Try SpotterConfigure Virtual Access Points
| "added in version" 2.0.0 of fortinet.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections:
- name: fortinet.fortimanager
version: 2.4.0This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Configure Virtual Access Points
fortinet.fortimanager.fmgr_vap_dynamicmapping:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
adom: <your own value>
vap: <your own value>
state: present # <value in [present, absent]>
vap_dynamicmapping:
_centmgmt: <value in [disable, enable]>
_dhcp_svr_id: <string>
_intf_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
_intf_device_identification: <value in [disable, enable]>
_intf_device_netscan: <value in [disable, enable]>
_intf_dhcp_relay_ip: <list or string>
_intf_dhcp_relay_service: <value in [disable, enable]>
_intf_dhcp_relay_type: <value in [regular, ipsec]>
_intf_dhcp6_relay_ip: <string>
_intf_dhcp6_relay_service: <value in [disable, enable]>
_intf_dhcp6_relay_type: <value in [regular]>
_intf_ip: <string>
_intf_ip6_address: <string>
_intf_ip6_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- any
- fgfm
- capwap
_intf_listen_forticlient_connection: <value in [disable, enable]>
_scope:
-
name: <string>
vdom: <string>
acct_interim_interval: <integer>
address_group: <string>
alias: <string>
atf_weight: <integer>
auth: <value in [PSK, psk, RADIUS, ...]>
broadcast_ssid: <value in [disable, enable]>
broadcast_suppression:
- dhcp
- arp
- dhcp2
- arp2
- netbios-ns
- netbios-ds
- arp3
- dhcp-up
- dhcp-down
- arp-known
- arp-unknown
- arp-reply
- ipv6
- dhcp-starvation
- arp-poison
- all-other-mc
- all-other-bc
- arp-proxy
- dhcp-ucast
captive_portal_ac_name: <string>
captive_portal_macauth_radius_secret: <list or string>
captive_portal_macauth_radius_server: <string>
captive_portal_radius_secret: <list or string>
captive_portal_radius_server: <string>
captive_portal_session_timeout_interval: <integer>
client_count: <integer>
dhcp_lease_time: <integer>
dhcp_option82_circuit_id_insertion: <value in [disable, style-1, style-2, ...]>
dhcp_option82_insertion: <value in [disable, enable]>
dhcp_option82_remote_id_insertion: <value in [disable, style-1]>
dynamic_vlan: <value in [disable, enable]>
eap_reauth: <value in [disable, enable]>
eap_reauth_intv: <integer>
eapol_key_retries: <value in [disable, enable]>
encrypt: <value in [TKIP, AES, TKIP-AES]>
external_fast_roaming: <value in [disable, enable]>
external_logout: <string>
external_web: <string>
fast_bss_transition: <value in [disable, enable]>
fast_roaming: <value in [disable, enable]>
ft_mobility_domain: <integer>
ft_over_ds: <value in [disable, enable]>
ft_r0_key_lifetime: <integer>
gtk_rekey: <value in [disable, enable]>
gtk_rekey_intv: <integer>
hotspot20_profile: <string>
intra_vap_privacy: <value in [disable, enable]>
ip: <string>
key: <list or string>
keyindex: <integer>
ldpc: <value in [disable, tx, rx, ...]>
local_authentication: <value in [disable, enable]>
local_bridging: <value in [disable, enable]>
local_lan: <value in [deny, allow]>
local_standalone: <value in [disable, enable]>
local_standalone_nat: <value in [disable, enable]>
local_switching: <value in [disable, enable]>
mac_auth_bypass: <value in [disable, enable]>
mac_filter: <value in [disable, enable]>
mac_filter_policy_other: <value in [deny, allow]>
max_clients: <integer>
max_clients_ap: <integer>
me_disable_thresh: <integer>
mesh_backhaul: <value in [disable, enable]>
mpsk: <value in [disable, enable]>
mpsk_concurrent_clients: <integer>
multicast_enhance: <value in [disable, enable]>
multicast_rate: <value in [0, 6000, 12000, ...]>
okc: <value in [disable, enable]>
owe_groups:
- 19
- 20
- 21
owe_transition: <value in [disable, enable]>
owe_transition_ssid: <string>
passphrase: <list or string>
pmf: <value in [disable, enable, optional]>
pmf_assoc_comeback_timeout: <integer>
pmf_sa_query_retry_timeout: <integer>
portal_message_override_group: <string>
portal_type: <value in [auth, auth+disclaimer, disclaimer, ...]>
probe_resp_suppression: <value in [disable, enable]>
probe_resp_threshold: <string>
ptk_rekey: <value in [disable, enable]>
ptk_rekey_intv: <integer>
qos_profile: <string>
quarantine: <value in [disable, enable]>
radio_2g_threshold: <string>
radio_5g_threshold: <string>
radio_sensitivity: <value in [disable, enable]>
