Try SpotterConfigure WTP profiles or FortiAP profiles that define radio settings for manageable FortiAP platforms in Fortinet's FortiOS and FortiGate.
| "added in version" 2.0.0 of fortinet.fortios"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortios:==2.3.6
collections:
- name: fortinet.fortios
version: 2.3.6This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify wireless_controller feature and wtp_profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- name: Configure WTP profiles or FortiAP profiles that define radio settings for manageable FortiAP platforms.
fortinet.fortios.fortios_wireless_controller_wtp_profile:
vdom: "{{ vdom }}"
state: "present"
access_token: "<your_own_value>"
wireless_controller_wtp_profile:
allowaccess: "https"
ap_country: "--"
ap_handoff: "enable"
apcfg_profile: "<your_own_value> (source wireless-controller.apcfg-profile.name)"
ble_profile: "<your_own_value> (source wireless-controller.ble-profile.name)"
bonjour_profile: "<your_own_value> (source wireless-controller.bonjour-profile.name)"
comment: "Comment."
console_login: "enable"
control_message_offload: "ebp-frame"
deny_mac_list:
-
id: "13"
mac: "<your_own_value>"
dtls_in_kernel: "enable"
dtls_policy: "clear-text"
energy_efficient_ethernet: "enable"
esl_ses_dongle:
apc_addr_type: "fqdn"
apc_fqdn: "<your_own_value>"
apc_ip: "<your_own_value>"
apc_port: "0"
coex_level: "none"
compliance_level: "compliance-level-2"
esl_channel: "-1"
output_power: "a"
scd_enable: "enable"
tls_cert_verification: "enable"
tls_fqdn_verification: "enable"
ext_info_enable: "enable"
frequency_handoff: "enable"
handoff_roaming: "enable"
handoff_rssi: "25"
handoff_sta_thresh: "0"
indoor_outdoor_deployment: "platform-determined"
ip_fragment_preventing: "tcp-mss-adjust"
lan:
port_esl_mode: "offline"
port_esl_ssid: "<your_own_value> (source system.interface.name)"
port_mode: "offline"
port_ssid: "<your_own_value> (source system.interface.name)"
port1_mode: "offline"
port1_ssid: "<your_own_value> (source system.interface.name)"
port2_mode: "offline"
port2_ssid: "<your_own_value> (source system.interface.name)"
port3_mode: "offline"
port3_ssid: "<your_own_value> (source system.interface.name)"
port4_mode: "offline"
port4_ssid: "<your_own_value> (source system.interface.name)"
port5_mode: "offline"
port5_ssid: "<your_own_value> (source system.interface.name)"
port6_mode: "offline"
port6_ssid: "<your_own_value> (source system.interface.name)"
port7_mode: "offline"
port7_ssid: "<your_own_value> (source system.interface.name)"
port8_mode: "offline"
port8_ssid: "<your_own_value> (source system.interface.name)"
lbs:
aeroscout: "enable"
aeroscout_ap_mac: "bssid"
aeroscout_mmu_report: "enable"
aeroscout_mu: "enable"
aeroscout_mu_factor: "20"
aeroscout_mu_timeout: "5"
aeroscout_server_ip: "<your_own_value>"
aeroscout_server_port: "0"
ekahau_blink_mode: "enable"
ekahau_tag: "<your_own_value>"
erc_server_ip: "<your_own_value>"
erc_server_port: "8569"
fortipresence: "foreign"
fortipresence_ble: "enable"
fortipresence_frequency: "30"
fortipresence_port: "3000"
fortipresence_project: "<your_own_value>"
fortipresence_rogue: "enable"
fortipresence_secret: "<your_own_value>"
fortipresence_server: "<your_own_value>"
fortipresence_server_addr_type: "ipv4"
fortipresence_server_fqdn: "<your_own_value>"
fortipresence_unassoc: "enable"
polestar: "enable"
polestar_accumulation_interval: "2"
polestar_asset_addrgrp_list: "<your_own_value> (source firewall.addrgrp.name)"
polestar_asset_uuid_list1: "<your_own_value>"
polestar_asset_uuid_list2: "<your_own_value>"
polestar_asset_uuid_list3: "<your_own_value>"
polestar_asset_uuid_list4: "<your_own_value>"
polestar_protocol: "WSS"
polestar_reporting_interval: "2"
polestar_server_fqdn: "<your_own_value>"
polestar_server_path: "<your_own_value>"
polestar_server_port: "443"
polestar_server_token: "<your_own_value>"
station_locate: "enable"
led_schedules:
-
name: "default_name_97 (source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name)"
led_state: "enable"
lldp: "enable"
login_passwd: "<your_own_value>"
login_passwd_change: "yes"
max_clients: "0"
name: "default_name_103"
platform:
ddscan: "enable"
mode: "single-5G"
type: "AP-11N"
poe_mode: "auto"
radio_1:
airtime_fairness: "enable"
amsdu: "enable"
ap_handoff: "enable"
ap_sniffer_addr: "<your_own_value>"
ap_sniffer_bufsize: "16"
ap_sniffer_chan: "36"
ap_sniffer_ctl: "enable"
ap_sniffer_data: "enable"
ap_sniffer_mgmt_beacon: "enable"
ap_sniffer_mgmt_other: "enable"
ap_sniffer_mgmt_probe: "enable"
arrp_profile: "<your_own_value> (source wireless-controller.arrp-profile.name)"
auto_power_high: "17"
auto_power_level: "enable"
auto_power_low: "10"
auto_power_target: "<your_own_value>"
band: "802.11a"
band_5g_type: "5g-full"
bandwidth_admission_control: "enable"
bandwidth_capacity: "2000"
beacon_interval: "100"
bss_color: "0"
bss_color_mode: "auto"
call_admission_control: "enable"
call_capacity: "10"
channel:
-
chan: "<your_own_value>"
channel_bonding: "160MHz"
channel_utilization: "enable"
coexistence: "enable"
darrp: "enable"
drma: "disable"
drma_sensitivity: "low"
dtim: "1"
frag_threshold: "2346"
frequency_handoff: "enable"
iperf_protocol: "udp"
iperf_server_port: "5001"
max_clients: "0"
max_distance: "0"
mimo_mode: "default"
mode: "disabled"
optional_antenna: "none"
optional_antenna_gain: "<your_own_value>"
power_level: "100"
power_mode: "dBm"
power_value: "27"
powersave_optimize: "tim"
protection_mode: "rtscts"
radio_id: "2"
rts_threshold: "2346"
sam_bssid: "<your_own_value>"
sam_ca_certificate: "<your_own_value>"
sam_captive_portal: "enable"
sam_client_certificate: "<your_own_value>"
sam_cwp_failure_string: "<your_own_value>"
sam_cwp_match_string: "<your_own_value>"
sam_cwp_password: "<your_own_value>"
sam_cwp_success_string: "<your_own_value>"
sam_cwp_test_url: "<your_own_value>"
sam_cwp_username: "<your_own_value>"
sam_eap_method: "both"
sam_password: "<your_own_value>"
sam_private_key: "<your_own_value>"
sam_private_key_password: "<your_own_value>"
sam_report_intv: "0"
sam_security_type: "open"
sam_server: "<your_own_value>"
sam_server_fqdn: "<your_own_value>"
sam_server_ip: "<your_own_value>"
sam_server_type: "ip"
sam_ssid: "<your_own_value>"
sam_test: "ping"
sam_username: "<your_own_value>"
set_80211d: "enable"
short_guard_interval: "enable"
spectrum_analysis: "enable"
transmit_optimize: "disable"
vap_all: "tunnel"
vaps:
-
name: "default_name_190 (source wireless-controller.vap-group.name system.interface.name)"
wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
zero_wait_dfs: "enable"
radio_2:
airtime_fairness: "enable"
amsdu: "enable"
ap_handoff: "enable"
ap_sniffer_addr: "<your_own_value>"
ap_sniffer_bufsize: "16"
ap_sniffer_chan: "6"
ap_sniffer_ctl: "enable"
ap_sniffer_data: "enable"
ap_sniffer_mgmt_beacon: "enable"
ap_sniffer_mgmt_other: "enable"
ap_sniffer_mgmt_probe: "enable"
arrp_profile: "<your_own_value> (source wireless-controller.arrp-profile.name)"
auto_power_high: "17"
auto_power_level: "enable"
auto_power_low: "10"
auto_power_target: "<your_own_value>"
band: "802.11a"
band_5g_type: "5g-full"
bandwidth_admission_control: "enable"
bandwidth_capacity: "2000"
beacon_interval: "100"
bss_color: "0"
bss_color_mode: "auto"
call_admission_control: "enable"
call_capacity: "10"
channel:
-
chan: "<your_own_value>"
channel_bonding: "160MHz"
channel_utilization: "enable"
coexistence: "enable"
darrp: "enable"
drma: "disable"
drma_sensitivity: "low"
dtim: "1"
frag_threshold: "2346"
