4 - mcs6/4 - mcs7/4 - mcs8/4 - mcs9/4 - mcs10/4 - mcs11/4 scan_botnet_connections: <value in [disable, block, monitor]> utm_log: <value in [disable, enable]> utm_status: <value in [disable, enable]> vlan_name: - name: <string> vlan_id: <integer> webfilter_profile: <string> sae_h2e_only: <value in [disable, enable]> sae_pk: <value in [disable, enable]> sae_private_key: <string> sticky_client_threshold_6g: <string> application_dscp_marking: <value in [disable, enable]> l3_roaming_mode: <value in [direct, indirect]> rates_11ac_mcs_map: <string> rates_11ax_mcs_map: <string> captive_portal_fw_accounting: <value in [disable, enable]> radius_mac_auth_block_interval: <integer> _is_factory_setting: <value in [disable, enable, ext]> d80211k: <value in [disable, enable]> d80211v: <value in [disable, enable]> roaming_acct_interim_update: <value in [disable, enable]> sae_hnp_only: <value in [disable, enable]>
vap: description: The top level parameters set. required: false suboptions: 80211k: choices: - disable - enable description: Deprecated, please rename it to d80211k. Enable/disable 802. type: str 80211v: choices: - disable - enable description: Deprecated, please rename it to d80211v. Enable/disable 802. type: str _centmgmt: choices: - disable - enable description: _Centmgmt. type: str _dhcp_svr_id: description: _Dhcp_Svr_Id. type: str _intf_allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test description: _Intf_Allowaccess. elements: str type: list _intf_device-access-list: description: Deprecated, please rename it to _intf_device_access_list. _Intf_Device-Access-List. type: str _intf_device-identification: choices: - disable - enable description: Deprecated, please rename it to _intf_device_identification. _Intf_Device-Identification. type: str _intf_device-netscan: choices: - disable - enable description: Deprecated, please rename it to _intf_device_netscan. _Intf_Device-Netscan. type: str _intf_dhcp-relay-ip: description: (list) Deprecated, please rename it to _intf_dhcp_relay_ip. _Intf_Dhcp-Relay-Ip. type: raw _intf_dhcp-relay-service: choices: - disable - enable description: Deprecated, please rename it to _intf_dhcp_relay_service. _Intf_Dhcp-Relay-Service. type: str _intf_dhcp-relay-type: choices: - regular - ipsec description: Deprecated, please rename it to _intf_dhcp_relay_type. _Intf_Dhcp-Relay-Type. type: str _intf_dhcp6-relay-ip: description: Deprecated, please rename it to _intf_dhcp6_relay_ip. _Intf_Dhcp6-Relay-Ip. type: str _intf_dhcp6-relay-service: choices: - disable - enable description: Deprecated, please rename it to _intf_dhcp6_relay_service. _Intf_Dhcp6-Relay-Service. type: str _intf_dhcp6-relay-type: choices: - regular description: Deprecated, please rename it to _intf_dhcp6_relay_type. _Intf_Dhcp6-Relay-Type. type: str _intf_ip: description: _Intf_Ip. type: str _intf_ip6-address: description: Deprecated, please rename it to _intf_ip6_address. _Intf_Ip6-Address. type: str _intf_ip6-allowaccess: choices: - https - ping - ssh - snmp - http - telnet - any - fgfm - capwap description: Deprecated, please rename it to _intf_ip6_allowaccess. _Intf_Ip6-Allowaccess. elements: str type: list _intf_listen-forticlient-connection: choices: - disable - enable description: Deprecated, please rename it to _intf_listen_forticlient_connection. _Intf_Listen-Forticlient-Connection. type: str _is_factory_setting: choices: - disable - enable - ext description: No description. type: str access-control-list: description: Deprecated, please rename it to access_control_list. Access-control-list profile name. type: str acct-interim-interval: description: Deprecated, please rename it to acct_interim_interval. WiFi RADIUS accounting interim interval type: int additional-akms: choices: - akm6 description: Deprecated, please rename it to additional_akms. Additional AKMs. elements: str type: list address-group: description: Deprecated, please rename it to address_group. Address group ID. type: str address-group-policy: choices: - disable - allow - deny description: Deprecated, please rename it to address_group_policy. Configure MAC address filtering policy for MAC addresses that are in... type: str alias: description: Alias. type: str antivirus-profile: description: Deprecated, please rename it to antivirus_profile. AntiVirus profile name. type: str application-detection-engine: choices: - disable - enable description: Deprecated, please rename it to application_detection_engine. Enable/disable application detection engine type: str application-dscp-marking: choices: - disable - enable description: Deprecated, please rename it to application_dscp_marking. Enable/disable application attribute based DSCP marking type: str application-list: description: Deprecated, please rename it to application_list. Application control list name. type: str application-report-intv: description: Deprecated, please rename it to application_report_intv. Application report interval type: int atf-weight: description: Deprecated, please rename it to atf_weight. Airtime weight in percentage type: int auth: choices: - PSK - psk - RADIUS - radius - usergroup description: Authentication protocol. type: str auth-cert: description: Deprecated, please rename it to auth_cert. HTTPS server certificate. type: str auth-portal-addr: description: Deprecated, please rename it to auth_portal_addr. Address of captive portal. type: str beacon-advertising: choices: - name - model - serial-number description: Deprecated, please rename it to beacon_advertising. elements: str type: list broadcast-ssid: choices: - disable - enable description: Deprecated, please rename it to broadcast_ssid. Enable/disable broadcasting the SSID type: str broadcast-suppression: choices: - dhcp - arp - dhcp2 - arp2 - netbios-ns - netbios-ds - arp3 - dhcp-up - dhcp-down - arp-known - arp-unknown - arp-reply - ipv6 - dhcp-starvation - arp-poison - all-other-mc - all-other-bc - arp-proxy - dhcp-ucast description: Deprecated, please rename it to broadcast_suppression. Optional suppression of broadcast messages. elements: str type: list bss-color-partial: choices: - disable - enable description: Deprecated, please rename it to bss_color_partial. Enable/disable 802. type: str bstm-disassociation-imminent: choices: - disable - enable description: Deprecated, please rename it to bstm_disassociation_imminent. Enable/disable forcing of disassociation after the BSTM requ... type: str bstm-load-balancing-disassoc-timer: description: Deprecated, please rename it to bstm_load_balancing_disassoc_timer. Time interval for client to voluntarily leave AP befor... type: int bstm-rssi-disassoc-timer: description: Deprecated, please rename it to bstm_rssi_disassoc_timer. Time interval for client to voluntarily leave AP before forcing ... type: int captive-portal-ac-name: description: Deprecated, please rename it to captive_portal_ac_name. Local-bridging captive portal ac-name. type: str captive-portal-auth-timeout: description: Deprecated, please rename it to captive_portal_auth_timeout. Hard timeout - AP will always clear the session after timeout... type: int captive-portal-fw-accounting: choices: - disable - enable description: Deprecated, please rename it to captive_portal_fw_accounting. Enable/disable RADIUS accounting for captive portal firewall... type: str captive-portal-macauth-radius-secret: description: (list) Deprecated, please rename it to captive_portal_macauth_radius_secret. Secret key to access the macauth RADIUS server. type: raw captive-portal-macauth-radius-server: description: Deprecated, please rename it to captive_portal_macauth_radius_server. Captive portal external RADIUS server domain name or... type: str captive-portal-radius-secret: description: (list) Deprecated, please rename it to captive_portal_radius_secret. Secret key to access the RADIUS server. type: raw captive-portal-radius-server: description: Deprecated, please rename it to captive_portal_radius_server. Captive portal RADIUS server domain name or IP address. type: str captive-portal-session-timeout-interval: description: Deprecated, please rename it to captive_portal_session_timeout_interval. Session timeout interval type: int dhcp-address-enforcement: choices: - disable - enable description: Deprecated, please rename it to dhcp_address_enforcement. Enable/disable DHCP address enforcement type: str dhcp-lease-time: description: Deprecated, please rename it to dhcp_lease_time. DHCP lease time in seconds for NAT IP address. type: int dhcp-option43-insertion: choices: - disable - enable description: Deprecated, please rename it to dhcp_option43_insertion. Enable/disable insertion of DHCP option 43 type: str dhcp-option82-circuit-id-insertion: choices: - disable - style-1 - style-2 - style-3 description: Deprecated, please rename it to dhcp_option82_circuit_id_insertion. Enable/disable DHCP option 82 circuit-id insert type: str dhcp-option82-insertion: choices: - disable - enable description: Deprecated, please rename it to dhcp_option82_insertion. Enable/disable DHCP option 82 insert type: str dhcp-option82-remote-id-insertion: choices: - disable - style-1 description: Deprecated, please rename it to dhcp_option82_remote_id_insertion. Enable/disable DHCP option 82 remote-id insert type: str dynamic-vlan: choices: - disable - enable description: Deprecated, please rename it to dynamic_vlan. Enable/disable dynamic VLAN assignment. type: str dynamic_mapping: description: Dynamic_Mapping. elements: dict suboptions: 80211k: choices: - disable - enable description: Deprecated, please rename it to d80211k. Enable/disable 802. type: str 80211v: choices: - disable - enable description: Deprecated, please rename it to d80211v. Enable/disable 802. type: str _centmgmt: choices: - disable - enable description: _Centmgmt. type: str _dhcp_svr_id: description: _Dhcp_Svr_Id. type: str _intf_allowaccess: choices: - https - ping - ssh - snmp - http - telnet - fgfm - auto-ipsec - radius-acct - probe-response - capwap - dnp - ftm - fabric - speed-test description: _Intf_Allowaccess. elements: str type: list _intf_device-access-list: description: Deprecated, please rename it to _intf_device_access_list. _Intf_Device-Access-List. type: str _intf_device-identification: choices: - disable - enable description: Deprecated, please rename it to _intf_device_identification. _Intf_Device-Identification. type: str _intf_device-netscan: choices: - disable - enable description: Deprecated, please rename it to _intf_device_netscan. _Intf_Device-Netscan. type: str _intf_dhcp-relay-ip: description: (list) Deprecated, please rename it to _intf_dhcp_relay_ip. _Intf_Dhcp-Relay-Ip. type: raw _intf_dhcp-relay-service: choices: - disable - enable description: Deprecated, please rename it to _intf_dhcp_relay_service. _Intf_Dhcp-Relay-Service. type: str _intf_dhcp-relay-type: choices: - regular - ipsec description: Deprecated, please rename it to _intf_dhcp_relay_type. _Intf_Dhcp-Relay-Type. type: str _intf_dhcp6-relay-ip: description: Deprecated, please rename it to _intf_dhcp6_relay_ip. _Intf_Dhcp6-Relay-Ip. type: str _intf_dhcp6-relay-service: choices: - disable - enable description: Deprecated, please rename it to _intf_dhcp6_relay_service. _Intf_Dhcp6-Relay-Service. type: str _intf_dhcp6-relay-type: choices: - regular description: Deprecated, please rename it to _intf_dhcp6_relay_type. _Intf_Dhcp6-Relay-Type. type: str _intf_ip: description: _Intf_Ip. type: str _intf_ip6-address: description: Deprecated, please rename it to _intf_ip6_address. _Intf_Ip6-Address. type: str _intf_ip6-allowaccess: choices: - https - ping - ssh - snmp - http - telnet - any - fgfm - capwap description: Deprecated, please rename it to _intf_ip6_allowaccess. _Intf_Ip6-Allowaccess. elements: str type: list _intf_listen-forticlient-connection: choices: - disable - enable description: Deprecated, please rename it to _intf_listen_forticlient_connection. _Intf_Listen-Forticlient-Connection. type: str _is_factory_setting: choices: - disable - enable - ext description: No description. type: str _scope: description: _Scope. elements: dict suboptions: name: description: Name. type: str vdom: description: Vdom. type: str type: list access-control-list: description: Deprecated, please rename it to access_control_list. Access-Control-List. type: str acct-interim-interval: description: Deprecated, please rename it to acct_interim_interval. WiFi RADIUS accounting interim interval type: int additional-akms: choices: - akm6 description: Deprecated, please rename it to additional_akms. Additional-Akms. elements: str type: list address-group: description: Deprecated, please rename it to address_group. Address group ID. type: str address-group-policy: choices: - disable - allow - deny description: Deprecated, please rename it to address_group_policy. Configure MAC address filtering policy for MAC addresses tha... type: str alias: description: Alias. type: str antivirus-profile: description: Deprecated, please rename it to antivirus_profile. AntiVirus profile name. type: str application-detection-engine: choices: - disable - enable description: Deprecated, please rename it to application_detection_engine. Enable/disable application detection engine type: str application-dscp-marking: choices: - disable - enable description: Deprecated, please rename it to application_dscp_marking. Enable/disable application attribute based DSCP marking type: str application-list: description: Deprecated, please rename it to application_list. Application control list name. type: str application-report-intv: description: Deprecated, please rename it to application_report_intv. Application report interval type: int atf-weight: description: Deprecated, please rename it to atf_weight. Airtime weight in percentage type: int auth: choices: - PSK - psk - RADIUS - radius - usergroup description: Authentication protocol. type: str auth-cert: description: Deprecated, please rename it to auth_cert. HTTPS server certificate. type: str auth-portal-addr: description: Deprecated, please rename it to auth_portal_addr. Address of captive portal. type: str beacon-advertising: choices: - name - model - serial-number description: Deprecated, please rename it to beacon_advertising. elements: str type: list broadcast-ssid: choices: - disable - enable description: Deprecated, please rename it to broadcast_ssid. Enable/disable broadcasting the SSID type: str broadcast-suppression: choices: - dhcp - arp - dhcp2 - arp2 - netbios-ns - netbios-ds - arp3 - dhcp-up - dhcp-down - arp-known - arp-unknown - arp-reply - ipv6 - dhcp-starvation - arp-poison - all-other-mc - all-other-bc - arp-proxy - dhcp-ucast description: Deprecated, please rename it to broadcast_suppression. Optional suppression of broadcast messages. elements: str type: list bss-color-partial: choices: - disable - enable description: Deprecated, please rename it to bss_color_partial. Bss-Color-Partial. type: str bstm-disassociation-imminent: choices: - disable - enable description: Deprecated, please rename it to bstm_disassociation_imminent. Enable/disable forcing of disassociation after the B... type: str bstm-load-balancing-disassoc-timer: description: Deprecated, please rename it to bstm_load_balancing_disassoc_timer. Time interval for client to voluntarily leave ... type: int bstm-rssi-disassoc-timer: description: Deprecated, please rename it to bstm_rssi_disassoc_timer. Time interval for client to voluntarily leave AP before ... type: int captive-portal-ac-name: description: Deprecated, please rename it to captive_portal_ac_name. Local-bridging captive portal ac-name. type: str captive-portal-auth-timeout: description: Deprecated, please rename it to captive_portal_auth_timeout. Captive-Portal-Auth-Timeout. type: int captive-portal-fw-accounting: choices: - disable - enable description: Deprecated, please rename it to captive_portal_fw_accounting. Enable/disable RADIUS accounting for captive portal ... type: str captive-portal-macauth-radius-secret: description: (list) Deprecated, please rename it to captive_portal_macauth_radius_secret. Secret