radius_mac_auth: <value in [disable, enable]>
radius_mac_auth_server: <string>
radius_mac_auth_usergroups: <list or string>
radius_server: <string>
rates_11a:
- 1
- 1-basic
- 2
- 2-basic
- 5.5
- 5.5-basic
- 6
- 6-basic
- 9
- 9-basic
- 12
- 12-basic
- 18
- 18-basic
- 24
- 24-basic
- 36
- 36-basic
- 48
- 48-basic
- 54
- 54-basic
- 11
- 11-basic
rates_11ac_ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/1
- mcs9/1
- mcs0/2
- mcs1/2
- mcs2/2
- mcs3/2
- mcs4/2
- mcs5/2
- mcs6/2
- mcs7/2
- mcs8/2
- mcs9/2
- mcs10/1
- mcs11/1
- mcs10/2
- mcs11/2
rates_11ac_ss34:
- mcs0/3
- mcs1/3
- mcs2/3
- mcs3/3
- mcs4/3
- mcs5/3
- mcs6/3
- mcs7/3
- mcs8/3
- mcs9/3
- mcs0/4
- mcs1/4
- mcs2/4
- mcs3/4
- mcs4/4
- mcs5/4
- mcs6/4
- mcs7/4
- mcs8/4
- mcs9/4
- mcs10/3
- mcs11/3
- mcs10/4
- mcs11/4
rates_11bg:
- 1
- 1-basic
- 2
- 2-basic
- 5.5
- 5.5-basic
- 6
- 6-basic
- 9
- 9-basic
- 12
- 12-basic
- 18
- 18-basic
- 24
- 24-basic
- 36
- 36-basic
- 48
- 48-basic
- 54
- 54-basic
- 11
- 11-basic
rates_11n_ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/2
- mcs9/2
- mcs10/2
- mcs11/2
- mcs12/2
- mcs13/2
- mcs14/2
- mcs15/2
rates_11n_ss34:
- mcs16/3
- mcs17/3
- mcs18/3
- mcs19/3
- mcs20/3
- mcs21/3
- mcs22/3
- mcs23/3
- mcs24/4
- mcs25/4
- mcs26/4
- mcs27/4
- mcs28/4
- mcs29/4
- mcs30/4
- mcs31/4
sae_groups:
- 1
- 2
- 5
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 27
- 28
- 29
- 30
- 31
sae_password: <list or string>
schedule: <list or string>
security: <value in [None, WEP64, wep64, ...]>
security_exempt_list: <string>
security_obsolete_option: <value in [disable, enable]>
security_redirect_url: <string>
selected_usergroups: <list or string>
split_tunneling: <value in [disable, enable]>
ssid: <string>
tkip_counter_measure: <value in [disable, enable]>
usergroup: <list or string>
utm_profile: <string>
vdom: <list or string>
vlan_auto: <value in [disable, enable]>
vlan_pooling: <value in [wtp-group, round-robin, hash, ...]>
vlanid: <integer>
voice_enterprise: <value in [disable, enable]>
mu_mimo: <value in [disable, enable]>
_intf_device_access_list: <string>
external_web_format: <value in [auto-detect, no-query-string, partial-query-string]>
high_efficiency: <value in [disable, enable]>
primary_wag_profile: <string>
secondary_wag_profile: <string>
target_wake_time: <value in [disable, enable]>
tunnel_echo_interval: <integer>
tunnel_fallback_interval: <integer>
access_control_list: <string>
captive_portal_auth_timeout: <integer>
ipv6_rules:
- drop-icmp6ra
- drop-icmp6rs
- drop-llmnr6
- drop-icmp6mld2
- drop-dhcp6s
- drop-dhcp6c
- ndp-proxy
- drop-ns-dad
- drop-ns-nondad
sticky_client_remove: <value in [disable, enable]>
sticky_client_threshold_2g: <string>
sticky_client_threshold_5g: <string>
bss_color_partial: <value in [disable, enable]>
dhcp_option43_insertion: <value in [disable, enable]>
mpsk_profile: <string>
igmp_snooping: <value in [disable, enable]>
port_macauth: <value in [disable, radius, address-group]>
port_macauth_reauth_timeout: <integer>
port_macauth_timeout: <integer>
additional_akms:
- akm6
bstm_disassociation_imminent: <value in [disable, enable]>
bstm_load_balancing_disassoc_timer: <integer>
bstm_rssi_disassoc_timer: <integer>
dhcp_address_enforcement: <value in [disable, enable]>
gas_comeback_delay: <integer>
gas_fragmentation_limit: <integer>
mac_called_station_delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac_calling_station_delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac_case: <value in [uppercase, lowercase]>
mac_password_delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac_username_delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mbo: <value in [disable, enable]>
mbo_cell_data_conn_pref: <value in [excluded, prefer-not, prefer-use]>
nac: <value in [disable, enable]>
nac_profile: <string>
neighbor_report_dual_band: <value in [disable, enable]>
address_group_policy: <value in [disable, allow, deny]>
antivirus_profile: <string>
application_detection_engine: <value in [disable, enable]>
application_list: <string>
application_report_intv: <integer>
auth_cert: <string>
auth_portal_addr: <string>
beacon_advertising:
- name
- model
- serial-number
ips_sensor: <string>
l3_roaming: <value in [disable, enable]>
local_standalone_dns: <value in [disable, enable]>