frequency_handoff: "enable"
iperf_protocol: "udp"
iperf_server_port: "5001"
max_clients: "0"
max_distance: "0"
mimo_mode: "default"
mode: "disabled"
optional_antenna: "none"
optional_antenna_gain: "<your_own_value>"
power_level: "100"
power_mode: "dBm"
power_value: "27"
powersave_optimize: "tim"
protection_mode: "rtscts"
radio_id: "2"
rts_threshold: "2346"
sam_bssid: "<your_own_value>"
sam_ca_certificate: "<your_own_value>"
sam_captive_portal: "enable"
sam_client_certificate: "<your_own_value>"
sam_cwp_failure_string: "<your_own_value>"
sam_cwp_match_string: "<your_own_value>"
sam_cwp_password: "<your_own_value>"
sam_cwp_success_string: "<your_own_value>"
sam_cwp_test_url: "<your_own_value>"
sam_cwp_username: "<your_own_value>"
sam_eap_method: "both"
sam_password: "<your_own_value>"
sam_private_key: "<your_own_value>"
sam_private_key_password: "<your_own_value>"
sam_report_intv: "0"
sam_security_type: "open"
sam_server: "<your_own_value>"
sam_server_fqdn: "<your_own_value>"
sam_server_ip: "<your_own_value>"
sam_server_type: "ip"
sam_ssid: "<your_own_value>"
sam_test: "ping"
sam_username: "<your_own_value>"
set_80211d: "enable"
short_guard_interval: "enable"
spectrum_analysis: "enable"
transmit_optimize: "disable"
vap_all: "tunnel"
vaps:
-
name: "default_name_274 (source wireless-controller.vap-group.name system.interface.name)"
wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
zero_wait_dfs: "enable"
radio_3:
airtime_fairness: "enable"
amsdu: "enable"
ap_handoff: "enable"
ap_sniffer_addr: "<your_own_value>"
ap_sniffer_bufsize: "16"
ap_sniffer_chan: "37"
ap_sniffer_ctl: "enable"
ap_sniffer_data: "enable"
ap_sniffer_mgmt_beacon: "enable"
ap_sniffer_mgmt_other: "enable"
ap_sniffer_mgmt_probe: "enable"
arrp_profile: "<your_own_value> (source wireless-controller.arrp-profile.name)"
auto_power_high: "17"
auto_power_level: "enable"
auto_power_low: "10"
auto_power_target: "<your_own_value>"
band: "802.11a"
band_5g_type: "5g-full"
bandwidth_admission_control: "enable"
bandwidth_capacity: "2000"
beacon_interval: "100"
bss_color: "0"
bss_color_mode: "auto"
call_admission_control: "enable"
call_capacity: "10"
channel:
-
chan: "<your_own_value>"
channel_bonding: "160MHz"
channel_utilization: "enable"
coexistence: "enable"
darrp: "enable"
drma: "disable"
drma_sensitivity: "low"
dtim: "1"
frag_threshold: "2346"
frequency_handoff: "enable"
iperf_protocol: "udp"
iperf_server_port: "5001"
max_clients: "0"
max_distance: "0"
mimo_mode: "default"
mode: "disabled"
optional_antenna: "none"
optional_antenna_gain: "<your_own_value>"
power_level: "100"
power_mode: "dBm"
power_value: "27"
powersave_optimize: "tim"
protection_mode: "rtscts"
radio_id: "2"
rts_threshold: "2346"
sam_bssid: "<your_own_value>"
sam_ca_certificate: "<your_own_value>"
sam_captive_portal: "enable"
sam_client_certificate: "<your_own_value>"
sam_cwp_failure_string: "<your_own_value>"
sam_cwp_match_string: "<your_own_value>"
sam_cwp_password: "<your_own_value>"
sam_cwp_success_string: "<your_own_value>"
sam_cwp_test_url: "<your_own_value>"
sam_cwp_username: "<your_own_value>"
sam_eap_method: "both"
sam_password: "<your_own_value>"
sam_private_key: "<your_own_value>"
sam_private_key_password: "<your_own_value>"
sam_report_intv: "0"
sam_security_type: "open"
sam_server: "<your_own_value>"
sam_server_fqdn: "<your_own_value>"
sam_server_ip: "<your_own_value>"
sam_server_type: "ip"
sam_ssid: "<your_own_value>"
sam_test: "ping"
sam_username: "<your_own_value>"
set_80211d: "enable"
short_guard_interval: "enable"
spectrum_analysis: "enable"
transmit_optimize: "disable"
vap_all: "tunnel"
vaps:
-
name: "default_name_358 (source wireless-controller.vap-group.name system.interface.name)"
wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
zero_wait_dfs: "enable"
radio_4:
airtime_fairness: "enable"
amsdu: "enable"
ap_handoff: "enable"
ap_sniffer_addr: "<your_own_value>"
ap_sniffer_bufsize: "16"
ap_sniffer_chan: "6"
ap_sniffer_ctl: "enable"
ap_sniffer_data: "enable"
ap_sniffer_mgmt_beacon: "enable"
ap_sniffer_mgmt_other: "enable"
ap_sniffer_mgmt_probe: "enable"
arrp_profile: "<your_own_value> (source wireless-controller.arrp-profile.name)"
auto_power_high: "17"
auto_power_level: "enable"
auto_power_low: "10"
auto_power_target: "<your_own_value>"
band: "802.11a"
band_5g_type: "5g-full"
bandwidth_admission_control: "enable"
bandwidth_capacity: "2000"
beacon_interval: "100"
bss_color: "0"
bss_color_mode: "auto"
call_admission_control: "enable"
call_capacity: "10"
channel:
-
chan: "<your_own_value>"
channel_bonding: "160MHz"
channel_utilization: "enable"
coexistence: "enable"
darrp: "enable"
drma: "disable"
drma_sensitivity: "low"
dtim: "1"
frag_threshold: "2346"
frequency_handoff: "enable"
iperf_protocol: "udp"
iperf_server_port: "5001"
max_clients: "0"
max_distance: "0"
mimo_mode: "default"
mode: "disabled"
optional_antenna: "none"
optional_antenna_gain: "<your_own_value>"
power_level: "100"
power_mode: "dBm"
power_value: "27"
powersave_optimize: "tim"
protection_mode: "rtscts"
rts_threshold: "2346"
sam_bssid: "<your_own_value>"
sam_ca_certificate: "<your_own_value>"
sam_captive_portal: "enable"
sam_client_certificate: "<your_own_value>"
sam_cwp_failure_string: "<your_own_value>"
sam_cwp_match_string: "<your_own_value>"
sam_cwp_password: "<your_own_value>"
sam_cwp_success_string: "<your_own_value>"
sam_cwp_test_url: "<your_own_value>"
sam_cwp_username: "<your_own_value>"
sam_eap_method: "both"
sam_password: "<your_own_value>"
sam_private_key: "<your_own_value>"
sam_private_key_password: "<your_own_value>"
sam_report_intv: "0"
sam_security_type: "open"
sam_server: "<your_own_value>"
sam_server_fqdn: "<your_own_value>"
sam_server_ip: "<your_own_value>"
sam_server_type: "ip"
sam_ssid: "<your_own_value>"
sam_test: "ping"
sam_username: "<your_own_value>"
set_80211d: "enable"
short_guard_interval: "enable"
spectrum_analysis: "enable"
transmit_optimize: "disable"
vap_all: "tunnel"
vaps:
-
name: "default_name_441 (source wireless-controller.vap-group.name system.interface.name)"
wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
zero_wait_dfs: "enable"
split_tunneling_acl:
-
dest_ip: "<your_own_value>"
id: "446"
split_tunneling_acl_local_ap_subnet: "enable"
split_tunneling_acl_path: "tunnel"
syslog_profile: "<your_own_value> (source wireless-controller.syslog-profile.name)"
tun_mtu_downlink: "0"
tun_mtu_uplink: "0"
unii_4_5ghz_band: "enable"
wan_port_auth: "none"
wan_port_auth_macsec: "enable"
wan_port_auth_methods: "all"
wan_port_auth_password: "<your_own_value>"
wan_port_auth_usrname: "<your_own_value>"
wan_port_mode: "wan-lan"
vdom:
default: root
description:
- Virtual domain, among those defined previously. A vdom is a virtual instance of
the FortiGate that can be configured and used as a different unit.
type: str
state:
choices:
- present
- absent
description:
- Indicates whether to create or remove the object.
required: true
type: str
enable_log:
default: false
description:
- Enable/Disable logging for task.
required: false
type: bool
member_path:
description:
- Member attribute path to operate on.
- Delimited by a slash character if there are more than one attribute.
- Parameter marked with member_path is legitimate for doing member operation.
type: str
access_token:
description:
- Token-based authentication. Generated from GUI of Fortigate.
required: false
type: str
member_state:
choices:
- present
- absent
description:
- Add or delete a member under specified attribute path.
