Try SpotterVPN node for VPN Manager.
| "added in version" 2.0.0 of fortinet.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections:
- name: fortinet.fortimanager
version: 2.4.0This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: VPN node for VPN Manager.
fortinet.fortimanager.fmgr_vpnmgr_node:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
adom: <your own value>
state: present # <value in [present, absent]>
vpnmgr_node:
add_route: <value in [disable, enable]>
assign_ip: <value in [disable, enable]>
assign_ip_from: <value in [range, usrgrp, dhcp, ...]>
authpasswd: <list or string>
authusr: <string>
authusrgrp: <string>
auto_configuration: <value in [disable, enable]>
automatic_routing: <value in [disable, enable]>
banner: <string>
default_gateway: <string>
dhcp_server: <value in [disable, enable]>
dns_mode: <value in [auto, manual]>
dns_service: <value in [default, specify, local]>
domain: <string>
extgw: <string>
extgw_hubip: <string>
extgw_p2_per_net: <value in [disable, enable]>
extgwip: <string>
hub_iface: <list or string>
id: <integer>
iface: <list or string>
ip_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
ipsec_lease_hold: <integer>
ipv4_dns_server1: <string>
ipv4_dns_server2: <string>
ipv4_dns_server3: <string>
ipv4_end_ip: <string>
ipv4_exclude_range:
-
end_ip: <string>
id: <integer>
start_ip: <string>
ipv4_netmask: <string>
ipv4_split_include: <string>
ipv4_start_ip: <string>
ipv4_wins_server1: <string>
ipv4_wins_server2: <string>
local_gw: <string>
localid: <string>
mode_cfg: <value in [disable, enable]>
mode_cfg_ip_version: <value in [4, 6]>
net_device: <value in [disable, enable]>
peer: <list or string>
peergrp: <string>
peerid: <string>
peertype: <value in [any, one, dialup, ...]>
protected_subnet:
-
addr: <list or string>
seq: <integer>
public_ip: <string>
role: <value in [hub, spoke]>
route_overlap: <value in [use-old, use-new, allow]>
spoke_zone: <list or string>
summary_addr:
-
addr: <string>
priority: <integer>
seq: <integer>
tunnel_search: <value in [selectors, nexthop]>
unity_support: <value in [disable, enable]>
usrgrp: <string>
vpn_interface_priority: <integer>
vpn_zone: <list or string>
vpntable: <list or string>
xauthtype: <value in [disable, client, pap, ...]>
exchange_interface_ip: <value in [disable, enable]>
hub_public_ip: <string>
ipv4_split_exclude: <string>
scope_member:
-
name: <string>
vdom: <string>
dhcp_ra_giaddr: <string>
encapsulation: <value in [tunnel-mode, transport-mode]>
ipv4_name: <string>
l2tp: <value in [disable, enable]>
auto_discovery_receiver: <value in [disable, enable]>
auto_discovery_sender: <value in [disable, enable]>
network_id: <integer>
network_overlay: <value in [enable, disable]>
protocol: <integer>
adom:
description: The parameter (adom) in requested url.
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
type: bool
vpnmgr_node:
description: The top level parameters set.
required: false
suboptions:
add-route:
choices:
- disable
- enable
description: Deprecated, please rename it to add_route. Add-Route.
type: str
assign-ip:
choices:
- disable
- enable
description: Deprecated, please rename it to assign_ip. Assign-Ip.
type: str
assign-ip-from:
choices:
- range
- usrgrp
- dhcp
- name
description: Deprecated, please rename it to assign_ip_from. Assign-Ip-From.
type: str
authpasswd:
description: (list) Authpasswd.
type: raw
authusr:
description: Authusr.
type: str
authusrgrp:
description: Authusrgrp.
type: str
auto-configuration:
choices:
- disable
- enable
description: Deprecated, please rename it to auto_configuration. Auto-Configuration.
type: str
auto-discovery-receiver:
choices:
- disable
- enable
description: Deprecated, please rename it to auto_discovery_receiver.
type: str
auto-discovery-sender:
choices:
- disable
- enable
description: Deprecated, please rename it to auto_discovery_sender.
type: str
automatic_routing:
choices:
- disable
- enable
description: Automatic_Routing.
type: str
banner:
description: Banner.
type: str
default-gateway:
description: Deprecated, please rename it to default_gateway. Default-Gateway.
type: str
dhcp-ra-giaddr:
description: Deprecated, please rename it to dhcp_ra_giaddr.
type: str
dhcp-server:
choices:
- disable
- enable
description: Deprecated, please rename it to dhcp_server. Dhcp-Server.
type: str
dns-mode:
choices:
- auto
- manual
description: Deprecated, please rename it to dns_mode. Dns-Mode.
type: str
dns-service:
choices:
- default
- specify
- local
description: Deprecated, please rename it to dns_service. Dns-Service.
type: str
domain:
description: Domain.
type: str
encapsulation:
choices:
- tunnel-mode
- transport-mode
description: No description.
type: str
exchange-interface-ip:
choices:
- disable
- enable
description: Deprecated, please rename it to exchange_interface_ip. Exchange-Interface-Ip.
type: str
extgw:
description: Extgw.
type: str
extgw_hubip:
description: Extgw_Hubip.
type: str
extgw_p2_per_net:
choices:
- disable
- enable
description: Extgw_P2_Per_Net.
type: str
extgwip:
description: Extgwip.