local_standalone_dns_ip: <list or string>
osen: <value in [disable, enable]>
radius_mac_mpsk_auth: <value in [disable, enable]>
radius_mac_mpsk_timeout: <integer>
rates_11ax_ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/1
- mcs9/1
- mcs10/1
- mcs11/1
- mcs0/2
- mcs1/2
- mcs2/2
- mcs3/2
- mcs4/2
- mcs5/2
- mcs6/2
- mcs7/2
- mcs8/2
- mcs9/2
- mcs10/2
- mcs11/2
rates_11ax_ss34:
- mcs0/3
- mcs1/3
- mcs2/3
- mcs3/3
- mcs4/3
- mcs5/3
- mcs6/3
- mcs7/3
- mcs8/3
- mcs9/3
- mcs10/3
- mcs11/3
- mcs0/4
- mcs1/4
- mcs2/4
- mcs3/4
- mcs4/4
- mcs5/4
- mcs6/4
- mcs7/4
- mcs8/4
- mcs9/4
- mcs10/4
- mcs11/4
scan_botnet_connections: <value in [disable, block, monitor]>
utm_log: <value in [disable, enable]>
utm_status: <value in [disable, enable]>
webfilter_profile: <string>
sae_h2e_only: <value in [disable, enable]>
sae_pk: <value in [disable, enable]>
sae_private_key: <string>
sticky_client_threshold_6g: <string>
application_dscp_marking: <value in [disable, enable]>
l3_roaming_mode: <value in [direct, indirect]>
rates_11ac_mcs_map: <string>
rates_11ax_mcs_map: <string>
captive_portal_fw_accounting: <value in [disable, enable]>
radius_mac_auth_block_interval: <integer>
_is_factory_setting: <value in [disable, enable, ext]>
d80211k: <value in [disable, enable]>
d80211v: <value in [disable, enable]>
roaming_acct_interim_update: <value in [disable, enable]>
sae_hnp_only: <value in [disable, enable]>
vap:
description: The parameter (vap) in requested url.
required: true
type: str
adom:
description: The parameter (adom) in requested url.
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
type: bool
access_token:
description: The token to access FortiManager without using username and password.
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
type: bool
vap_dynamicmapping:
description: The top level parameters set.
required: false
suboptions:
80211k:
choices:
- disable
- enable
description: Deprecated, please rename it to d80211k. Enable/disable 802.
type: str
80211v:
choices:
- disable
- enable
description: Deprecated, please rename it to d80211v. Enable/disable 802.
type: str
_centmgmt:
choices:
- disable
- enable
description: No description.
type: str
_dhcp_svr_id:
description: No description.
type: str
_intf_allowaccess:
choices:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
- speed-test
description: No description.
elements: str
type: list
_intf_device-access-list:
description: Deprecated, please rename it to _intf_device_access_list.
type: str
_intf_device-identification:
choices:
- disable
- enable
description: Deprecated, please rename it to _intf_device_identification.
type: str
_intf_device-netscan:
choices:
- disable
- enable
description: Deprecated, please rename it to _intf_device_netscan.
type: str
_intf_dhcp-relay-ip:
description: (list) Deprecated, please rename it to _intf_dhcp_relay_ip.
type: raw
_intf_dhcp-relay-service:
choices:
- disable
- enable
description: Deprecated, please rename it to _intf_dhcp_relay_service.
type: str
_intf_dhcp-relay-type:
choices:
- regular
- ipsec
description: Deprecated, please rename it to _intf_dhcp_relay_type.
type: str
_intf_dhcp6-relay-ip:
description: Deprecated, please rename it to _intf_dhcp6_relay_ip.
type: str
_intf_dhcp6-relay-service:
choices:
- disable
- enable
description: Deprecated, please rename it to _intf_dhcp6_relay_service.
type: str
_intf_dhcp6-relay-type:
choices:
- regular
description: Deprecated, please rename it to _intf_dhcp6_relay_type.
type: str
_intf_ip:
description: No description.
type: str
_intf_ip6-address:
description: Deprecated, please rename it to _intf_ip6_address.
type: str
_intf_ip6-allowaccess:
choices:
- https
- ping
- ssh
- snmp
- http
- telnet
- any
- fgfm
- capwap
description: Deprecated, please rename it to _intf_ip6_allowaccess.
elements: str
type: list
_intf_listen-forticlient-connection:
choices:
- disable
- enable
description: Deprecated, please rename it to _intf_listen_forticlient_connection.
type: str
_is_factory_setting:
choices:
- disable
- enable
- ext
description: No description.
type: str
_scope:
description: No description.
elements: dict
suboptions:
name:
description: No description.
type: str
vdom:
description: No description.
type: str
type: list
access-control-list:
description: Deprecated, please rename it to access_control_list.