- When member_state is specified, the state option is ignored.
type: str
wireless_controller_wtp_profile:
default: null
description:
- Configure WTP profiles or FortiAP profiles that define radio settings for manageable
FortiAP platforms.
suboptions:
allowaccess:
choices:
- https
- ssh
- snmp
- telnet
- http
description:
- Control management access to the managed WTP, FortiAP, or AP. Separate entries
with a space.
elements: str
type: list
ap_country:
choices:
- --
- AF
- AL
- DZ
- AS
- AO
- AR
- AM
- AU
- AT
- AZ
- BS
- BH
- BD
- BB
- BY
- BE
- BZ
- BJ
- BM
- BT
- BO
- BA
- BW
- BR
- BN
- BG
- BF
- KH
- CM
- KY
- CF
- TD
- CL
- CN
- CX
- CO
- CG
- CD
- CR
- HR
- CY
- CZ
- DK
- DJ
- DM
- DO
- EC
- EG
- SV
- ET
- EE
- GF
- PF
- FO
- FJ
- FI
- FR
- GA
- GE
- GM
- DE
- GH
- GI
- GR
- GL
- GD
- GP
- GU
- GT
- GY
- HT
- HN
- HK
- HU
- IS
- IN
- ID
- IQ
- IE
- IM
- IL
- IT
- CI
- JM
- JO
- KZ
- KE
- KR
- KW
- LA
- LV
- LB
- LS
- LR
- LY
- LI
- LT
- LU
- MO
- MK
- MG
- MW
- MY
- MV
- ML
- MT
- MH
- MQ
- MR
- MU
- YT
- MX
- FM
- MD
- MC
- MN
- MA
- MZ
- MM
- NA
- NP
- NL
- AN
- AW
- NZ
- NI
- NE
- NG
- 'NO'
- MP
- OM
- PK
- PW
- PA
- PG
- PY
- PE
- PH
- PL
- PT
- PR
- QA
- RE
- RO
- RU
- RW
- BL
- KN
- LC
- MF
- PM
- VC
- SA
- SN
- RS
- ME
- SL
- SG
- SK
- SI
- SO
- ZA
- ES
- LK
- SR
- SZ
- SE
- CH
- TW
- TZ
- TH
- TG
- TT
- TN
- TR
- TM
- AE
- TC
- UG
- UA
- GB
- US
- PS
- UY
- UZ
- VU
- VE
- VN
- VI
- WF
- YE
- ZM
- ZW
- JP
- CA
- IR
- KP
- SD
- SY
- ZB
description:
- Country in which this WTP, FortiAP, or AP will operate .
type: str
ap_handoff:
choices:
- enable
- disable
description:
- Enable/disable AP handoff of clients to other APs .
type: str
apcfg_profile:
description:
- AP local configuration profile name. Source wireless-controller.apcfg-profile.name.
type: str
ble_profile:
description:
- Bluetooth Low Energy profile name. Source wireless-controller.ble-profile.name.
type: str
bonjour_profile:
description:
- Bonjour profile name. Source wireless-controller.bonjour-profile.name.
type: str
comment:
description:
- Comment.
type: str
console_login:
choices:
- enable
- disable
description:
- Enable/disable FortiAP console login access .
type: str
control_message_offload:
choices:
- ebp-frame
- aeroscout-tag
- ap-list
- sta-list
- sta-cap-list
- stats
- aeroscout-mu
- sta-health
- spectral-analysis
description:
- Enable/disable CAPWAP control message data channel offload.
elements: str
type: list
deny_mac_list:
description:
- List of MAC addresses that are denied access to this WTP, FortiAP, or AP.
elements: dict
suboptions:
id:
description:
- ID. see <a href='#notes'>Notes</a>.
required: true
type: int
mac:
description:
- A WiFi device with this MAC address is denied access to this WTP, FortiAP
or AP.
type: str
type: list
dtls_in_kernel:
choices:
- enable
- disable
description:
- Enable/disable data channel DTLS in kernel.
type: str
dtls_policy:
choices:
- clear-text
- dtls-enabled
- ipsec-vpn
- ipsec-sn-vpn
description:
- WTP data channel DTLS policy .
elements: str
type: list
energy_efficient_ethernet:
choices:
- enable
- disable
description:
- Enable/disable use of energy efficient Ethernet on WTP.
type: str
esl_ses_dongle:
description:
- ESL SES-imagotag dongle configuration.
suboptions:
apc_addr_type:
choices:
- fqdn
- ip
description:
- ESL SES-imagotag APC address type .
type: str
apc_fqdn:
description:
- FQDN of ESL SES-imagotag Access Point Controller (APC).
type: str
apc_ip:
description:
- IP address of ESL SES-imagotag Access Point Controller (APC).
type: str
apc_port:
description:
- Port of ESL SES-imagotag Access Point Controller (APC).
type: int
coex_level:
choices:
- none
description:
- ESL SES-imagotag dongle coexistence level .
type: str
compliance_level:
choices:
- compliance-level-2
description:
- Compliance levels for the ESL solution integration .
type: str
esl_channel:
choices:
- '-1'
- '0'
- '1'
- '2'
- '3'
- '4'
- '5'
- '6'
- '7'
- '8'
- '9'
- '10'
- '127'
description:
- ESL SES-imagotag dongle channel .
type: str
output_power:
choices:
- a
- b
- c
- d
- e
- f
- g
- h
description:
- ESL SES-imagotag dongle output power .
type: str
scd_enable:
choices:
- enable
- disable
description:
- Enable/disable ESL SES-imagotag Serial Communication Daemon (SCD) .
type: str
tls_cert_verification:
choices:
- enable
- disable
description:
- Enable/disable TLS certificate verification .
type: str
tls_fqdn_verification:
choices:
- enable
- disable
description:
- Enable/disable TLS certificate verification .
type: str
type: dict
ext_info_enable:
choices:
- enable
- disable
description:
- Enable/disable station/VAP/radio extension information.
type: str
frequency_handoff:
choices:
- enable
- disable
description:
- Enable/disable frequency handoff of clients to other channels .
type: str
handoff_roaming:
choices:
- enable
- disable
description:
- Enable/disable client load balancing during roaming to avoid roaming delay .
type: str
handoff_rssi:
description:
- Minimum received signal strength indicator (RSSI) value for handoff (20 - 30).
type: int
handoff_sta_thresh:
description:
- Threshold value for AP handoff.
type: int
indoor_outdoor_deployment:
choices:
- platform-determined
- outdoor
- indoor
description:
- Set to allow indoor/outdoor-only channels under regulatory rules .
type: str
ip_fragment_preventing:
choices:
- tcp-mss-adjust
- icmp-unreachable
description:
- Method(s) by which IP fragmentation is prevented for control and data packets
through CAPWAP tunnel .
elements: str
type: list
lan:
description:
- WTP LAN port mapping.
suboptions:
port1_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port 1 mode.
type: str
port1_ssid:
description:
- Bridge LAN port 1 to SSID. Source system.interface.name.
type: str
port2_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port 2 mode.
type: str
port2_ssid:
description:
- Bridge LAN port 2 to SSID. Source system.interface.name.
type: str
port3_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port 3 mode.
type: str
port3_ssid:
description:
- Bridge LAN port 3 to SSID. Source system.interface.name.
type: str
port4_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port 4 mode.
type: str
port4_ssid:
description:
- Bridge LAN port 4 to SSID. Source system.interface.name.
type: str
port5_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port 5 mode.
type: str
port5_ssid:
description:
- Bridge LAN port 5 to SSID. Source system.interface.name.
type: str
port6_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port 6 mode.
type: str
port6_ssid:
description:
- Bridge LAN port 6 to SSID. Source system.interface.name.
type: str
port7_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port 7 mode.
type: str
port7_ssid:
description:
- Bridge LAN port 7 to SSID. Source system.interface.name.
type: str
port8_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port 8 mode.
type: str
port8_ssid:
description:
- Bridge LAN port 8 to SSID. Source system.interface.name.
type: str
port_esl_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- ESL port mode.
type: str
port_esl_ssid:
description:
- Bridge ESL port to SSID. Source system.interface.name.
type: str
port_mode:
choices:
- offline
- nat-to-wan
- bridge-to-wan
- bridge-to-ssid
description:
- LAN port mode.
type: str
port_ssid:
description:
- Bridge LAN port to SSID. Source system.interface.name.
type: str
type: dict
lbs:
description:
- Set various location based service (LBS) options.
suboptions:
aeroscout:
choices:
- enable
- disable
description:
- Enable/disable AeroScout Real Time Location Service (RTLS) support .
type: str
aeroscout_ap_mac:
choices:
- bssid
- board-mac
description:
- Use BSSID or board MAC address as AP MAC address in AeroScout AP messages
.
type: str
aeroscout_mmu_report:
choices:
- enable
- disable
description:
- Enable/disable compounded AeroScout tag and MU report .
type: str
aeroscout_mu:
choices:
- enable
- disable
description:
- Enable/disable AeroScout Mobile Unit (MU) support .
type: str
aeroscout_mu_factor:
description:
- AeroScout MU mode dilution factor .
type: int
aeroscout_mu_timeout:
description:
- AeroScout MU mode timeout (0 - 65535 sec).
type: int
aeroscout_server_ip:
description:
- IP address of AeroScout server.
type: str
aeroscout_server_port:
description:
- AeroScout server UDP listening port.
type: int
ekahau_blink_mode:
choices:
- enable
- disable
description:
- Enable/disable Ekahau blink mode (now known as AiRISTA Flow) to track and
locate WiFi tags .
type: str
ekahau_tag:
description:
- WiFi frame MAC address or WiFi Tag.
type: str
erc_server_ip:
description:
- IP address of Ekahau RTLS Controller (ERC).
type: str
erc_server_port:
description:
- Ekahau RTLS Controller (ERC) UDP listening port.
type: int
fortipresence:
choices:
- foreign
- both
- disable
description:
- Enable/disable FortiPresence to monitor the location and activity of WiFi
clients even if they don"t connect to this WiFi network .
type: str
fortipresence_ble:
choices:
- enable
- disable
description:
- Enable/disable FortiPresence finding and reporting BLE devices.
type: str
fortipresence_frequency:
description:
- FortiPresence report transmit frequency (5 - 65535 sec).
type: int
fortipresence_port:
description:
- UDP listening port of FortiPresence server .
type: int
fortipresence_project:
description:
- FortiPresence project name (max. 16 characters).
type: str
fortipresence_rogue:
choices:
- enable
- disable
description:
- Enable/disable FortiPresence finding and reporting rogue APs.