key to access the macauth RADI... type: raw captive-portal-macauth-radius-server: description: Deprecated, please rename it to captive_portal_macauth_radius_server. Captive portal external RADIUS server domain... type: str captive-portal-radius-secret: description: (list) Deprecated, please rename it to captive_portal_radius_secret. Secret key to access the RADIUS server. type: raw captive-portal-radius-server: description: Deprecated, please rename it to captive_portal_radius_server. Captive portal RADIUS server domain name or IP address. type: str captive-portal-session-timeout-interval: description: Deprecated, please rename it to captive_portal_session_timeout_interval. Session timeout interval type: int client-count: description: Deprecated, please rename it to client_count. Client-Count. type: int dhcp-address-enforcement: choices: - disable - enable description: Deprecated, please rename it to dhcp_address_enforcement. Enable/disable DHCP address enforcement type: str dhcp-lease-time: description: Deprecated, please rename it to dhcp_lease_time. DHCP lease time in seconds for NAT IP address. type: int dhcp-option43-insertion: choices: - disable - enable description: Deprecated, please rename it to dhcp_option43_insertion. Dhcp-Option43-Insertion. type: str dhcp-option82-circuit-id-insertion: choices: - disable - style-1 - style-2 - style-3 description: Deprecated, please rename it to dhcp_option82_circuit_id_insertion. Enable/disable DHCP option 82 circuit-id insert type: str dhcp-option82-insertion: choices: - disable - enable description: Deprecated, please rename it to dhcp_option82_insertion. Enable/disable DHCP option 82 insert type: str dhcp-option82-remote-id-insertion: choices: - disable - style-1 description: Deprecated, please rename it to dhcp_option82_remote_id_insertion. Enable/disable DHCP option 82 remote-id insert type: str dynamic-vlan: choices: - disable - enable description: Deprecated, please rename it to dynamic_vlan. Enable/disable dynamic VLAN assignment. type: str eap-reauth: choices: - disable - enable description: Deprecated, please rename it to eap_reauth. Enable/disable EAP re-authentication for WPA-Enterprise security. type: str eap-reauth-intv: description: Deprecated, please rename it to eap_reauth_intv. EAP re-authentication interval type: int eapol-key-retries: choices: - disable - enable description: Deprecated, please rename it to eapol_key_retries. Enable/disable retransmission of EAPOL-Key frames type: str encrypt: choices: - TKIP - AES - TKIP-AES description: Encryption protocol to use type: str external-fast-roaming: choices: - disable - enable description: Deprecated, please rename it to external_fast_roaming. Enable/disable fast roaming or pre-authentication with exte... type: str external-logout: description: Deprecated, please rename it to external_logout. URL of external authentication logout server. type: str external-web: description: Deprecated, please rename it to external_web. URL of external authentication web server. type: str external-web-format: choices: - auto-detect - no-query-string - partial-query-string description: Deprecated, please rename it to external_web_format. URL query parameter detection type: str fast-bss-transition: choices: - disable - enable description: Deprecated, please rename it to fast_bss_transition. Enable/disable 802. type: str fast-roaming: choices: - disable - enable description: Deprecated, please rename it to fast_roaming. Enable/disable fast-roaming, or pre-authentication, where supported ... type: str ft-mobility-domain: description: Deprecated, please rename it to ft_mobility_domain. Mobility domain identifier in FT type: int ft-over-ds: choices: - disable - enable description: Deprecated, please rename it to ft_over_ds. Enable/disable FT over the Distribution System type: str ft-r0-key-lifetime: description: Deprecated, please rename it to ft_r0_key_lifetime. Lifetime of the PMK-R0 key in FT, 1-65535 minutes. type: int gas-comeback-delay: description: Deprecated, please rename it to gas_comeback_delay. GAS comeback delay type: int gas-fragmentation-limit: description: Deprecated, please rename it to gas_fragmentation_limit. GAS fragmentation limit type: int gtk-rekey: choices: - disable - enable description: Deprecated, please rename it to gtk_rekey. Enable/disable GTK rekey for WPA security. type: str gtk-rekey-intv: description: Deprecated, please rename it to gtk_rekey_intv. GTK rekey interval type: int high-efficiency: choices: - disable - enable description: Deprecated, please rename it to high_efficiency. Enable/disable 802. type: str hotspot20-profile: description: Deprecated, please rename it to hotspot20_profile. Hotspot 2. type: str igmp-snooping: choices: - disable - enable description: Deprecated, please rename it to igmp_snooping. Enable/disable IGMP snooping. type: str intra-vap-privacy: choices: - disable - enable description: Deprecated, please rename it to intra_vap_privacy. Enable/disable blocking communication between clients on the sa... type: str ip: description: IP address and subnet mask for the local standalone NAT subnet. type: str ips-sensor: description: Deprecated, please rename it to ips_sensor. IPS sensor name. type: str ipv6-rules: choices: - drop-icmp6ra - drop-icmp6rs - drop-llmnr6 - drop-icmp6mld2 - drop-dhcp6s - drop-dhcp6c - ndp-proxy - drop-ns-dad - drop-ns-nondad description: Deprecated, please rename it to ipv6_rules. Ipv6-Rules. elements: str type: list key: description: (list) WEP Key. type: raw keyindex: description: WEP key index type: int l3-roaming: choices: - disable - enable description: Deprecated, please rename it to l3_roaming. Enable/disable layer 3 roaming type: str l3-roaming-mode: choices: - direct - indirect description: Deprecated, please rename it to l3_roaming_mode. Select the way that layer 3 roaming traffic is passed type: str ldpc: choices: - disable - tx - rx - rxtx description: VAP low-density parity-check type: str local-authentication: choices: - disable - enable description: Deprecated, please rename it to local_authentication. Enable/disable AP local authentication. type: str local-bridging: choices: - disable - enable description: Deprecated, please rename it to local_bridging. Enable/disable bridging of wireless and Ethernet interfaces on the... type: str local-lan: choices: - deny - allow description: Deprecated, please rename it to local_lan. Allow/deny traffic destined for a Class A, B, or C private IP address type: str local-standalone: choices: - disable - enable description: Deprecated, please rename it to local_standalone. Enable/disable AP local standalone type: str local-standalone-dns: choices: - disable - enable description: Deprecated, please rename it to local_standalone_dns. Enable/disable AP local standalone DNS. type: str local-standalone-dns-ip: description: (list) Deprecated, please rename it to local_standalone_dns_ip. type: raw local-standalone-nat: choices: - disable - enable description: Deprecated, please rename it to local_standalone_nat. Enable/disable AP local standalone NAT mode. type: str local-switching: choices: - disable - enable description: Deprecated, please rename it to local_switching. Local-Switching. type: str mac-auth-bypass: choices: - disable - enable description: Deprecated, please rename it to mac_auth_bypass. Enable/disable MAC authentication bypass. type: str mac-called-station-delimiter: choices: - hyphen - single-hyphen - colon - none description: Deprecated, please rename it to mac_called_station_delimiter. MAC called station delimiter type: str mac-calling-station-delimiter: choices: - hyphen - single-hyphen - colon - none description: Deprecated, please rename it to mac_calling_station_delimiter. MAC calling station delimiter type: str mac-case: choices: - uppercase - lowercase description: Deprecated, please rename it to mac_case. MAC case type: str mac-filter: choices: - disable - enable description: Deprecated, please rename it to mac_filter. Enable/disable MAC filtering