type: str
acct-interim-interval:
description: Deprecated, please rename it to acct_interim_interval.
type: int
additional-akms:
choices:
- akm6
description: Deprecated, please rename it to additional_akms.
elements: str
type: list
address-group:
description: Deprecated, please rename it to address_group.
type: str
address-group-policy:
choices:
- disable
- allow
- deny
description: Deprecated, please rename it to address_group_policy. Configure MAC
address filtering policy for MAC addresses that are in...
type: str
alias:
description: No description.
type: str
antivirus-profile:
description: Deprecated, please rename it to antivirus_profile. AntiVirus profile
name.
type: str
application-detection-engine:
choices:
- disable
- enable
description: Deprecated, please rename it to application_detection_engine. Enable/disable
application detection engine
type: str
application-dscp-marking:
choices:
- disable
- enable
description: Deprecated, please rename it to application_dscp_marking. Enable/disable
application attribute based DSCP marking
type: str
application-list:
description: Deprecated, please rename it to application_list. Application control
list name.
type: str
application-report-intv:
description: Deprecated, please rename it to application_report_intv. Application
report interval
type: int
atf-weight:
description: Deprecated, please rename it to atf_weight.
type: int
auth:
choices:
- PSK
- psk
- RADIUS
- radius
- usergroup
description: No description.
type: str
auth-cert:
description: Deprecated, please rename it to auth_cert. HTTPS server certificate.
type: str
auth-portal-addr:
description: Deprecated, please rename it to auth_portal_addr. Address of captive
portal.
type: str
beacon-advertising:
choices:
- name
- model
- serial-number
description: Deprecated, please rename it to beacon_advertising.
elements: str
type: list
broadcast-ssid:
choices:
- disable
- enable
description: Deprecated, please rename it to broadcast_ssid.
type: str
broadcast-suppression:
choices:
- dhcp
- arp
- dhcp2
- arp2
- netbios-ns
- netbios-ds
- arp3
- dhcp-up
- dhcp-down
- arp-known
- arp-unknown
- arp-reply
- ipv6
- dhcp-starvation
- arp-poison
- all-other-mc
- all-other-bc
- arp-proxy
- dhcp-ucast
description: Deprecated, please rename it to broadcast_suppression.
elements: str
type: list
bss-color-partial:
choices:
- disable
- enable
description: Deprecated, please rename it to bss_color_partial.
type: str
bstm-disassociation-imminent:
choices:
- disable
- enable
description: Deprecated, please rename it to bstm_disassociation_imminent. Enable/disable
forcing of disassociation after the BSTM requ...
type: str
bstm-load-balancing-disassoc-timer:
description: Deprecated, please rename it to bstm_load_balancing_disassoc_timer.
Time interval for client to voluntarily leave AP befor...
type: int
bstm-rssi-disassoc-timer:
description: Deprecated, please rename it to bstm_rssi_disassoc_timer. Time interval
for client to voluntarily leave AP before forcing ...
type: int
captive-portal-ac-name:
description: Deprecated, please rename it to captive_portal_ac_name.
type: str
captive-portal-auth-timeout:
description: Deprecated, please rename it to captive_portal_auth_timeout.
type: int
captive-portal-fw-accounting:
choices:
- disable
- enable
description: Deprecated, please rename it to captive_portal_fw_accounting. Enable/disable
RADIUS accounting for captive portal firewall...
type: str
captive-portal-macauth-radius-secret:
description: (list) Deprecated, please rename it to captive_portal_macauth_radius_secret.
type: raw
captive-portal-macauth-radius-server:
description: Deprecated, please rename it to captive_portal_macauth_radius_server.
type: str
captive-portal-radius-secret:
description: (list) Deprecated, please rename it to captive_portal_radius_secret.
type: raw
captive-portal-radius-server:
description: Deprecated, please rename it to captive_portal_radius_server.
type: str
captive-portal-session-timeout-interval:
description: Deprecated, please rename it to captive_portal_session_timeout_interval.
type: int
client-count:
description: Deprecated, please rename it to client_count.
type: int
dhcp-address-enforcement:
choices:
- disable
- enable
description: Deprecated, please rename it to dhcp_address_enforcement. Enable/disable
DHCP address enforcement
type: str
dhcp-lease-time:
description: Deprecated, please rename it to dhcp_lease_time.
type: int
dhcp-option43-insertion:
choices:
- disable
- enable
description: Deprecated, please rename it to dhcp_option43_insertion.
type: str
dhcp-option82-circuit-id-insertion:
choices:
- disable
- style-1
- style-2
- style-3
description: Deprecated, please rename it to dhcp_option82_circuit_id_insertion.
type: str
dhcp-option82-insertion:
choices:
- disable
- enable
description: Deprecated, please rename it to dhcp_option82_insertion.
type: str
dhcp-option82-remote-id-insertion:
choices:
- disable
- style-1
description: Deprecated, please rename it to dhcp_option82_remote_id_insertion.