type: str
fortipresence_secret:
description:
- FortiPresence secret password (max. 16 characters).
type: str
fortipresence_server:
description:
- IP address of FortiPresence server.
type: str
fortipresence_server_addr_type:
choices:
- ipv4
- fqdn
description:
- FortiPresence server address type .
type: str
fortipresence_server_fqdn:
description:
- FQDN of FortiPresence server.
type: str
fortipresence_unassoc:
choices:
- enable
- disable
description:
- Enable/disable FortiPresence finding and reporting unassociated stations.
type: str
polestar:
choices:
- enable
- disable
description:
- Enable/disable PoleStar BLE NAO Track Real Time Location Service (RTLS)
support .
type: str
polestar_accumulation_interval:
description:
- Time that measurements should be accumulated in seconds .
type: int
polestar_asset_addrgrp_list:
description:
- Tags and asset addrgrp list to be reported. Source firewall.addrgrp.name.
type: str
polestar_asset_uuid_list1:
description:
- Tags and asset UUID list 1 to be reported (string in the format of "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX").
type: str
polestar_asset_uuid_list2:
description:
- Tags and asset UUID list 2 to be reported (string in the format of "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX").
type: str
polestar_asset_uuid_list3:
description:
- Tags and asset UUID list 3 to be reported (string in the format of "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX").
type: str
polestar_asset_uuid_list4:
description:
- Tags and asset UUID list 4 to be reported (string in the format of "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX").
type: str
polestar_protocol:
choices:
- WSS
description:
- Select the protocol to report Measurements, Advertising Data, or Location
Data to NAO Cloud. .
type: str
polestar_reporting_interval:
description:
- Time between reporting accumulated measurements in seconds .
type: int
polestar_server_fqdn:
description:
- FQDN of PoleStar Nao Track Server .
type: str
polestar_server_path:
description:
- Path of PoleStar Nao Track Server .
type: str
polestar_server_port:
description:
- Port of PoleStar Nao Track Server .
type: int
polestar_server_token:
description:
- Access Token of PoleStar Nao Track Server.
type: str
station_locate:
choices:
- enable
- disable
description:
- Enable/disable client station locating services for all clients, whether
associated or not .
type: str
type: dict
led_schedules:
description:
- Recurring firewall schedules for illuminating LEDs on the FortiAP. If led-state
is enabled, LEDs will be visible when at least one of the schedules is valid.
Separate multiple schedule names with a space.
elements: dict
suboptions:
name:
description:
- Schedule name. Source firewall.schedule.group.name firewall.schedule.recurring.name
firewall.schedule.onetime.name.
required: true
type: str
type: list
led_state:
choices:
- enable
- disable
description:
- Enable/disable use of LEDs on WTP .
type: str
lldp:
choices:
- enable
- disable
description:
- Enable/disable Link Layer Discovery Protocol (LLDP) for the WTP, FortiAP, or
AP .
type: str
login_passwd:
description:
- Set the managed WTP, FortiAP, or AP"s administrator password.
type: str
login_passwd_change:
choices:
- 'yes'
- default
- 'no'
description:
- Change or reset the administrator password of a managed WTP, FortiAP or AP (yes,
default, or no).
type: str
max_clients:
description:
- Maximum number of stations (STAs) supported by the WTP .
type: int
name:
description:
- WTP (or FortiAP or AP) profile name.
required: true
type: str
platform:
description:
- WTP, FortiAP, or AP platform.
suboptions:
ddscan:
choices:
- enable
- disable
description:
- Enable/disable use of one radio for dedicated full-band scanning to detect
RF characterization and wireless threat management.
type: str
mode:
choices:
- single-5G
- dual-5G
description:
- Configure operation mode of 5G radios .
type: str
type:
choices:
- AP-11N
- C24JE
- 421E
- 423E
- 221E
- 222E
- 223E
- 224E
- 231E
- 321E
- 431F
- 431FL
- 432F
- 432FR
- 433F
- 433FL
- 231F
- 231FL
- 234F
- 23JF
- 831F
- 231G
- 233G
- 234G
- 431G
- 432G
- 433G
- 241K
- 243K
- 441K
- 443K
- U421E
- U422EV
- U423E
- U221EV
- U223EV
- U24JEV
- U321EV
- U323EV
- U431F
- U433F
- U231F
- U234F
- U432F
- U231G
- 220B
- 210B
- 222B
- 112B
- 320B
- 11C
- 14C
- 223B
- 28C
- 320C
- 221C
- 25D
- 222C
- 224D
- 214B
- 21D
- 24D
- 112D
- 223C
- 321C
- C220C
- C225C
- C23JD
- S321C
- S322C
- S323C
- S311C
- S313C
- S321CR
- S322CR
- S323CR
- S421E
- S422E
- S423E
- S221E
- S223E
- U441G
description:
- WTP, FortiAP or AP platform type. There are built-in WTP profiles for all
supported FortiAP models. You can select a built-in profile and customize
it or create a new profile.
type: str
type: dict
poe_mode:
choices:
- auto
- 8023af
- 8023at
- power-adapter
- full
- high
- low
description:
- Set the WTP, FortiAP, or AP"s PoE mode.
type: str
radio_1:
description:
- Configuration options for radio 1.
suboptions:
airtime_fairness:
choices:
- enable
- disable
description:
- Enable/disable airtime fairness .
type: str
amsdu:
choices:
- enable
- disable
description:
- Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported
by your WiFi clients .
type: str
ap_handoff:
choices:
- enable
- disable
description:
- Enable/disable AP handoff of clients to other APs .
type: str
ap_sniffer_addr:
description:
- MAC address to monitor.
type: str
ap_sniffer_bufsize:
description:
- Sniffer buffer size (1 - 32 MB).
type: int
ap_sniffer_chan:
description:
- Channel on which to operate the sniffer .
type: int
ap_sniffer_ctl:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi control frame .
type: str
ap_sniffer_data:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi data frame .
type: str
ap_sniffer_mgmt_beacon:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management Beacon frames .
type: str
ap_sniffer_mgmt_other:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management other frames .
type: str
ap_sniffer_mgmt_probe:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management probe frames .
type: str
arrp_profile:
description:
- Distributed Automatic Radio Resource Provisioning (DARRP) profile name to
assign to the radio. Source wireless-controller .arrp-profile.name.
type: str
auto_power_high:
description:
- The upper bound of automatic transmit power adjustment in dBm (the actual
range of transmit power depends on the AP platform type).
type: int
auto_power_level:
choices:
- enable
- disable
description:
- Enable/disable automatic power-level adjustment to prevent co-channel interference
.
type: str
auto_power_low:
description:
- The lower bound of automatic transmit power adjustment in dBm (the actual
range of transmit power depends on the AP platform type).
type: int
auto_power_target:
description:
- Target of automatic transmit power adjustment in dBm (-95 to -20).
type: str
band:
choices:
- 802.11a
- 802.11b
- 802.11g
- 802.11n
- 802.11n-5G
- 802.11ac
- 802.11ax-5G
- 802.11ax
- 802.11ac-2G
- 802.11ax-6G
- 802.11n,g-only
- 802.11g-only
- 802.11n-only
- 802.11n-5G-only
- 802.11ac,n-only
- 802.11ac-only
- 802.11ax,ac-only
- 802.11ax,ac,n-only
- 802.11ax-5G-only
- 802.11ax,n-only
- 802.11ax,n,g-only
- 802.11ax-only
description:
- WiFi band that Radio 1 operates on.
type: str
band_5g_type:
choices:
- 5g-full
- 5g-high
- 5g-low
description:
- WiFi 5G band type.
type: str
bandwidth_admission_control:
choices:
- enable
- disable
description:
- Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize
WiFi bandwidth use. A request to join the wireless network is only allowed
if the access point has enough bandwidth to support it.
type: str
bandwidth_capacity:
description:
- Maximum bandwidth capacity allowed (1 - 600000 Kbps).
type: int
beacon_interval:
description:
- Beacon interval. The time between beacon frames in milliseconds. Actual
range of beacon interval depends on the AP platform type .
type: int
bss_color:
description:
- BSS color value for this 11ax radio (0 - 63, disable = 0).
type: int
bss_color_mode:
choices:
- auto
- static
description:
- BSS color mode for this 11ax radio .
type: str
call_admission_control:
choices:
- enable
- disable
description:
- Enable/disable WiFi multimedia (WMM) call admission control to optimize
WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there
is enough bandwidth available to support them.
type: str
call_capacity:
description:
- Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio
(0 - 60).
type: int
channel:
description:
- Selected list of wireless radio channels.
elements: dict
suboptions:
chan:
description:
- Channel number.
required: true
type: str
type: list
channel_bonding:
choices:
- 160MHz
- 80MHz
- 40MHz
- 20MHz
description:
- 'Channel bandwidth: 160,80, 40, or 20MHz. Channels may use both 20 and 40
by enabling coexistence.'
type: str
channel_utilization:
choices:
- enable
- disable
description:
- Enable/disable measuring channel utilization.
type: str
coexistence:
choices:
- enable
- disable
description:
- Enable/disable allowing both HT20 and HT40 on the same radio .
type: str
darrp:
choices:
- enable
- disable
description:
- Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP)
to make sure the radio is always using the most optimal channel .
type: str
drma:
choices:
- disable
- enable
description:
- Enable/disable dynamic radio mode assignment (DRMA) .
type: str
drma_sensitivity:
choices:
- low
- medium
- high
description:
- Network Coverage Factor (NCF) percentage required to consider a radio as
redundant .
type: str
dtim:
description:
- Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save
battery life of WiFi client in power-save mode.
type: int
frag_threshold:
description:
- Maximum packet size that can be sent without fragmentation (800 - 2346 bytes).
type: int
frequency_handoff:
choices:
- enable
- disable
description:
- Enable/disable frequency handoff of clients to other channels .
type: str
iperf_protocol:
choices:
- udp
- tcp
description:
- Iperf test protocol .
type: str
iperf_server_port:
description:
- Iperf service port number.
type: int
max_clients:
description:
- Maximum number of stations (STAs) or WiFi clients supported by the radio.