type: str
hub-public-ip:
description: Deprecated, please rename it to hub_public_ip. Hub-Public-Ip.
type: str
hub_iface:
description: (list or str) Hub_Iface.
type: raw
id:
description: Id.
required: true
type: int
iface:
description: (list or str) Iface.
type: raw
ip-range:
description: Deprecated, please rename it to ip_range. Ip-Range.
elements: dict
suboptions:
end-ip:
description: Deprecated, please rename it to end_ip. End-Ip.
type: str
id:
description: Id.
type: int
start-ip:
description: Deprecated, please rename it to start_ip. Start-Ip.
type: str
type: list
ipsec-lease-hold:
description: Deprecated, please rename it to ipsec_lease_hold. Ipsec-Lease-Hold.
type: int
ipv4-dns-server1:
description: Deprecated, please rename it to ipv4_dns_server1. Ipv4-Dns-Server1.
type: str
ipv4-dns-server2:
description: Deprecated, please rename it to ipv4_dns_server2. Ipv4-Dns-Server2.
type: str
ipv4-dns-server3:
description: Deprecated, please rename it to ipv4_dns_server3. Ipv4-Dns-Server3.
type: str
ipv4-end-ip:
description: Deprecated, please rename it to ipv4_end_ip. Ipv4-End-Ip.
type: str
ipv4-exclude-range:
description: Deprecated, please rename it to ipv4_exclude_range. Ipv4-Exclude-Range.
elements: dict
suboptions:
end-ip:
description: Deprecated, please rename it to end_ip. End-Ip.
type: str
id:
description: Id.
type: int
start-ip:
description: Deprecated, please rename it to start_ip. Start-Ip.
type: str
type: list
ipv4-name:
description: Deprecated, please rename it to ipv4_name.
type: str
ipv4-netmask:
description: Deprecated, please rename it to ipv4_netmask. Ipv4-Netmask.
type: str
ipv4-split-exclude:
description: Deprecated, please rename it to ipv4_split_exclude. Ipv4-Split-Exclude.
type: str
ipv4-split-include:
description: Deprecated, please rename it to ipv4_split_include. Ipv4-Split-Include.
type: str
ipv4-start-ip:
description: Deprecated, please rename it to ipv4_start_ip. Ipv4-Start-Ip.
type: str
ipv4-wins-server1:
description: Deprecated, please rename it to ipv4_wins_server1. Ipv4-Wins-Server1.
type: str
ipv4-wins-server2:
description: Deprecated, please rename it to ipv4_wins_server2. Ipv4-Wins-Server2.
type: str
l2tp:
choices:
- disable
- enable
description: No description.
type: str
local-gw:
description: Deprecated, please rename it to local_gw. Local-Gw.
type: str
localid:
description: Localid.
type: str
mode-cfg:
choices:
- disable
- enable
description: Deprecated, please rename it to mode_cfg. Mode-Cfg.
type: str
mode-cfg-ip-version:
choices:
- '4'
- '6'
description: Deprecated, please rename it to mode_cfg_ip_version. Mode-Cfg-Ip-Version.
type: str
net-device:
choices:
- disable
- enable
description: Deprecated, please rename it to net_device. Net-Device.
type: str
network-id:
description: Deprecated, please rename it to network_id.
type: int
network-overlay:
choices:
- enable
- disable
description: Deprecated, please rename it to network_overlay.
type: str
peer:
description: (list or str) Peer.
type: raw
peergrp:
description: Peergrp.
type: str
peerid:
description: Peerid.
type: str
peertype:
choices:
- any
- one
- dialup
- peer
- peergrp
description: Peertype.
type: str
protected_subnet:
description: Protected_Subnet.
elements: dict
suboptions:
addr:
description: (list or str) Addr.
type: raw
seq:
description: Seq.
type: int
type: list
protocol:
description: No description.
type: int
public-ip:
description: Deprecated, please rename it to public_ip. Public-Ip.
type: str
role:
choices:
- hub
- spoke
description: Role.
type: str
route-overlap:
choices:
- use-old
- use-new
- allow
description: Deprecated, please rename it to route_overlap. Route-Overlap.
type: str
scope member:
description: Deprecated, please rename it to scope_member.
elements: dict
suboptions:
name:
description: No description.
type: str
vdom:
description: No description.
type: str
type: list
spoke-zone:
description: (list or str) Deprecated, please rename it to spoke_zone. Spoke-Zone.
type: raw
summary_addr:
description: Summary_Addr.
elements: dict
suboptions:
addr:
description: Addr.
type: str
priority:
description: Priority.
type: int
seq:
description: Seq.
type: int
type: list
tunnel-search:
choices:
- selectors
- nexthop
description: Deprecated, please rename it to tunnel_search. Tunnel-Search.
type: str
unity-support:
choices:
- disable
- enable
description: Deprecated, please rename it to unity_support. Unity-Support.
type: str
usrgrp:
description: Usrgrp.
type: str
vpn-interface-priority:
description: Deprecated, please rename it to vpn_interface_priority. Vpn-Interface-Priority.
type: int
vpn-zone:
description: (list or str) Deprecated, please rename it to vpn_zone. Vpn-Zone.
type: raw
vpntable:
description: (list or str) Vpntable.
type: raw
xauthtype:
choices:
- disable
- client
- pap
- chap
- auto
description: Xauthtype.
type: str
type: dict
access_token:
description: The token to access FortiManager without using username and password.
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
type: bool
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list