type: str
dynamic-vlan:
choices:
- disable
- enable
description: Deprecated, please rename it to dynamic_vlan.
type: str
eap-reauth:
choices:
- disable
- enable
description: Deprecated, please rename it to eap_reauth.
type: str
eap-reauth-intv:
description: Deprecated, please rename it to eap_reauth_intv.
type: int
eapol-key-retries:
choices:
- disable
- enable
description: Deprecated, please rename it to eapol_key_retries.
type: str
encrypt:
choices:
- TKIP
- AES
- TKIP-AES
description: No description.
type: str
external-fast-roaming:
choices:
- disable
- enable
description: Deprecated, please rename it to external_fast_roaming.
type: str
external-logout:
description: Deprecated, please rename it to external_logout.
type: str
external-web:
description: Deprecated, please rename it to external_web.
type: str
external-web-format:
choices:
- auto-detect
- no-query-string
- partial-query-string
description: Deprecated, please rename it to external_web_format.
type: str
fast-bss-transition:
choices:
- disable
- enable
description: Deprecated, please rename it to fast_bss_transition.
type: str
fast-roaming:
choices:
- disable
- enable
description: Deprecated, please rename it to fast_roaming.
type: str
ft-mobility-domain:
description: Deprecated, please rename it to ft_mobility_domain.
type: int
ft-over-ds:
choices:
- disable
- enable
description: Deprecated, please rename it to ft_over_ds.
type: str
ft-r0-key-lifetime:
description: Deprecated, please rename it to ft_r0_key_lifetime.
type: int
gas-comeback-delay:
description: Deprecated, please rename it to gas_comeback_delay. GAS comeback
delay
type: int
gas-fragmentation-limit:
description: Deprecated, please rename it to gas_fragmentation_limit. GAS fragmentation
limit
type: int
gtk-rekey:
choices:
- disable
- enable
description: Deprecated, please rename it to gtk_rekey.
type: str
gtk-rekey-intv:
description: Deprecated, please rename it to gtk_rekey_intv.
type: int
high-efficiency:
choices:
- disable
- enable
description: Deprecated, please rename it to high_efficiency.
type: str
hotspot20-profile:
description: Deprecated, please rename it to hotspot20_profile.
type: str
igmp-snooping:
choices:
- disable
- enable
description: Deprecated, please rename it to igmp_snooping. Enable/disable IGMP
snooping.
type: str
intra-vap-privacy:
choices:
- disable
- enable
description: Deprecated, please rename it to intra_vap_privacy.
type: str
ip:
description: No description.
type: str
ips-sensor:
description: Deprecated, please rename it to ips_sensor. IPS sensor name.
type: str
ipv6-rules:
choices:
- drop-icmp6ra
- drop-icmp6rs
- drop-llmnr6
- drop-icmp6mld2
- drop-dhcp6s
- drop-dhcp6c
- ndp-proxy
- drop-ns-dad
- drop-ns-nondad
description: Deprecated, please rename it to ipv6_rules.
elements: str
type: list
key:
description: (list) No description.
type: raw
keyindex:
description: No description.
type: int
l3-roaming:
choices:
- disable
- enable
description: Deprecated, please rename it to l3_roaming. Enable/disable layer
3 roaming
type: str
l3-roaming-mode:
choices:
- direct
- indirect
description: Deprecated, please rename it to l3_roaming_mode. Select the way that
layer 3 roaming traffic is passed
type: str
ldpc:
choices:
- disable
- tx
- rx
- rxtx
description: No description.
type: str
local-authentication:
choices:
- disable
- enable
description: Deprecated, please rename it to local_authentication.
type: str
local-bridging:
choices:
- disable
- enable
description: Deprecated, please rename it to local_bridging.
type: str
local-lan:
choices:
- deny
- allow
description: Deprecated, please rename it to local_lan.
type: str
local-standalone:
choices:
- disable
- enable
description: Deprecated, please rename it to local_standalone.
type: str
local-standalone-dns:
choices:
- disable
- enable
description: Deprecated, please rename it to local_standalone_dns. Enable/disable
AP local standalone DNS.
type: str
local-standalone-dns-ip:
description: (list) Deprecated, please rename it to local_standalone_dns_ip.
type: raw
local-standalone-nat:
choices:
- disable
- enable
description: Deprecated, please rename it to local_standalone_nat.
type: str
local-switching:
choices:
- disable
- enable
description: Deprecated, please rename it to local_switching.
type: str
mac-auth-bypass:
choices:
- disable
- enable
description: Deprecated, please rename it to mac_auth_bypass.
type: str
mac-called-station-delimiter:
choices:
- hyphen
- single-hyphen
- colon
- none
description: Deprecated, please rename it to mac_called_station_delimiter. MAC
called station delimiter
type: str
mac-calling-station-delimiter:
choices:
- hyphen
- single-hyphen
- colon
- none
description: Deprecated, please rename it to mac_calling_station_delimiter. MAC
calling station delimiter
type: str
mac-case:
choices:
- uppercase
- lowercase
description: Deprecated, please rename it to mac_case. MAC case
type: str
mac-filter:
choices:
- disable
- enable
description: Deprecated, please rename it to mac_filter.