Range depends on the hardware.
type: int
max_distance:
description:
- Maximum expected distance between the AP and clients (0 - 54000 m).
type: int
mimo_mode:
choices:
- default
- 1x1
- 2x2
- 3x3
- 4x4
- 8x8
description:
- Configure radio MIMO mode .
type: str
mode:
choices:
- disabled
- ap
- monitor
- sniffer
- sam
description:
- Mode of radio 1. Radio 1 can be disabled, configured as an access point,
a rogue AP monitor, a sniffer, or a station.
type: str
optional_antenna:
choices:
- none
- custom
- FANT-04ABGN-0606-O-N
- FANT-04ABGN-1414-P-N
- FANT-04ABGN-8065-P-N
- FANT-04ABGN-0606-O-R
- FANT-04ABGN-0606-P-R
- FANT-10ACAX-1213-D-N
- FANT-08ABGN-1213-D-R
description:
- Optional antenna used on FAP .
type: str
optional_antenna_gain:
description:
- Optional antenna gain in dBi (0 to 20).
type: str
power_level:
description:
- Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100).
type: int
power_mode:
choices:
- dBm
- percentage
description:
- Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage
of the maximum EIRP . This power takes into account both radio transmit
power and antenna gain. Higher power level settings may be constrained by
local regulatory requirements and AP capabilities.
type: str
power_value:
description:
- Radio EIRP power in dBm (1 - 33).
type: int
powersave_optimize:
choices:
- tim
- ac-vo
- no-obss-scan
- no-11b-rate
- client-rate-follow
description:
- Enable client power-saving features such as TIM, AC VO, and OBSS etc.
elements: str
type: list
protection_mode:
choices:
- rtscts
- ctsonly
- disable
description:
- Enable/disable 802.11g protection modes to support backwards compatibility
with older clients (rtscts, ctsonly, disable).
type: str
radio_id:
description:
- radio-id
type: int
rts_threshold:
description:
- Maximum packet size for RTS transmissions, specifying the maximum size of
a data packet before RTS/CTS (256 - 2346 bytes).
type: int
sam_bssid:
description:
- BSSID for WiFi network.
type: str
sam_ca_certificate:
description:
- CA certificate for WPA2/WPA3-ENTERPRISE.
type: str
sam_captive_portal:
choices:
- enable
- disable
description:
- Enable/disable Captive Portal Authentication .
type: str
sam_client_certificate:
description:
- Client certificate for WPA2/WPA3-ENTERPRISE.
type: str
sam_cwp_failure_string:
description:
- Failure identification on the page after an incorrect login.
type: str
sam_cwp_match_string:
description:
- Identification string from the captive portal login form.
type: str
sam_cwp_password:
description:
- Password for captive portal authentication.
type: str
sam_cwp_success_string:
description:
- Success identification on the page after a successful login.
type: str
sam_cwp_test_url:
description:
- Website the client is trying to access.
type: str
sam_cwp_username:
description:
- Username for captive portal authentication.
type: str
sam_eap_method:
choices:
- both
- tls
- peap
description:
- Select WPA2/WPA3-ENTERPRISE EAP Method .
type: str
sam_password:
description:
- Passphrase for WiFi network connection.
type: str
sam_private_key:
description:
- Private key for WPA2/WPA3-ENTERPRISE.
type: str
sam_private_key_password:
description:
- Password for private key file for WPA2/WPA3-ENTERPRISE.
type: str
sam_report_intv:
description:
- SAM report interval (sec), 0 for a one-time report.
type: int
sam_security_type:
choices:
- open
- wpa-personal
- wpa-enterprise
- wpa3-sae
- owe
description:
- Select WiFi network security type .
type: str
sam_server:
description:
- SAM test server IP address or domain name.
type: str
sam_server_fqdn:
description:
- SAM test server domain name.
type: str
sam_server_ip:
description:
- SAM test server IP address.
type: str
sam_server_type:
choices:
- ip
- fqdn
description:
- Select SAM server type .
type: str
sam_ssid:
description:
- SSID for WiFi network.
type: str
sam_test:
choices:
- ping
- iperf
description:
- Select SAM test type .
type: str
sam_username:
description:
- Username for WiFi network connection.
type: str
set_80211d:
choices:
- enable
- disable
description:
- Enable/disable 802.11d countryie.
type: str
short_guard_interval:
choices:
- enable
- disable
description:
- Use either the short guard interval (Short GI) of 400 ns or the long guard
interval (Long GI) of 800 ns.
type: str
spectrum_analysis:
choices:
- enable
- scan-only
- disable
description:
- Enable/disable spectrum analysis to find interference that would negatively
impact wireless performance.
type: str
transmit_optimize:
choices:
- disable
- power-save
- aggr-limit
- retry-limit
- send-bar
description:
- Packet transmission optimization options including power saving, aggregation
limiting, retry limiting, etc. All are enabled by default.
elements: str
type: list
vap_all:
choices:
- tunnel
- bridge
- manual
- enable
- disable
description:
- Configure method for assigning SSIDs to this FortiAP .
type: str
vaps:
description:
- Manually selected list of Virtual Access Points (VAPs).
elements: dict
suboptions:
name:
description:
- Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name
system.interface.name.
required: true
type: str
type: list
wids_profile:
description:
- Wireless Intrusion Detection System (WIDS) profile name to assign to the
radio. Source wireless-controller.wids-profile.name.
type: str
zero_wait_dfs:
choices:
- enable
- disable
description:
- Enable/disable zero wait DFS on radio .
type: str
type: dict
radio_2:
description:
- Configuration options for radio 2.
suboptions:
airtime_fairness:
choices:
- enable
- disable
description:
- Enable/disable airtime fairness .
type: str
amsdu:
choices:
- enable
- disable
description:
- Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported
by your WiFi clients .
type: str
ap_handoff:
choices:
- enable
- disable
description:
- Enable/disable AP handoff of clients to other APs .
type: str
ap_sniffer_addr:
description:
- MAC address to monitor.
type: str
ap_sniffer_bufsize:
description:
- Sniffer buffer size (1 - 32 MB).
type: int
ap_sniffer_chan:
description:
- Channel on which to operate the sniffer .
type: int
ap_sniffer_ctl:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi control frame .
type: str
ap_sniffer_data:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi data frame .
type: str
ap_sniffer_mgmt_beacon:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management Beacon frames .
type: str
ap_sniffer_mgmt_other:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management other frames .
type: str
ap_sniffer_mgmt_probe:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management probe frames .
type: str
arrp_profile:
description:
- Distributed Automatic Radio Resource Provisioning (DARRP) profile name to
assign to the radio. Source wireless-controller .arrp-profile.name.
type: str
auto_power_high:
description:
- The upper bound of automatic transmit power adjustment in dBm (the actual
range of transmit power depends on the AP platform type).
type: int
auto_power_level:
choices:
- enable
- disable
description:
- Enable/disable automatic power-level adjustment to prevent co-channel interference
.
type: str
auto_power_low:
description:
- The lower bound of automatic transmit power adjustment in dBm (the actual
range of transmit power depends on the AP platform type).
type: int
auto_power_target:
description:
- Target of automatic transmit power adjustment in dBm (-95 to -20).
type: str
band:
choices:
- 802.11a
- 802.11b
- 802.11g
- 802.11n
- 802.11n-5G
- 802.11ac
- 802.11ax-5G
- 802.11ax
- 802.11ac-2G
- 802.11ax-6G
- 802.11n,g-only
- 802.11g-only
- 802.11n-only
- 802.11n-5G-only
- 802.11ac,n-only
- 802.11ac-only
- 802.11ax,ac-only
- 802.11ax,ac,n-only
- 802.11ax-5G-only
- 802.11ax,n-only
- 802.11ax,n,g-only
- 802.11ax-only
description:
- WiFi band that Radio 2 operates on.
type: str
band_5g_type:
choices:
- 5g-full
- 5g-high
- 5g-low
description:
- WiFi 5G band type.
type: str
bandwidth_admission_control:
choices:
- enable
- disable
description:
- Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize
WiFi bandwidth use. A request to join the wireless network is only allowed
if the access point has enough bandwidth to support it.
type: str
bandwidth_capacity:
description:
- Maximum bandwidth capacity allowed (1 - 600000 Kbps).
type: int
beacon_interval:
description:
- Beacon interval. The time between beacon frames in milliseconds. Actual
range of beacon interval depends on the AP platform type .
type: int
bss_color:
description:
- BSS color value for this 11ax radio (0 - 63, disable = 0).
type: int
bss_color_mode:
choices:
- auto
- static
description:
- BSS color mode for this 11ax radio .
type: str
call_admission_control:
choices:
- enable
- disable
description:
- Enable/disable WiFi multimedia (WMM) call admission control to optimize
WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there
is enough bandwidth available to support them.