to block wireless clients by mac address. type: str mac-filter-policy-other: choices: - deny - allow description: Deprecated, please rename it to mac_filter_policy_other. Allow or block clients with MAC addresses that are not in... type: str mac-password-delimiter: choices: - hyphen - single-hyphen - colon - none description: Deprecated, please rename it to mac_password_delimiter. MAC authentication password delimiter type: str mac-username-delimiter: choices: - hyphen - single-hyphen - colon - none description: Deprecated, please rename it to mac_username_delimiter. MAC authentication username delimiter type: str max-clients: description: Deprecated, please rename it to max_clients. Maximum number of clients that can connect simultaneously to the VAP type: int max-clients-ap: description: Deprecated, please rename it to max_clients_ap. Maximum number of clients that can connect simultaneously to the V... type: int mbo: choices: - disable - enable description: Enable/disable Multiband Operation type: str mbo-cell-data-conn-pref: choices: - excluded - prefer-not - prefer-use description: Deprecated, please rename it to mbo_cell_data_conn_pref. MBO cell data connection preference type: str me-disable-thresh: description: Deprecated, please rename it to me_disable_thresh. Disable multicast enhancement when this many clients are receiv... type: int mesh-backhaul: choices: - disable - enable description: Deprecated, please rename it to mesh_backhaul. Enable/disable using this VAP as a WiFi mesh backhaul type: str mpsk: choices: - disable - enable description: Enable/disable multiple PSK authentication. type: str mpsk-concurrent-clients: description: Deprecated, please rename it to mpsk_concurrent_clients. Maximum number of concurrent clients that connect using t... type: int mpsk-profile: description: Deprecated, please rename it to mpsk_profile. Mpsk-Profile. type: str mu-mimo: choices: - disable - enable description: Deprecated, please rename it to mu_mimo. Enable/disable Multi-user MIMO type: str multicast-enhance: choices: - disable - enable description: Deprecated, please rename it to multicast_enhance. Enable/disable converting multicast to unicast to improve perfo... type: str multicast-rate: choices: - '0' - '6000' - '12000' - '24000' description: Deprecated, please rename it to multicast_rate. Multicast rate type: str nac: choices: - disable - enable description: Enable/disable network access control. type: str nac-profile: description: Deprecated, please rename it to nac_profile. NAC profile name. type: str neighbor-report-dual-band: choices: - disable - enable description: Deprecated, please rename it to neighbor_report_dual_band. Enable/disable dual-band neighbor report type: str okc: choices: - disable - enable description: Enable/disable Opportunistic Key Caching type: str osen: choices: - disable - enable description: Enable/disable OSEN as part of key management type: str owe-groups: choices: - '19' - '20' - '21' description: Deprecated, please rename it to owe_groups. OWE-Groups. elements: str type: list owe-transition: choices: - disable - enable description: Deprecated, please rename it to owe_transition. Enable/disable OWE transition mode support. type: str owe-transition-ssid: description: Deprecated, please rename it to owe_transition_ssid. OWE transition mode peer SSID. type: str passphrase: description: (list) WPA pre-shared key type: raw pmf: choices: - disable - enable - optional description: Protected Management Frames type: str pmf-assoc-comeback-timeout: description: Deprecated, please rename it to pmf_assoc_comeback_timeout. Protected Management Frames type: int pmf-sa-query-retry-timeout: description: Deprecated, please rename it to pmf_sa_query_retry_timeout. Protected Management Frames type: int port-macauth: choices: - disable - radius - address-group description: Deprecated, please rename it to port_macauth. Enable/disable LAN port MAC authentication type: str port-macauth-reauth-timeout: description: Deprecated, please rename it to port_macauth_reauth_timeout. LAN port MAC authentication re-authentication timeout... type: int port-macauth-timeout: description: Deprecated, please rename it to port_macauth_timeout. LAN port MAC authentication idle timeout value type: int portal-message-override-group: description: Deprecated, please rename it to portal_message_override_group. Replacement message group for this VAP type: str portal-type: choices: - auth - auth+disclaimer - disclaimer - email-collect - cmcc - cmcc-macauth - auth-mac - external-auth - external-macauth description: Deprecated, please rename it to portal_type. Captive portal functionality. type: str primary-wag-profile: description: Deprecated, please rename it to primary_wag_profile. Primary wireless access gateway profile name. type: str probe-resp-suppression: choices: - disable - enable description: Deprecated, please rename it to probe_resp_suppression. Enable/disable probe response suppression type: str probe-resp-threshold: description: Deprecated, please rename it to probe_resp_threshold. Minimum signal level/threshold in dBm required for the AP re... type: str ptk-rekey: choices: - disable - enable description: Deprecated, please rename it to ptk_rekey. Enable/disable PTK rekey for WPA-Enterprise security. type: str ptk-rekey-intv: description: Deprecated, please rename it to ptk_rekey_intv. PTK rekey interval type: int qos-profile: description: Deprecated, please rename it to qos_profile. Quality of service profile name. type: str quarantine: choices: - disable - enable description: Enable/disable station quarantine type: str radio-2g-threshold: description: Deprecated, please rename it to radio_2g_threshold. Minimum signal level/threshold in dBm required for the AP resp... type: str radio-5g-threshold: description: Deprecated, please rename it to radio_5g_threshold. Minimum signal level/threshold in dBm required for the AP resp... type: str radio-sensitivity: choices: - disable - enable description: Deprecated, please rename it to radio_sensitivity. Enable/disable software radio sensitivity type: str radius-mac-auth: choices: - disable - enable description: Deprecated, please rename it to radius_mac_auth. Enable/disable RADIUS-based MAC authentication of clients type: str radius-mac-auth-block-interval: description: Deprecated, please rename it to radius_mac_auth_block_interval. Dont send RADIUS MAC auth request again if the cli... type: int radius-mac-auth-server: description: Deprecated, please rename it to radius_mac_auth_server. RADIUS-based MAC authentication server. type: str radius-mac-auth-usergroups: description: (list) Deprecated, please rename it to radius_mac_auth_usergroups. Selective user groups that are permitted for RA... type: raw radius-mac-mpsk-auth: choices: - disable - enable description: Deprecated, please rename it to radius_mac_mpsk_auth. Enable/disable RADIUS-based MAC authentication of clients fo... type: str radius-mac-mpsk-timeout: description: Deprecated, please rename it to radius_mac_mpsk_timeout. RADIUS MAC MPSK cache timeout interval type: int radius-server: description: Deprecated, please rename it to radius_server. RADIUS server to be used to authenticate WiFi users. type: str rates-11a: choices: - '1' - 1-basic - '2' - 2-basic - '5.5' - 5.5-basic - '6' - 6-basic - '9' - 9-basic - '12' - 12-basic - '18' - 18-basic - '24' - 24-basic - '36' - 36-basic - '48' - 48-basic - '54' - 54-basic - '11' - 11-basic description: Deprecated, please rename it to rates_11a. Allowed data rates for 802. elements: str type: list rates-11ac-mcs-map: description: Deprecated, please rename it to rates_11ac_mcs_map. Comma separated list of max supported VHT MCS for spatial stre... type: str rates-11ac-ss12: choices: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/1 - mcs9/1 - mcs0/2 - mcs1/2 - mcs2/2 - mcs3/2 - mcs4/2 - mcs5/2 - mcs6/2 - mcs7/2 - mcs8/2 - mcs9/2 - mcs10/1 - mcs11/1 - mcs10/2 - mcs11/2 description: Deprecated, please rename it to rates_11ac_ss12. Allowed data