type: str
mac-filter-policy-other:
choices:
- deny
- allow
description: Deprecated, please rename it to mac_filter_policy_other.
type: str
mac-password-delimiter:
choices:
- hyphen
- single-hyphen
- colon
- none
description: Deprecated, please rename it to mac_password_delimiter. MAC authentication
password delimiter
type: str
mac-username-delimiter:
choices:
- hyphen
- single-hyphen
- colon
- none
description: Deprecated, please rename it to mac_username_delimiter. MAC authentication
username delimiter
type: str
max-clients:
description: Deprecated, please rename it to max_clients.
type: int
max-clients-ap:
description: Deprecated, please rename it to max_clients_ap.
type: int
mbo:
choices:
- disable
- enable
description: Enable/disable Multiband Operation
type: str
mbo-cell-data-conn-pref:
choices:
- excluded
- prefer-not
- prefer-use
description: Deprecated, please rename it to mbo_cell_data_conn_pref. MBO cell
data connection preference
type: str
me-disable-thresh:
description: Deprecated, please rename it to me_disable_thresh.
type: int
mesh-backhaul:
choices:
- disable
- enable
description: Deprecated, please rename it to mesh_backhaul.
type: str
mpsk:
choices:
- disable
- enable
description: No description.
type: str
mpsk-concurrent-clients:
description: Deprecated, please rename it to mpsk_concurrent_clients.
type: int
mpsk-profile:
description: Deprecated, please rename it to mpsk_profile.
type: str
mu-mimo:
choices:
- disable
- enable
description: Deprecated, please rename it to mu_mimo.
type: str
multicast-enhance:
choices:
- disable
- enable
description: Deprecated, please rename it to multicast_enhance.
type: str
multicast-rate:
choices:
- '0'
- '6000'
- '12000'
- '24000'
description: Deprecated, please rename it to multicast_rate.
type: str
nac:
choices:
- disable
- enable
description: Enable/disable network access control.
type: str
nac-profile:
description: Deprecated, please rename it to nac_profile. NAC profile name.
type: str
neighbor-report-dual-band:
choices:
- disable
- enable
description: Deprecated, please rename it to neighbor_report_dual_band. Enable/disable
dual-band neighbor report
type: str
okc:
choices:
- disable
- enable
description: No description.
type: str
osen:
choices:
- disable
- enable
description: Enable/disable OSEN as part of key management
type: str
owe-groups:
choices:
- '19'
- '20'
- '21'
description: Deprecated, please rename it to owe_groups.
elements: str
type: list
owe-transition:
choices:
- disable
- enable
description: Deprecated, please rename it to owe_transition.
type: str
owe-transition-ssid:
description: Deprecated, please rename it to owe_transition_ssid.
type: str
passphrase:
description: (list) No description.
type: raw
pmf:
choices:
- disable
- enable
- optional
description: No description.
type: str
pmf-assoc-comeback-timeout:
description: Deprecated, please rename it to pmf_assoc_comeback_timeout.
type: int
pmf-sa-query-retry-timeout:
description: Deprecated, please rename it to pmf_sa_query_retry_timeout.
type: int
port-macauth:
choices:
- disable
- radius
- address-group
description: Deprecated, please rename it to port_macauth. Enable/disable LAN
port MAC authentication
type: str
port-macauth-reauth-timeout:
description: Deprecated, please rename it to port_macauth_reauth_timeout. LAN
port MAC authentication re-authentication timeout value
type: int
port-macauth-timeout:
description: Deprecated, please rename it to port_macauth_timeout. LAN port MAC
authentication idle timeout value
type: int
portal-message-override-group:
description: Deprecated, please rename it to portal_message_override_group.
type: str
portal-type:
choices:
- auth
- auth+disclaimer
- disclaimer
- email-collect
- cmcc
- cmcc-macauth
- auth-mac
- external-auth
- external-macauth
description: Deprecated, please rename it to portal_type.
type: str
primary-wag-profile:
description: Deprecated, please rename it to primary_wag_profile.
type: str
probe-resp-suppression:
choices:
- disable
- enable
description: Deprecated, please rename it to probe_resp_suppression.
type: str
probe-resp-threshold:
description: Deprecated, please rename it to probe_resp_threshold.
type: str
ptk-rekey:
choices:
- disable
- enable
description: Deprecated, please rename it to ptk_rekey.
type: str
ptk-rekey-intv:
description: Deprecated, please rename it to ptk_rekey_intv.
type: int
qos-profile:
description: Deprecated, please rename it to qos_profile.
type: str
quarantine:
choices:
- disable
- enable
description: No description.
type: str
radio-2g-threshold:
description: Deprecated, please rename it to radio_2g_threshold.
type: str
radio-5g-threshold:
description: Deprecated, please rename it to radio_5g_threshold.
type: str
radio-sensitivity:
choices:
- disable
- enable
description: Deprecated, please rename it to radio_sensitivity.