type: str
call_capacity:
description:
- Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio
(0 - 60).
type: int
channel:
description:
- Selected list of wireless radio channels.
elements: dict
suboptions:
chan:
description:
- Channel number.
required: true
type: str
type: list
channel_bonding:
choices:
- 160MHz
- 80MHz
- 40MHz
- 20MHz
description:
- 'Channel bandwidth: 160,80, 40, or 20MHz. Channels may use both 20 and 40
by enabling coexistence.'
type: str
channel_utilization:
choices:
- enable
- disable
description:
- Enable/disable measuring channel utilization.
type: str
coexistence:
choices:
- enable
- disable
description:
- Enable/disable allowing both HT20 and HT40 on the same radio .
type: str
darrp:
choices:
- enable
- disable
description:
- Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP)
to make sure the radio is always using the most optimal channel .
type: str
drma:
choices:
- disable
- enable
description:
- Enable/disable dynamic radio mode assignment (DRMA) .
type: str
drma_sensitivity:
choices:
- low
- medium
- high
description:
- Network Coverage Factor (NCF) percentage required to consider a radio as
redundant .
type: str
dtim:
description:
- Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save
battery life of WiFi client in power-save mode.
type: int
frag_threshold:
description:
- Maximum packet size that can be sent without fragmentation (800 - 2346 bytes).
type: int
frequency_handoff:
choices:
- enable
- disable
description:
- Enable/disable frequency handoff of clients to other channels .
type: str
iperf_protocol:
choices:
- udp
- tcp
description:
- Iperf test protocol .
type: str
iperf_server_port:
description:
- Iperf service port number.
type: int
max_clients:
description:
- Maximum number of stations (STAs) or WiFi clients supported by the radio.
Range depends on the hardware.
type: int
max_distance:
description:
- Maximum expected distance between the AP and clients (0 - 54000 m).
type: int
mimo_mode:
choices:
- default
- 1x1
- 2x2
- 3x3
- 4x4
- 8x8
description:
- Configure radio MIMO mode .
type: str
mode:
choices:
- disabled
- ap
- monitor
- sniffer
- sam
description:
- Mode of radio 2. Radio 2 can be disabled, configured as an access point,
a rogue AP monitor, a sniffer, or a station.
type: str
optional_antenna:
choices:
- none
- custom
- FANT-04ABGN-0606-O-N
- FANT-04ABGN-1414-P-N
- FANT-04ABGN-8065-P-N
- FANT-04ABGN-0606-O-R
- FANT-04ABGN-0606-P-R
- FANT-10ACAX-1213-D-N
- FANT-08ABGN-1213-D-R
description:
- Optional antenna used on FAP .
type: str
optional_antenna_gain:
description:
- Optional antenna gain in dBi (0 to 20).
type: str
power_level:
description:
- Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100).
type: int
power_mode:
choices:
- dBm
- percentage
description:
- Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage
of the maximum EIRP . This power takes into account both radio transmit
power and antenna gain. Higher power level settings may be constrained by
local regulatory requirements and AP capabilities.
type: str
power_value:
description:
- Radio EIRP power in dBm (1 - 33).
type: int
powersave_optimize:
choices:
- tim
- ac-vo
- no-obss-scan
- no-11b-rate
- client-rate-follow
description:
- Enable client power-saving features such as TIM, AC VO, and OBSS etc.
elements: str
type: list
protection_mode:
choices:
- rtscts
- ctsonly
- disable
description:
- Enable/disable 802.11g protection modes to support backwards compatibility
with older clients (rtscts, ctsonly, disable).
type: str
radio_id:
description:
- radio-id
type: int
rts_threshold:
description:
- Maximum packet size for RTS transmissions, specifying the maximum size of
a data packet before RTS/CTS (256 - 2346 bytes).
type: int
sam_bssid:
description:
- BSSID for WiFi network.
type: str
sam_ca_certificate:
description:
- CA certificate for WPA2/WPA3-ENTERPRISE.
type: str
sam_captive_portal:
choices:
- enable
- disable
description:
- Enable/disable Captive Portal Authentication .
type: str
sam_client_certificate:
description:
- Client certificate for WPA2/WPA3-ENTERPRISE.
type: str
sam_cwp_failure_string:
description:
- Failure identification on the page after an incorrect login.
type: str
sam_cwp_match_string:
description:
- Identification string from the captive portal login form.
type: str
sam_cwp_password:
description:
- Password for captive portal authentication.
type: str
sam_cwp_success_string:
description:
- Success identification on the page after a successful login.
type: str
sam_cwp_test_url:
description:
- Website the client is trying to access.
type: str
sam_cwp_username:
description:
- Username for captive portal authentication.
type: str
sam_eap_method:
choices:
- both
- tls
- peap
description:
- Select WPA2/WPA3-ENTERPRISE EAP Method .
type: str
sam_password:
description:
- Passphrase for WiFi network connection.
type: str
sam_private_key:
description:
- Private key for WPA2/WPA3-ENTERPRISE.
type: str
sam_private_key_password:
description:
- Password for private key file for WPA2/WPA3-ENTERPRISE.
type: str
sam_report_intv:
description:
- SAM report interval (sec), 0 for a one-time report.
type: int
sam_security_type:
choices:
- open
- wpa-personal
- wpa-enterprise
- wpa3-sae
- owe
description:
- Select WiFi network security type .
type: str
sam_server:
description:
- SAM test server IP address or domain name.
type: str
sam_server_fqdn:
description:
- SAM test server domain name.
type: str
sam_server_ip:
description:
- SAM test server IP address.
type: str
sam_server_type:
choices:
- ip
- fqdn
description:
- Select SAM server type .
type: str
sam_ssid:
description:
- SSID for WiFi network.
type: str
sam_test:
choices:
- ping
- iperf
description:
- Select SAM test type .
type: str
sam_username:
description:
- Username for WiFi network connection.
type: str
set_80211d:
choices:
- enable
- disable
description:
- Enable/disable 802.11d countryie.
type: str
short_guard_interval:
choices:
- enable
- disable
description:
- Use either the short guard interval (Short GI) of 400 ns or the long guard
interval (Long GI) of 800 ns.
type: str
spectrum_analysis:
choices:
- enable
- scan-only
- disable
description:
- Enable/disable spectrum analysis to find interference that would negatively
impact wireless performance.
type: str
transmit_optimize:
choices:
- disable
- power-save
- aggr-limit
- retry-limit
- send-bar
description:
- Packet transmission optimization options including power saving, aggregation
limiting, retry limiting, etc. All are enabled by default.
elements: str
type: list
vap_all:
choices:
- tunnel
- bridge
- manual
- enable
- disable
description:
- Configure method for assigning SSIDs to this FortiAP .
type: str
vaps:
description:
- Manually selected list of Virtual Access Points (VAPs).
elements: dict
suboptions:
name:
description:
- Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name
system.interface.name.
required: true
type: str
type: list
wids_profile:
description:
- Wireless Intrusion Detection System (WIDS) profile name to assign to the
radio. Source wireless-controller.wids-profile.name.
type: str
zero_wait_dfs:
choices:
- enable
- disable
description:
- Enable/disable zero wait DFS on radio .
type: str
type: dict
radio_3:
description:
- Configuration options for radio 3.
suboptions:
airtime_fairness:
choices:
- enable
- disable
description:
- Enable/disable airtime fairness .
type: str
amsdu:
choices:
- enable
- disable
description:
- Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported
by your WiFi clients .
type: str
ap_handoff:
choices:
- enable
- disable
description:
- Enable/disable AP handoff of clients to other APs .
type: str
ap_sniffer_addr:
description:
- MAC address to monitor.
type: str
ap_sniffer_bufsize:
description:
- Sniffer buffer size (1 - 32 MB).
type: int
ap_sniffer_chan:
description:
- Channel on which to operate the sniffer .
type: int
ap_sniffer_ctl:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi control frame .
type: str
ap_sniffer_data:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi data frame .
type: str
ap_sniffer_mgmt_beacon:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management Beacon frames .
type: str
ap_sniffer_mgmt_other:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management other frames .
type: str
ap_sniffer_mgmt_probe:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management probe frames .
type: str
arrp_profile:
description:
- Distributed Automatic Radio Resource Provisioning (DARRP) profile name to
assign to the radio. Source wireless-controller .arrp-profile.name.
type: str
auto_power_high:
description:
- The upper bound of automatic transmit power adjustment in dBm (the actual
range of transmit power depends on the AP platform type).
type: int
auto_power_level:
choices:
- enable
- disable
description:
- Enable/disable automatic power-level adjustment to prevent co-channel interference
.
type: str
auto_power_low:
description:
- The lower bound of automatic transmit power adjustment in dBm (the actual
range of transmit power depends on the AP platform type).
type: int
auto_power_target:
description:
- Target of automatic transmit power adjustment in dBm (-95 to -20).
type: str
band:
choices:
- 802.11a
- 802.11b
- 802.11g
- 802.11n
- 802.11n-5G
- 802.11ac
- 802.11ax-5G
- 802.11ax
- 802.11ac-2G
- 802.11ax-6G
- 802.11n,g-only
- 802.11g-only
- 802.11n-only
- 802.11n-5G-only
- 802.11ac,n-only
- 802.11ac-only
- 802.11ax,ac-only
- 802.11ax,ac,n-only
- 802.11ax-5G-only
- 802.11ax,n-only
- 802.11ax,n,g-only
- 802.11ax-only
description:
- WiFi band that Radio 3 operates on.