rates for 802. elements: str type: list rates-11ac-ss34: choices: - mcs0/3 - mcs1/3 - mcs2/3 - mcs3/3 - mcs4/3 - mcs5/3 - mcs6/3 - mcs7/3 - mcs8/3 - mcs9/3 - mcs0/4 - mcs1/4 - mcs2/4 - mcs3/4 - mcs4/4 - mcs5/4 - mcs6/4 - mcs7/4 - mcs8/4 - mcs9/4 - mcs10/3 - mcs11/3 - mcs10/4 - mcs11/4 description: Deprecated, please rename it to rates_11ac_ss34. Allowed data rates for 802. elements: str type: list rates-11ax-mcs-map: description: Deprecated, please rename it to rates_11ax_mcs_map. Comma separated list of max supported HE MCS for spatial strea... type: str rates-11ax-ss12: choices: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/1 - mcs9/1 - mcs10/1 - mcs11/1 - mcs0/2 - mcs1/2 - mcs2/2 - mcs3/2 - mcs4/2 - mcs5/2 - mcs6/2 - mcs7/2 - mcs8/2 - mcs9/2 - mcs10/2 - mcs11/2 description: Deprecated, please rename it to rates_11ax_ss12. elements: str type: list rates-11ax-ss34: choices: - mcs0/3 - mcs1/3 - mcs2/3 - mcs3/3 - mcs4/3 - mcs5/3 - mcs6/3 - mcs7/3 - mcs8/3 - mcs9/3 - mcs10/3 - mcs11/3 - mcs0/4 - mcs1/4 - mcs2/4 - mcs3/4 - mcs4/4 - mcs5/4 - mcs6/4 - mcs7/4 - mcs8/4 - mcs9/4 - mcs10/4 - mcs11/4 description: Deprecated, please rename it to rates_11ax_ss34. elements: str type: list rates-11bg: choices: - '1' - 1-basic - '2' - 2-basic - '5.5' - 5.5-basic - '6' - 6-basic - '9' - 9-basic - '12' - 12-basic - '18' - 18-basic - '24' - 24-basic - '36' - 36-basic - '48' - 48-basic - '54' - 54-basic - '11' - 11-basic description: Deprecated, please rename it to rates_11bg. Allowed data rates for 802. elements: str type: list rates-11n-ss12: choices: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/2 - mcs9/2 - mcs10/2 - mcs11/2 - mcs12/2 - mcs13/2 - mcs14/2 - mcs15/2 description: Deprecated, please rename it to rates_11n_ss12. Allowed data rates for 802. elements: str type: list rates-11n-ss34: choices: - mcs16/3 - mcs17/3 - mcs18/3 - mcs19/3 - mcs20/3 - mcs21/3 - mcs22/3 - mcs23/3 - mcs24/4 - mcs25/4 - mcs26/4 - mcs27/4 - mcs28/4 - mcs29/4 - mcs30/4 - mcs31/4 description: Deprecated, please rename it to rates_11n_ss34. Allowed data rates for 802. elements: str type: list roaming-acct-interim-update: choices: - disable - enable description: Deprecated, please rename it to roaming_acct_interim_update. Enable/disable using accounting interim update instea... type: str sae-groups: choices: - '1' - '2' - '5' - '14' - '15' - '16' - '17' - '18' - '19' - '20' - '21' - '27' - '28' - '29' - '30' - '31' description: Deprecated, please rename it to sae_groups. SAE-Groups. elements: str type: list sae-h2e-only: choices: - disable - enable description: Deprecated, please rename it to sae_h2e_only. Use hash-to-element-only mechanism for PWE derivation type: str sae-hnp-only: choices: - disable - enable description: Deprecated, please rename it to sae_hnp_only. Use hunting-and-pecking-only mechanism for PWE derivation type: str sae-password: description: (list) Deprecated, please rename it to sae_password. WPA3 SAE password to be used to authenticate WiFi users. type: raw sae-pk: choices: - disable - enable description: Deprecated, please rename it to sae_pk. Enable/disable WPA3 SAE-PK type: str sae-private-key: description: Deprecated, please rename it to sae_private_key. Private key used for WPA3 SAE-PK authentication. type: str scan-botnet-connections: choices: - disable - block - monitor description: Deprecated, please rename it to scan_botnet_connections. Block or monitor connections to Botnet servers or disable... type: str schedule: description: (list or str) Firewall schedules for enabling this VAP on the FortiAP. type: raw secondary-wag-profile: description: Deprecated, please rename it to secondary_wag_profile. Secondary wireless access gateway profile name. type: str security: choices: - None - WEP64 - wep64 - WEP128 - wep128 - WPA_PSK - WPA_RADIUS - WPA - WPA2 - WPA2_AUTO - open - wpa-personal - wpa-enterprise - captive-portal - wpa-only-personal - wpa-only-enterprise - wpa2-only-personal - wpa2-only-enterprise - wpa-personal+captive-portal - wpa-only-personal+captive-portal - wpa2-only-personal+captive-portal - osen - wpa3-enterprise - sae - sae-transition - owe - wpa3-sae - wpa3-sae-transition - wpa3-only-enterprise - wpa3-enterprise-transition description: Security mode for the wireless interface type: str security-exempt-list: description: Deprecated, please rename it to security_exempt_list. Optional security exempt list for captive portal authentication. type: str security-obsolete-option: choices: - disable - enable description: Deprecated, please rename it to security_obsolete_option. Enable/disable obsolete security options. type: str security-redirect-url: description: Deprecated, please rename it to security_redirect_url. Optional URL for redirecting users after they pass captive ... type: str selected-usergroups: description: (list or str) Deprecated, please rename it to selected_usergroups. Selective user groups that are permitted to aut... type: raw split-tunneling: choices: - disable - enable description: Deprecated, please rename it to split_tunneling. Enable/disable split tunneling type: str ssid: description: IEEE 802. type: str sticky-client-remove: choices: - disable - enable description: Deprecated, please rename it to sticky_client_remove. Sticky-Client-Remove. type: str sticky-client-threshold-2g: description: Deprecated, please rename it to sticky_client_threshold_2g. Sticky-Client-Threshold-2G. type: str sticky-client-threshold-5g: description: Deprecated, please rename it to sticky_client_threshold_5g. Sticky-Client-Threshold-5G. type: str sticky-client-threshold-6g: description: Deprecated, please rename it to sticky_client_threshold_6g. Minimum signal level/threshold in dBm required for the... type: str target-wake-time: choices: - disable - enable description: Deprecated, please rename it to target_wake_time. Enable/disable 802. type: str tkip-counter-measure: choices: - disable - enable description: Deprecated, please rename it to tkip_counter_measure. Enable/disable TKIP counter measure. type: str tunnel-echo-interval: description: Deprecated, please rename it to tunnel_echo_interval. The time interval to send echo to both primary and secondary... type: int tunnel-fallback-interval: description: Deprecated, please rename it to tunnel_fallback_interval. The time interval for secondary tunnel to fall back to p... type: int usergroup: description: (list or str) Firewall user group to be used to authenticate WiFi users. type: raw utm-log: choices: - disable - enable description: Deprecated, please rename it to utm_log. Enable/disable UTM logging. type: str utm-profile: description: Deprecated, please rename it to utm_profile. UTM profile name. type: str utm-status: choices: - disable - enable description: Deprecated, please rename it to utm_status. Enable to add one or more security profiles type: str vdom: description: (list or str) Vdom. type: raw vlan-auto: choices: - disable - enable description: Deprecated, please rename it to vlan_auto. Enable/disable automatic management of SSID VLAN interface. type: str vlan-pooling: choices: - wtp-group - round-robin - hash - disable description: Deprecated, please rename it to vlan_pooling. Enable/disable VLAN pooling, to allow grouping of multiple wireless ... type: str vlanid: description: Optional VLAN ID. type: int voice-enterprise: choices: - disable - enable description: Deprecated, please rename it to voice_enterprise. Enable/disable 802. type: str webfilter-profile: description: Deprecated, please rename it to webfilter_profile. WebFilter profile name. type: str type: list eap-reauth: choices: - disable - enable description: Deprecated, please rename it to eap_reauth. Enable/disable EAP re-authentication for WPA-Enterprise security. type: str eap-reauth-intv: description: Deprecated, please rename it to eap_reauth_intv. EAP re-authentication interval type: int eapol-key-retries: choices: - disable - enable description: Deprecated, please rename it to eapol_key_retries. Enable/disable retransmission of EAPOL-Key frames