type: str
radius-mac-auth:
choices:
- disable
- enable
description: Deprecated, please rename it to radius_mac_auth.
type: str
radius-mac-auth-block-interval:
description: Deprecated, please rename it to radius_mac_auth_block_interval. Dont
send RADIUS MAC auth request again if the client has ...
type: int
radius-mac-auth-server:
description: Deprecated, please rename it to radius_mac_auth_server.
type: str
radius-mac-auth-usergroups:
description: (list) Deprecated, please rename it to radius_mac_auth_usergroups.
type: raw
radius-mac-mpsk-auth:
choices:
- disable
- enable
description: Deprecated, please rename it to radius_mac_mpsk_auth. Enable/disable
RADIUS-based MAC authentication of clients for MPSK a...
type: str
radius-mac-mpsk-timeout:
description: Deprecated, please rename it to radius_mac_mpsk_timeout. RADIUS MAC
MPSK cache timeout interval
type: int
radius-server:
description: Deprecated, please rename it to radius_server.
type: str
rates-11a:
choices:
- '1'
- 1-basic
- '2'
- 2-basic
- '5.5'
- 5.5-basic
- '6'
- 6-basic
- '9'
- 9-basic
- '12'
- 12-basic
- '18'
- 18-basic
- '24'
- 24-basic
- '36'
- 36-basic
- '48'
- 48-basic
- '54'
- 54-basic
- '11'
- 11-basic
description: Deprecated, please rename it to rates_11a.
elements: str
type: list
rates-11ac-mcs-map:
description: Deprecated, please rename it to rates_11ac_mcs_map. Comma separated
list of max supported VHT MCS for spatial streams 1 th...
type: str
rates-11ac-ss12:
choices:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/1
- mcs9/1
- mcs0/2
- mcs1/2
- mcs2/2
- mcs3/2
- mcs4/2
- mcs5/2
- mcs6/2
- mcs7/2
- mcs8/2
- mcs9/2
- mcs10/1
- mcs11/1
- mcs10/2
- mcs11/2
description: Deprecated, please rename it to rates_11ac_ss12.
elements: str
type: list
rates-11ac-ss34:
choices:
- mcs0/3
- mcs1/3
- mcs2/3
- mcs3/3
- mcs4/3
- mcs5/3
- mcs6/3
- mcs7/3
- mcs8/3
- mcs9/3
- mcs0/4
- mcs1/4
- mcs2/4
- mcs3/4
- mcs4/4
- mcs5/4
- mcs6/4
- mcs7/4
- mcs8/4
- mcs9/4
- mcs10/3
- mcs11/3
- mcs10/4
- mcs11/4
description: Deprecated, please rename it to rates_11ac_ss34.
elements: str
type: list
rates-11ax-mcs-map:
description: Deprecated, please rename it to rates_11ax_mcs_map. Comma separated
list of max supported HE MCS for spatial streams 1 thr...
type: str
rates-11ax-ss12:
choices:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/1
- mcs9/1
- mcs10/1
- mcs11/1
- mcs0/2
- mcs1/2
- mcs2/2
- mcs3/2
- mcs4/2
- mcs5/2
- mcs6/2
- mcs7/2
- mcs8/2
- mcs9/2
- mcs10/2
- mcs11/2
description: Deprecated, please rename it to rates_11ax_ss12.
elements: str
type: list
rates-11ax-ss34:
choices:
- mcs0/3
- mcs1/3
- mcs2/3
- mcs3/3
- mcs4/3
- mcs5/3
- mcs6/3
- mcs7/3
- mcs8/3
- mcs9/3
- mcs10/3
- mcs11/3
- mcs0/4
- mcs1/4
- mcs2/4
- mcs3/4
- mcs4/4
- mcs5/4
- mcs6/4
- mcs7/4
- mcs8/4
- mcs9/4
- mcs10/4
- mcs11/4
description: Deprecated, please rename it to rates_11ax_ss34.
elements: str
type: list
rates-11bg:
choices:
- '1'
- 1-basic
- '2'
- 2-basic
- '5.5'
- 5.5-basic
- '6'
- 6-basic
- '9'
- 9-basic
- '12'
- 12-basic
- '18'
- 18-basic
- '24'
- 24-basic
- '36'
- 36-basic
- '48'
- 48-basic
- '54'
- 54-basic
- '11'
- 11-basic
description: Deprecated, please rename it to rates_11bg.
elements: str
type: list
rates-11n-ss12:
choices:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/2
- mcs9/2
- mcs10/2
- mcs11/2
- mcs12/2
- mcs13/2
- mcs14/2
- mcs15/2
description: Deprecated, please rename it to rates_11n_ss12.
elements: str
type: list
rates-11n-ss34:
choices:
- mcs16/3
- mcs17/3
- mcs18/3
- mcs19/3
- mcs20/3
- mcs21/3
- mcs22/3
- mcs23/3
- mcs24/4
- mcs25/4
- mcs26/4
- mcs27/4
- mcs28/4
- mcs29/4
- mcs30/4
- mcs31/4
description: Deprecated, please rename it to rates_11n_ss34.