type: str
band_5g_type:
choices:
- 5g-full
- 5g-high
- 5g-low
description:
- WiFi 5G band type.
type: str
bandwidth_admission_control:
choices:
- enable
- disable
description:
- Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize
WiFi bandwidth use. A request to join the wireless network is only allowed
if the access point has enough bandwidth to support it.
type: str
bandwidth_capacity:
description:
- Maximum bandwidth capacity allowed (1 - 600000 Kbps).
type: int
beacon_interval:
description:
- Beacon interval. The time between beacon frames in milliseconds. Actual
range of beacon interval depends on the AP platform type .
type: int
bss_color:
description:
- BSS color value for this 11ax radio (0 - 63, disable = 0).
type: int
bss_color_mode:
choices:
- auto
- static
description:
- BSS color mode for this 11ax radio .
type: str
call_admission_control:
choices:
- enable
- disable
description:
- Enable/disable WiFi multimedia (WMM) call admission control to optimize
WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there
is enough bandwidth available to support them.
type: str
call_capacity:
description:
- Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio
(0 - 60).
type: int
channel:
description:
- Selected list of wireless radio channels.
elements: dict
suboptions:
chan:
description:
- Channel number.
required: true
type: str
type: list
channel_bonding:
choices:
- 160MHz
- 80MHz
- 40MHz
- 20MHz
description:
- 'Channel bandwidth: 160,80, 40, or 20MHz. Channels may use both 20 and 40
by enabling coexistence.'
type: str
channel_utilization:
choices:
- enable
- disable
description:
- Enable/disable measuring channel utilization.
type: str
coexistence:
choices:
- enable
- disable
description:
- Enable/disable allowing both HT20 and HT40 on the same radio .
type: str
darrp:
choices:
- enable
- disable
description:
- Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP)
to make sure the radio is always using the most optimal channel .
type: str
drma:
choices:
- disable
- enable
description:
- Enable/disable dynamic radio mode assignment (DRMA) .
type: str
drma_sensitivity:
choices:
- low
- medium
- high
description:
- Network Coverage Factor (NCF) percentage required to consider a radio as
redundant .
type: str
dtim:
description:
- Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save
battery life of WiFi client in power-save mode.
type: int
frag_threshold:
description:
- Maximum packet size that can be sent without fragmentation (800 - 2346 bytes).
type: int
frequency_handoff:
choices:
- enable
- disable
description:
- Enable/disable frequency handoff of clients to other channels .
type: str
iperf_protocol:
choices:
- udp
- tcp
description:
- Iperf test protocol .
type: str
iperf_server_port:
description:
- Iperf service port number.
type: int
max_clients:
description:
- Maximum number of stations (STAs) or WiFi clients supported by the radio.
Range depends on the hardware.
type: int
max_distance:
description:
- Maximum expected distance between the AP and clients (0 - 54000 m).
type: int
mimo_mode:
choices:
- default
- 1x1
- 2x2
- 3x3
- 4x4
- 8x8
description:
- Configure radio MIMO mode .
type: str
mode:
choices:
- disabled
- ap
- monitor
- sniffer
- sam
description:
- Mode of radio 3. Radio 3 can be disabled, configured as an access point,
a rogue AP monitor, a sniffer, or a station.
type: str
optional_antenna:
choices:
- none
- custom
- FANT-04ABGN-0606-O-N
- FANT-04ABGN-1414-P-N
- FANT-04ABGN-8065-P-N
- FANT-04ABGN-0606-O-R
- FANT-04ABGN-0606-P-R
- FANT-10ACAX-1213-D-N
- FANT-08ABGN-1213-D-R
description:
- Optional antenna used on FAP .
type: str
optional_antenna_gain:
description:
- Optional antenna gain in dBi (0 to 20).
type: str
power_level:
description:
- Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100).
type: int
power_mode:
choices:
- dBm
- percentage
description:
- Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage
of the maximum EIRP . This power takes into account both radio transmit
power and antenna gain. Higher power level settings may be constrained by
local regulatory requirements and AP capabilities.
type: str
power_value:
description:
- Radio EIRP power in dBm (1 - 33).
type: int
powersave_optimize:
choices:
- tim
- ac-vo
- no-obss-scan
- no-11b-rate
- client-rate-follow
description:
- Enable client power-saving features such as TIM, AC VO, and OBSS etc.
elements: str
type: list
protection_mode:
choices:
- rtscts
- ctsonly
- disable
description:
- Enable/disable 802.11g protection modes to support backwards compatibility
with older clients (rtscts, ctsonly, disable).
type: str
radio_id:
description:
- radio-id
type: int
rts_threshold:
description:
- Maximum packet size for RTS transmissions, specifying the maximum size of
a data packet before RTS/CTS (256 - 2346 bytes).
type: int
sam_bssid:
description:
- BSSID for WiFi network.
type: str
sam_ca_certificate:
description:
- CA certificate for WPA2/WPA3-ENTERPRISE.
type: str
sam_captive_portal:
choices:
- enable
- disable
description:
- Enable/disable Captive Portal Authentication .
type: str
sam_client_certificate:
description:
- Client certificate for WPA2/WPA3-ENTERPRISE.
type: str
sam_cwp_failure_string:
description:
- Failure identification on the page after an incorrect login.
type: str
sam_cwp_match_string:
description:
- Identification string from the captive portal login form.
type: str
sam_cwp_password:
description:
- Password for captive portal authentication.
type: str
sam_cwp_success_string:
description:
- Success identification on the page after a successful login.
type: str
sam_cwp_test_url:
description:
- Website the client is trying to access.
type: str
sam_cwp_username:
description:
- Username for captive portal authentication.
type: str
sam_eap_method:
choices:
- both
- tls
- peap
description:
- Select WPA2/WPA3-ENTERPRISE EAP Method .
type: str
sam_password:
description:
- Passphrase for WiFi network connection.
type: str
sam_private_key:
description:
- Private key for WPA2/WPA3-ENTERPRISE.
type: str
sam_private_key_password:
description:
- Password for private key file for WPA2/WPA3-ENTERPRISE.
type: str
sam_report_intv:
description:
- SAM report interval (sec), 0 for a one-time report.
type: int
sam_security_type:
choices:
- open
- wpa-personal
- wpa-enterprise
- wpa3-sae
- owe
description:
- Select WiFi network security type .
type: str
sam_server:
description:
- SAM test server IP address or domain name.
type: str
sam_server_fqdn:
description:
- SAM test server domain name.
type: str
sam_server_ip:
description:
- SAM test server IP address.
type: str
sam_server_type:
choices:
- ip
- fqdn
description:
- Select SAM server type .
type: str
sam_ssid:
description:
- SSID for WiFi network.
type: str
sam_test:
choices:
- ping
- iperf
description:
- Select SAM test type .
type: str
sam_username:
description:
- Username for WiFi network connection.
type: str
set_80211d:
choices:
- enable
- disable
description:
- Enable/disable 802.11d countryie.
type: str
short_guard_interval:
choices:
- enable
- disable
description:
- Use either the short guard interval (Short GI) of 400 ns or the long guard
interval (Long GI) of 800 ns.
type: str
spectrum_analysis:
choices:
- enable
- scan-only
- disable
description:
- Enable/disable spectrum analysis to find interference that would negatively
impact wireless performance.
type: str
transmit_optimize:
choices:
- disable
- power-save
- aggr-limit
- retry-limit
- send-bar
description:
- Packet transmission optimization options including power saving, aggregation
limiting, retry limiting, etc. All are enabled by default.
elements: str
type: list
vap_all:
choices:
- tunnel
- bridge
- manual
- enable
- disable
description:
- Configure method for assigning SSIDs to this FortiAP .
type: str
vaps:
description:
- Manually selected list of Virtual Access Points (VAPs).
elements: dict
suboptions:
name:
description:
- Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name
system.interface.name.
required: true
type: str
type: list
wids_profile:
description:
- Wireless Intrusion Detection System (WIDS) profile name to assign to the
radio. Source wireless-controller.wids-profile.name.
type: str
zero_wait_dfs:
choices:
- enable
- disable
description:
- Enable/disable zero wait DFS on radio .
type: str
type: dict
radio_4:
description:
- Configuration options for radio 4.
suboptions:
airtime_fairness:
choices:
- enable
- disable
description:
- Enable/disable airtime fairness .
type: str
amsdu:
choices:
- enable
- disable
description:
- Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported
by your WiFi clients .
type: str
ap_handoff:
choices:
- enable
- disable
description:
- Enable/disable AP handoff of clients to other APs .
type: str
ap_sniffer_addr:
description:
- MAC address to monitor.
type: str
ap_sniffer_bufsize:
description:
- Sniffer buffer size (1 - 32 MB).
type: int
ap_sniffer_chan:
description:
- Channel on which to operate the sniffer .
type: int
ap_sniffer_ctl:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi control frame .
type: str
ap_sniffer_data:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi data frame .
type: str
ap_sniffer_mgmt_beacon:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management Beacon frames .
type: str
ap_sniffer_mgmt_other:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management other frames .
type: str
ap_sniffer_mgmt_probe:
choices:
- enable
- disable
description:
- Enable/disable sniffer on WiFi management probe frames .
type: str
arrp_profile:
description:
- Distributed Automatic Radio Resource Provisioning (DARRP) profile name to
assign to the radio. Source wireless-controller .arrp-profile.name.
type: str
auto_power_high:
description:
- The upper bound of automatic transmit power adjustment in dBm (the actual
range of transmit power depends on the AP platform type).