type: str encrypt: choices: - TKIP - AES - TKIP-AES description: Encryption protocol to use type: str external-fast-roaming: choices: - disable - enable description: Deprecated, please rename it to external_fast_roaming. Enable/disable fast roaming or pre-authentication with external APs... type: str external-logout: description: Deprecated, please rename it to external_logout. URL of external authentication logout server. type: str external-web: description: Deprecated, please rename it to external_web. URL of external authentication web server. type: str external-web-format: choices: - auto-detect - no-query-string - partial-query-string description: Deprecated, please rename it to external_web_format. URL query parameter detection type: str fast-bss-transition: choices: - disable - enable description: Deprecated, please rename it to fast_bss_transition. Enable/disable 802. type: str fast-roaming: choices: - disable - enable description: Deprecated, please rename it to fast_roaming. Enable/disable fast-roaming, or pre-authentication, where supported by clients type: str ft-mobility-domain: description: Deprecated, please rename it to ft_mobility_domain. Mobility domain identifier in FT type: int ft-over-ds: choices: - disable - enable description: Deprecated, please rename it to ft_over_ds. Enable/disable FT over the Distribution System type: str ft-r0-key-lifetime: description: Deprecated, please rename it to ft_r0_key_lifetime. Lifetime of the PMK-R0 key in FT, 1-65535 minutes. type: int gas-comeback-delay: description: Deprecated, please rename it to gas_comeback_delay. GAS comeback delay type: int gas-fragmentation-limit: description: Deprecated, please rename it to gas_fragmentation_limit. GAS fragmentation limit type: int gtk-rekey: choices: - disable - enable description: Deprecated, please rename it to gtk_rekey. Enable/disable GTK rekey for WPA security. type: str gtk-rekey-intv: description: Deprecated, please rename it to gtk_rekey_intv. GTK rekey interval type: int high-efficiency: choices: - disable - enable description: Deprecated, please rename it to high_efficiency. Enable/disable 802. type: str hotspot20-profile: description: Deprecated, please rename it to hotspot20_profile. Hotspot 2. type: str igmp-snooping: choices: - disable - enable description: Deprecated, please rename it to igmp_snooping. Enable/disable IGMP snooping. type: str intra-vap-privacy: choices: - disable - enable description: Deprecated, please rename it to intra_vap_privacy. Enable/disable blocking communication between clients on the same SSID type: str ip: description: IP address and subnet mask for the local standalone NAT subnet. type: str ips-sensor: description: Deprecated, please rename it to ips_sensor. IPS sensor name. type: str ipv6-rules: choices: - drop-icmp6ra - drop-icmp6rs - drop-llmnr6 - drop-icmp6mld2 - drop-dhcp6s - drop-dhcp6c - ndp-proxy - drop-ns-dad - drop-ns-nondad description: Deprecated, please rename it to ipv6_rules. Optional rules of IPv6 packets. elements: str type: list key: description: (list) WEP Key. type: raw keyindex: description: WEP key index type: int l3-roaming: choices: - disable - enable description: Deprecated, please rename it to l3_roaming. Enable/disable layer 3 roaming type: str l3-roaming-mode: choices: - direct - indirect description: Deprecated, please rename it to l3_roaming_mode. Select the way that layer 3 roaming traffic is passed type: str ldpc: choices: - disable - tx - rx - rxtx description: VAP low-density parity-check type: str local-authentication: choices: - disable - enable description: Deprecated, please rename it to local_authentication. Enable/disable AP local authentication. type: str local-bridging: choices: - disable - enable description: Deprecated, please rename it to local_bridging. Enable/disable bridging of wireless and Ethernet interfaces on the FortiAP type: str local-lan: choices: - deny - allow description: Deprecated, please rename it to local_lan. Allow/deny traffic destined for a Class A, B, or C private IP address type: str local-standalone: choices: - disable - enable description: Deprecated, please rename it to local_standalone. Enable/disable AP local standalone type: str local-standalone-dns: choices: - disable - enable description: Deprecated, please rename it to local_standalone_dns. Enable/disable AP local standalone DNS. type: str local-standalone-dns-ip: description: (list) Deprecated, please rename it to local_standalone_dns_ip. type: raw local-standalone-nat: choices: - disable - enable description: Deprecated, please rename it to local_standalone_nat. Enable/disable AP local standalone NAT mode. type: str mac-auth-bypass: choices: - disable - enable description: Deprecated, please rename it to mac_auth_bypass. Enable/disable MAC authentication bypass. type: str mac-called-station-delimiter: choices: - hyphen - single-hyphen - colon - none description: Deprecated, please rename it to mac_called_station_delimiter. MAC called station delimiter type: str mac-calling-station-delimiter: choices: - hyphen - single-hyphen - colon - none description: Deprecated, please rename it to mac_calling_station_delimiter. MAC calling station delimiter type: str mac-case: choices: - uppercase - lowercase description: Deprecated, please rename it to mac_case. MAC case type: str mac-filter: choices: - disable - enable description: Deprecated, please rename it to mac_filter. Enable/disable MAC filtering to block wireless clients by mac address. type: str mac-filter-list: description: Deprecated, please rename it to mac_filter_list. Mac-Filter-List. elements: dict suboptions: id: description: ID. type: int mac: description: MAC address. type: str mac-filter-policy: choices: - deny - allow description: Deprecated, please rename it to mac_filter_policy. Deny or allow the client with this MAC address. type: str type: list mac-filter-policy-other: choices: - deny - allow description: Deprecated, please rename it to mac_filter_policy_other. Allow or block clients with MAC addresses that are not in the fil... type: str mac-password-delimiter: choices: - hyphen - single-hyphen - colon - none description: Deprecated, please rename it to mac_password_delimiter. MAC authentication password delimiter type: str mac-username-delimiter: choices: - hyphen - single-hyphen - colon - none description: Deprecated, please rename it to mac_username_delimiter. MAC authentication username delimiter type: str max-clients: description: Deprecated, please rename it to max_clients. Maximum number of clients that can connect simultaneously to the VAP type: int max-clients-ap: description: Deprecated, please rename it to max_clients_ap. Maximum number of clients that can connect simultaneously to each radio type: int mbo: choices: - disable - enable description: Enable/disable Multiband Operation type: str mbo-cell-data-conn-pref: choices: - excluded - prefer-not - prefer-use description: Deprecated, please rename it to mbo_cell_data_conn_pref. MBO cell data connection preference type: str me-disable-thresh: description: Deprecated, please rename it to me_disable_thresh. Disable multicast enhancement when this many clients are receiving mult... type: int mesh-backhaul: choices: - disable - enable description: Deprecated, please rename it to mesh_backhaul. Enable/disable using this VAP as a WiFi mesh backhaul type: str mpsk: choices: - disable - enable description: Enable/disable multiple pre-shared keys type: str mpsk-concurrent-clients: description: Deprecated, please rename it to mpsk_concurrent_clients. Number of pre-shared keys type: int mpsk-key: description: Deprecated, please rename it to mpsk_key. Mpsk-Key. elements: dict suboptions: comment: description: Comment. type: str concurrent-clients: description: Deprecated, please rename it to concurrent_clients. Number of clients that can connect using this pre-shared key. type: str key-name: description: Deprecated, please rename it to key_name. Pre-shared key name. type: str mpsk-schedules: description: (list or str) Deprecated, please rename it to mpsk_schedules. Firewall schedule for MPSK passphrase. type: raw passphrase: description: (list) WPA Pre-shared key. type: raw type: list mpsk-profile: description: Deprecated, please rename it to mpsk_profile. MPSK profile name. type: str mu-mimo: choices: - disable - enable description: Deprecated, please rename it to mu_mimo. Enable/disable Multi-user MIMO type: str multicast-enhance: choices: - disable - enable description: Deprecated, please rename it to multicast_enhance. Enable/disable converting multicast to unicast to improve performance type: str multicast-rate: choices: - '0' - '6000' - '12000' - '24000' description: Deprecated, please rename it to multicast_rate. Multicast rate type: str nac: choices: - disable - enable description: Enable/disable network access control. type: str nac-profile: description: Deprecated, please rename it to nac_profile. NAC profile name. type: str name: description: Virtual AP name. required: true type: str neighbor-report-dual-band: choices: - disable - enable description: Deprecated, please rename it to neighbor_report_dual_band. Enable/disable dual-band neighbor report type: str okc: choices: - disable - enable description: Enable/disable Opportunistic Key Caching type: str osen: choices: - disable - enable description: Enable/disable OSEN as part of key management type: str owe-groups: choices: - '19' - '20' - '21' description: Deprecated, please rename it to owe_groups. OWE-Groups. elements: str type: list owe-transition: choices: - disable - enable description: Deprecated, please rename it to owe_transition. Enable/disable OWE transition mode support. type: str owe-transition-ssid: description: Deprecated, please rename it to owe_transition_ssid. OWE transition mode peer SSID. type: str passphrase: description: (list) WPA pre-shared key type: raw pmf: choices: - disable - enable - optional description: Protected Management Frames type: str pmf-assoc-comeback-timeout: description: Deprecated, please rename it to pmf_assoc_comeback_timeout. Protected Management Frames type: int pmf-sa-query-retry-timeout: description: Deprecated, please rename it to pmf_sa_query_retry_timeout. Protected Management Frames type: int port-macauth: choices: - disable - radius - address-group description: Deprecated, please rename it to port_macauth. Enable/disable LAN port MAC authentication type: str port-macauth-reauth-timeout: description: Deprecated, please rename it to port_macauth_reauth_timeout. LAN port MAC authentication re-authentication timeout value type: int port-macauth-timeout: description: Deprecated, please rename it to port_macauth_timeout. LAN port MAC authentication idle timeout value type: int portal-message-override-group: description: Deprecated, please rename it to portal_message_override_group. Replacement message group for this VAP type: str portal-message-overrides: description: Deprecated, please rename it to portal_message_overrides. suboptions: auth-disclaimer-page: description: Deprecated, please rename it to auth_disclaimer_page. Override auth-disclaimer-page message with message from port... type: str auth-login-failed-page: description: Deprecated, please rename it to auth_login_failed_page. Override auth-login-failed-page message with message from ... type: str auth-login-page: description: Deprecated, please rename it to auth_login_page. Override auth-login-page message with message from portal-message... type: str auth-reject-page: description: Deprecated, please rename it to auth_reject_page. Override auth-reject-page message with message from portal-messa... type: str type: dict portal-type: choices: - auth - auth+disclaimer - disclaimer - email-collect - cmcc - cmcc-macauth - auth-mac - external-auth - external-macauth description: Deprecated, please rename it to portal_type. Captive portal functionality. type: str primary-wag-profile: description: Deprecated, please rename it to primary_wag_profile. Primary wireless access gateway profile name. type: str probe-resp-suppression: choices: - disable - enable description: Deprecated, please rename it to probe_resp_suppression. Enable/disable probe response suppression type: str probe-resp-threshold: description: Deprecated, please rename it to probe_resp_threshold. Minimum signal level/threshold in dBm required for the AP response t... type: str ptk-rekey: choices: - disable - enable description: Deprecated, please rename it to ptk_rekey. Enable/disable PTK rekey for WPA-Enterprise security. type: str ptk-rekey-intv: description: Deprecated, please rename it to ptk_rekey_intv. PTK rekey interval type: int qos-profile: description: Deprecated, please rename it to qos_profile. Quality of service profile name. type: str quarantine: choices: - disable - enable description: Enable/disable station quarantine type: str radio-2g-threshold: description: Deprecated, please rename it to radio_2g_threshold. Minimum signal level/threshold in dBm required for the AP response to ... type: str radio-5g-threshold: description: Deprecated, please rename it to radio_5g_threshold. Minimum signal level/threshold in dBm required for the AP response to ... type: str radio-sensitivity: choices: - disable - enable description: Deprecated, please rename it to radio_sensitivity. Enable/disable software radio sensitivity type: str radius-mac-auth: choices: - disable - enable description: Deprecated, please rename it to radius_mac_auth. Enable/disable RADIUS-based MAC authentication of clients type: str radius-mac-auth-block-interval: description: Deprecated, please rename it to radius_mac_auth_block_interval. Dont send RADIUS MAC auth request again if the client has ... type: int radius-mac-auth-server: description: Deprecated, please rename it to radius_mac_auth_server. RADIUS-based MAC authentication server. type: str radius-mac-auth-usergroups: description: (list) Deprecated, please rename it to radius_mac_auth_usergroups. Selective user groups that are permitted for RADIUS mac... type: raw radius-mac-mpsk-auth: choices: - disable - enable description: Deprecated, please rename it to radius_mac_mpsk_auth. Enable/disable RADIUS-based MAC authentication of clients for MPSK a... type: str radius-mac-mpsk-timeout: description: Deprecated, please rename it to radius_mac_mpsk_timeout. RADIUS MAC MPSK cache timeout interval type: int radius-server: description: Deprecated, please rename it to radius_server. RADIUS server to be used to authenticate WiFi users. type: str rates-11a: choices: - '1' - 1-basic - '2' - 2-basic - '5.5' - 5.5-basic - '6' - 6-basic - '9' - 9-basic - '12' - 12-basic - '18' - 18-basic - '24' - 24-basic - '36' - 36-basic - '48' - 48-basic - '54' - 54-basic - '11' - 11-basic description: Deprecated, please rename it to rates_11a. Allowed data rates for 802. elements: str type: list rates-11ac-mcs-map: description: Deprecated, please rename it to rates_11ac_mcs_map. Comma separated list of max supported VHT MCS for spatial streams 1 th... type: str rates-11ac-ss12: choices: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/1 - mcs9/1 - mcs0/2 - mcs1/2 - mcs2/2 - mcs3/2 - mcs4/2 - mcs5/2 - mcs6/2 - mcs7/2 - mcs8/2 - mcs9/2 - mcs10/1 - mcs11/1 - mcs10/2 - mcs11/2 description: Deprecated, please rename it to rates_11ac_ss12. Allowed data rates for 802. elements: str type: list rates-11ac-ss34: choices: - mcs0/3 - mcs1/3 - mcs2/3 - mcs3/3 - mcs4/3 - mcs5/3 - mcs6/3 - mcs7/3 - mcs8/3 - mcs9/3 - mcs0/4 - mcs1/4 - mcs2/4 - mcs3/4 - mcs4/4 - mcs5/4 - mcs6/4 - mcs7/4 - mcs8/4 - mcs9/4 - mcs10/3 - mcs11/3 - mcs10/4 - mcs11/4 description: Deprecated, please rename it to rates_11ac_ss34. Allowed data rates for 802. elements: str type: list rates-11ax-mcs-map: description: Deprecated, please rename it to rates_11ax_mcs_map. Comma separated list of max supported HE MCS for spatial streams 1 thr... type: str rates-11ax-ss12: choices: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/1 - mcs9/1 - mcs10/1 - mcs11/1 - mcs0/2 - mcs1/2 - mcs2/2 - mcs3/2 - mcs4/2 - mcs5/2 - mcs6/2 - mcs7/2 - mcs8/2 - mcs9/2 - mcs10/2 - mcs11/2 description: Deprecated, please rename it to rates_11ax_ss12. elements: str type: list rates-11ax-ss34: choices: - mcs0/3 - mcs1/3 - mcs2/3 - mcs3/3 - mcs4/3 - mcs5/3 - mcs6/3 - mcs7/3 - mcs8/3 - mcs9/3 - mcs10/3 - mcs11/3 - mcs0/4 - mcs1/4 - mcs2/4 - mcs3/4 - mcs4/4 - mcs5/4 - mcs6/4 - mcs7/4 - mcs8/4 - mcs9/4 - mcs10/4 - mcs11/4 description: Deprecated, please rename it to rates_11ax_ss34. elements: str type: list rates-11bg: choices: - '1' - 1-basic - '2' - 2-basic - '5.5' - 5.5-basic - '6' - 6-basic - '9' - 9-basic - '12' - 12-basic - '18' - 18-basic - '24' - 24-basic - '36' - 36-basic - '48' - 48-basic - '54' - 54-basic - '11' - 11-basic description: Deprecated, please rename it to rates_11bg. Allowed data rates for 802. elements: str type: list rates-11n-ss12: choices: - mcs0/1 - mcs1/1 - mcs2/1 - mcs3/1 - mcs4/1 - mcs5/1 - mcs6/1 - mcs7/1 - mcs8/2 - mcs9/2 - mcs10/2 - mcs11/2 - mcs12/2 - mcs13/2 - mcs14/2 - mcs15/2 description: Deprecated, please rename it to rates_11n_ss12. Allowed data rates for 802. elements: str type: list rates-11n-ss34: choices: - mcs16/3 - mcs17/3 - mcs18/3 - mcs19/3 - mcs20/3 - mcs21/3 - mcs22/3 - mcs23/3 - mcs24/4 - mcs25/4 - mcs26/4 - mcs27/4 - mcs28/4 - mcs29/4 - mcs30/4 - mcs31/4 description: Deprecated, please rename it to rates_11n_ss34. Allowed data rates for 802. elements: str type: list roaming-acct-interim-update: choices: - disable - enable description: Deprecated, please rename it to roaming_acct_interim_update. Enable/disable using accounting interim update instead of acc... type: str sae-groups: choices: - '1' - '2' - '5' - '14' - '15' - '16' - '17' - '18' - '19' - '20' - '21' - '27' - '28' - '29' - '30' - '31' description: Deprecated, please rename it to sae_groups. SAE-Groups. elements: str type: list sae-h2e-only: choices: - disable - enable description: Deprecated, please rename it to sae_h2e_only. Use hash-to-element-only mechanism for PWE derivation type: str sae-hnp-only: choices: - disable - enable description: Deprecated, please rename it to sae_hnp_only. Use hunting-and-pecking-only mechanism for PWE derivation type: str sae-password: description: (list) Deprecated, please rename it to sae_password. WPA3 SAE password to be used to authenticate WiFi users. type: raw sae-pk: choices: - disable - enable description: Deprecated, please rename it to sae_pk. Enable/disable WPA3 SAE-PK type: str sae-private-key: description: Deprecated, please rename it to sae_private_key. Private key used for WPA3 SAE-PK authentication. type: str scan-botnet-connections: choices: - disable - block - monitor description: Deprecated, please rename it to scan_botnet_connections. Block or monitor connections to Botnet servers or disable Botnet ... type: str schedule: description: (list or str) VAP schedule name. type: raw secondary-wag-profile: description: Deprecated, please rename it to secondary_wag_profile. Secondary wireless access gateway profile name. type: str security: choices: - None - WEP64 - wep64 - WEP128 - wep128 - WPA_PSK - WPA_RADIUS - WPA - WPA2 - WPA2_AUTO - open - wpa-personal - wpa-enterprise - captive-portal - wpa-only-personal - wpa-only-enterprise - wpa2-only-personal - wpa2-only-enterprise - wpa-personal+captive-portal - wpa-only-personal+captive-portal - wpa2-only-personal+captive-portal - osen - wpa3-enterprise - sae - sae-transition - owe - wpa3-sae - wpa3-sae-transition - wpa3-only-enterprise - wpa3-enterprise-transition description: Security mode for the wireless interface type: str security-exempt-list: description: Deprecated, please rename it to security_exempt_list. Optional security exempt list for captive portal authentication. type: str security-obsolete-option: choices: - disable - enable description: Deprecated, please rename it to security_obsolete_option. Enable/disable obsolete security options. type: str security-redirect-url: description: Deprecated, please rename it to security_redirect_url. Optional URL for redirecting users after they pass captive portal a... type: str selected-usergroups: description: (list or str) Deprecated, please rename it to selected_usergroups. Selective user groups that are permitted to authenticate. type: raw split-tunneling: choices: - disable - enable description: Deprecated, please rename it to split_tunneling. Enable/disable split tunneling type: str ssid: description: IEEE 802. type: str sticky-client-remove: choices: - disable - enable description: Deprecated, please rename it to sticky_client_remove. Enable/disable sticky client remove to maintain good signal level cl... type: str sticky-client-threshold-2g: description: Deprecated, please rename it to sticky_client_threshold_2g. Minimum signal level/threshold in dBm required for the 2G clie... type: str sticky-client-threshold-5g: description: Deprecated, please rename it to sticky_client_threshold_5g. Minimum signal level/threshold in dBm required for the 5G clie... type: str sticky-client-threshold-6g: description: Deprecated, please rename it to sticky_client_threshold_6g. Minimum signal level/threshold in dBm required for the 6G clie... type: str target-wake-time: choices: - disable - enable description: Deprecated, please rename it to target_wake_time. Enable/disable 802. type: str tkip-counter-measure: choices: - disable - enable description: Deprecated, please rename it to tkip_counter_measure. Enable/disable TKIP counter measure. type: str tunnel-echo-interval: description: Deprecated, please rename it to tunnel_echo_interval. The time interval to send echo to both primary and secondary tunnel ... type: int tunnel-fallback-interval: description: Deprecated, please rename it to tunnel_fallback_interval. The time interval for secondary tunnel to fall back to primary t... type: int usergroup: description: (list or str) Firewall user group to be used to authenticate WiFi users. type: raw utm-log: choices: - disable - enable description: Deprecated, please rename it to utm_log. Enable/disable UTM logging. type: str utm-profile: description: Deprecated, please rename it to utm_profile. UTM profile name. type: str utm-status: choices: - disable - enable description: Deprecated, please rename it to utm_status. Enable to add one or more security profiles type: str vdom: description: Name of the VDOM that the Virtual AP has been added to. type: str vlan-auto: choices: - disable - enable description: Deprecated, please rename it to vlan_auto. Enable/disable automatic management of SSID VLAN interface. type: str vlan-name: description: Deprecated, please rename it to vlan_name. elements: dict suboptions: name: description: VLAN name. type: str vlan-id: description: Deprecated, please rename it to vlan_id. VLAN ID. type: int type: list vlan-pool: description: Deprecated, please rename it to vlan_pool. Vlan-Pool. elements: dict suboptions: _wtp-group: description: Deprecated, please rename it to _wtp_group. _Wtp-Group. type: str id: description: ID. type: int wtp-group: description: Deprecated, please rename it to wtp_group. WTP group name. type: str type: list vlan-pooling: choices: - wtp-group - round-robin - hash - disable description: Deprecated, please rename it to vlan_pooling. Enable/disable VLAN pooling, to allow grouping of multiple wireless controll... type: str vlanid: description: Optional VLAN ID. type: int voice-enterprise: choices: - disable - enable description: Deprecated, please rename it to voice_enterprise. Enable/disable 802. type: str webfilter-profile: description: Deprecated, please rename it to webfilter_profile. WebFilter profile name. type: str type: dict adom: description: The parameter (adom) in requested url. required: true type: str state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int type: list enable_log: default: false description: Enable/Disable logging for task. type: bool access_token: description: The token to access FortiManager without using username and password. type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list