elements: str
type: list
roaming-acct-interim-update:
choices:
- disable
- enable
description: Deprecated, please rename it to roaming_acct_interim_update. Enable/disable
using accounting interim update instead of acc...
type: str
sae-groups:
choices:
- '1'
- '2'
- '5'
- '14'
- '15'
- '16'
- '17'
- '18'
- '19'
- '20'
- '21'
- '27'
- '28'
- '29'
- '30'
- '31'
description: Deprecated, please rename it to sae_groups.
elements: str
type: list
sae-h2e-only:
choices:
- disable
- enable
description: Deprecated, please rename it to sae_h2e_only. Use hash-to-element-only
mechanism for PWE derivation
type: str
sae-hnp-only:
choices:
- disable
- enable
description: Deprecated, please rename it to sae_hnp_only. Use hunting-and-pecking-only
mechanism for PWE derivation
type: str
sae-password:
description: (list) Deprecated, please rename it to sae_password.
type: raw
sae-pk:
choices:
- disable
- enable
description: Deprecated, please rename it to sae_pk. Enable/disable WPA3 SAE-PK
type: str
sae-private-key:
description: Deprecated, please rename it to sae_private_key. Private key used
for WPA3 SAE-PK authentication.
type: str
scan-botnet-connections:
choices:
- disable
- block
- monitor
description: Deprecated, please rename it to scan_botnet_connections. Block or
monitor connections to Botnet servers or disable Botnet ...
type: str
schedule:
description: (list or str) No description.
type: raw
secondary-wag-profile:
description: Deprecated, please rename it to secondary_wag_profile.
type: str
security:
choices:
- None
- WEP64
- wep64
- WEP128
- wep128
- WPA_PSK
- WPA_RADIUS
- WPA
- WPA2
- WPA2_AUTO
- open
- wpa-personal
- wpa-enterprise
- captive-portal
- wpa-only-personal
- wpa-only-enterprise
- wpa2-only-personal
- wpa2-only-enterprise
- wpa-personal+captive-portal
- wpa-only-personal+captive-portal
- wpa2-only-personal+captive-portal
- osen
- wpa3-enterprise
- sae
- sae-transition
- owe
- wpa3-sae
- wpa3-sae-transition
- wpa3-only-enterprise
- wpa3-enterprise-transition
description: No description.
type: str
security-exempt-list:
description: Deprecated, please rename it to security_exempt_list.
type: str
security-obsolete-option:
choices:
- disable
- enable
description: Deprecated, please rename it to security_obsolete_option.
type: str
security-redirect-url:
description: Deprecated, please rename it to security_redirect_url.
type: str
selected-usergroups:
description: (list or str) Deprecated, please rename it to selected_usergroups.
type: raw
split-tunneling:
choices:
- disable
- enable
description: Deprecated, please rename it to split_tunneling.
type: str
ssid:
description: No description.
type: str
sticky-client-remove:
choices:
- disable
- enable
description: Deprecated, please rename it to sticky_client_remove.
type: str
sticky-client-threshold-2g:
description: Deprecated, please rename it to sticky_client_threshold_2g.
type: str
sticky-client-threshold-5g:
description: Deprecated, please rename it to sticky_client_threshold_5g.
type: str
sticky-client-threshold-6g:
description: Deprecated, please rename it to sticky_client_threshold_6g. Minimum
signal level/threshold in dBm required for the 6G clie...
type: str
target-wake-time:
choices:
- disable
- enable
description: Deprecated, please rename it to target_wake_time.
type: str
tkip-counter-measure:
choices:
- disable
- enable
description: Deprecated, please rename it to tkip_counter_measure.
type: str
tunnel-echo-interval:
description: Deprecated, please rename it to tunnel_echo_interval.
type: int
tunnel-fallback-interval:
description: Deprecated, please rename it to tunnel_fallback_interval.
type: int
usergroup:
description: (list or str) No description.
type: raw
utm-log:
choices:
- disable
- enable
description: Deprecated, please rename it to utm_log. Enable/disable UTM logging.
type: str
utm-profile:
description: Deprecated, please rename it to utm_profile.
type: str
utm-status:
choices:
- disable
- enable
description: Deprecated, please rename it to utm_status. Enable to add one or
more security profiles
type: str
vdom:
description: (list or str) No description.
type: raw
vlan-auto:
choices:
- disable
- enable
description: Deprecated, please rename it to vlan_auto.
type: str
vlan-pooling:
choices:
- wtp-group
- round-robin
- hash
- disable
description: Deprecated, please rename it to vlan_pooling.
type: str
vlanid:
description: No description.
type: int
voice-enterprise:
choices:
- disable
- enable
description: Deprecated, please rename it to voice_enterprise.
type: str
webfilter-profile:
description: Deprecated, please rename it to webfilter_profile. WebFilter profile
name.
type: str
type: dict
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list