type: int
auto_power_level:
choices:
- enable
- disable
description:
- Enable/disable automatic power-level adjustment to prevent co-channel interference
.
type: str
auto_power_low:
description:
- The lower bound of automatic transmit power adjustment in dBm (the actual
range of transmit power depends on the AP platform type).
type: int
auto_power_target:
description:
- Target of automatic transmit power adjustment in dBm (-95 to -20).
type: str
band:
choices:
- 802.11a
- 802.11b
- 802.11g
- 802.11n
- 802.11n-5G
- 802.11ac
- 802.11ax-5G
- 802.11ax
- 802.11ac-2G
- 802.11ax-6G
- 802.11n,g-only
- 802.11g-only
- 802.11n-only
- 802.11n-5G-only
- 802.11ac,n-only
- 802.11ac-only
- 802.11ax,ac-only
- 802.11ax,ac,n-only
- 802.11ax-5G-only
- 802.11ax,n-only
- 802.11ax,n,g-only
- 802.11ax-only
description:
- WiFi band that Radio 4 operates on.
type: str
band_5g_type:
choices:
- 5g-full
- 5g-high
- 5g-low
description:
- WiFi 5G band type.
type: str
bandwidth_admission_control:
choices:
- enable
- disable
description:
- Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize
WiFi bandwidth use. A request to join the wireless network is only allowed
if the access point has enough bandwidth to support it.
type: str
bandwidth_capacity:
description:
- Maximum bandwidth capacity allowed (1 - 600000 Kbps).
type: int
beacon_interval:
description:
- Beacon interval. The time between beacon frames in milliseconds. Actual
range of beacon interval depends on the AP platform type .
type: int
bss_color:
description:
- BSS color value for this 11ax radio (0 - 63, disable = 0).
type: int
bss_color_mode:
choices:
- auto
- static
description:
- BSS color mode for this 11ax radio .
type: str
call_admission_control:
choices:
- enable
- disable
description:
- Enable/disable WiFi multimedia (WMM) call admission control to optimize
WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there
is enough bandwidth available to support them.
type: str
call_capacity:
description:
- Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio
(0 - 60).
type: int
channel:
description:
- Selected list of wireless radio channels.
elements: dict
suboptions:
chan:
description:
- Channel number.
required: true
type: str
type: list
channel_bonding:
choices:
- 160MHz
- 80MHz
- 40MHz
- 20MHz
description:
- 'Channel bandwidth: 160,80, 40, or 20MHz. Channels may use both 20 and 40
by enabling coexistence.'
type: str
channel_utilization:
choices:
- enable
- disable
description:
- Enable/disable measuring channel utilization.
type: str
coexistence:
choices:
- enable
- disable
description:
- Enable/disable allowing both HT20 and HT40 on the same radio .
type: str
darrp:
choices:
- enable
- disable
description:
- Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP)
to make sure the radio is always using the most optimal channel .
type: str
drma:
choices:
- disable
- enable
description:
- Enable/disable dynamic radio mode assignment (DRMA) .
type: str
drma_sensitivity:
choices:
- low
- medium
- high
description:
- Network Coverage Factor (NCF) percentage required to consider a radio as
redundant .
type: str
dtim:
description:
- Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save
battery life of WiFi client in power-save mode.
type: int
frag_threshold:
description:
- Maximum packet size that can be sent without fragmentation (800 - 2346 bytes).
type: int
frequency_handoff:
choices:
- enable
- disable
description:
- Enable/disable frequency handoff of clients to other channels .
type: str
iperf_protocol:
choices:
- udp
- tcp
description:
- Iperf test protocol .
type: str
iperf_server_port:
description:
- Iperf service port number.
type: int
max_clients:
description:
- Maximum number of stations (STAs) or WiFi clients supported by the radio.
Range depends on the hardware.
type: int
max_distance:
description:
- Maximum expected distance between the AP and clients (0 - 54000 m).
type: int
mimo_mode:
choices:
- default
- 1x1
- 2x2
- 3x3
- 4x4
- 8x8
description:
- Configure radio MIMO mode .
type: str
mode:
choices:
- disabled
- ap
- monitor
- sniffer
- sam
description:
- Mode of radio 4. Radio 4 can be disabled, configured as an access point,
a rogue AP monitor, a sniffer, or a station.
type: str
optional_antenna:
choices:
- none
- custom
- FANT-04ABGN-0606-O-N
- FANT-04ABGN-1414-P-N
- FANT-04ABGN-8065-P-N
- FANT-04ABGN-0606-O-R
- FANT-04ABGN-0606-P-R
- FANT-10ACAX-1213-D-N
- FANT-08ABGN-1213-D-R
description:
- Optional antenna used on FAP .
type: str
optional_antenna_gain:
description:
- Optional antenna gain in dBi (0 to 20).
type: str
power_level:
description:
- Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100).
type: int
power_mode:
choices:
- dBm
- percentage
description:
- Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage
of the maximum EIRP . This power takes into account both radio transmit
power and antenna gain. Higher power level settings may be constrained by
local regulatory requirements and AP capabilities.
type: str
power_value:
description:
- Radio EIRP power in dBm (1 - 33).
type: int
powersave_optimize:
choices:
- tim
- ac-vo
- no-obss-scan
- no-11b-rate
- client-rate-follow
description:
- Enable client power-saving features such as TIM, AC VO, and OBSS etc.
elements: str
type: list
protection_mode:
choices:
- rtscts
- ctsonly
- disable
description:
- Enable/disable 802.11g protection modes to support backwards compatibility
with older clients (rtscts, ctsonly, disable).
type: str
rts_threshold:
description:
- Maximum packet size for RTS transmissions, specifying the maximum size of
a data packet before RTS/CTS (256 - 2346 bytes).
type: int
sam_bssid:
description:
- BSSID for WiFi network.
type: str
sam_ca_certificate:
description:
- CA certificate for WPA2/WPA3-ENTERPRISE.
type: str
sam_captive_portal:
choices:
- enable
- disable
description:
- Enable/disable Captive Portal Authentication .
type: str
sam_client_certificate:
description:
- Client certificate for WPA2/WPA3-ENTERPRISE.
type: str
sam_cwp_failure_string:
description:
- Failure identification on the page after an incorrect login.
type: str
sam_cwp_match_string:
description:
- Identification string from the captive portal login form.
type: str
sam_cwp_password:
description:
- Password for captive portal authentication.
type: str
sam_cwp_success_string:
description:
- Success identification on the page after a successful login.
type: str
sam_cwp_test_url:
description:
- Website the client is trying to access.
type: str
sam_cwp_username:
description:
- Username for captive portal authentication.
type: str
sam_eap_method:
choices:
- both
- tls
- peap
description:
- Select WPA2/WPA3-ENTERPRISE EAP Method .
type: str
sam_password:
description:
- Passphrase for WiFi network connection.
type: str
sam_private_key:
description:
- Private key for WPA2/WPA3-ENTERPRISE.
type: str
sam_private_key_password:
description:
- Password for private key file for WPA2/WPA3-ENTERPRISE.
type: str
sam_report_intv:
description:
- SAM report interval (sec), 0 for a one-time report.
type: int
sam_security_type:
choices:
- open
- wpa-personal
- wpa-enterprise
- wpa3-sae
- owe
description:
- Select WiFi network security type .
type: str
sam_server:
description:
- SAM test server IP address or domain name.
type: str
sam_server_fqdn:
description:
- SAM test server domain name.
type: str
sam_server_ip:
description:
- SAM test server IP address.
type: str
sam_server_type:
choices:
- ip
- fqdn
description:
- Select SAM server type .
type: str
sam_ssid:
description:
- SSID for WiFi network.
type: str
sam_test:
choices:
- ping
- iperf
description:
- Select SAM test type .
type: str
sam_username:
description:
- Username for WiFi network connection.
type: str
set_80211d:
choices:
- enable
- disable
description:
- Enable/disable 802.11d countryie.
type: str
short_guard_interval:
choices:
- enable
- disable
description:
- Use either the short guard interval (Short GI) of 400 ns or the long guard
interval (Long GI) of 800 ns.
type: str
spectrum_analysis:
choices:
- enable
- scan-only
- disable
description:
- Enable/disable spectrum analysis to find interference that would negatively
impact wireless performance.
type: str
transmit_optimize:
choices:
- disable
- power-save
- aggr-limit
- retry-limit
- send-bar
description:
- Packet transmission optimization options including power saving, aggregation
limiting, retry limiting, etc. All are enabled by default.
elements: str
type: list
vap_all:
choices:
- tunnel
- bridge
- manual
- enable
- disable
description:
- Configure method for assigning SSIDs to this FortiAP .
type: str
vaps:
description:
- Manually selected list of Virtual Access Points (VAPs).
elements: dict
suboptions:
name:
description:
- Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name
system.interface.name.
required: true
type: str
type: list
wids_profile:
description:
- Wireless Intrusion Detection System (WIDS) profile name to assign to the
radio. Source wireless-controller.wids-profile.name.
type: str
zero_wait_dfs:
choices:
- enable
- disable
description:
- Enable/disable zero wait DFS on radio .
type: str
type: dict
split_tunneling_acl:
description:
- Split tunneling ACL filter list.
elements: dict
suboptions:
dest_ip:
description:
- Destination IP and mask for the split-tunneling subnet.
type: str
id:
description:
- ID. see <a href='#notes'>Notes</a>.
required: true
type: int
type: list
split_tunneling_acl_local_ap_subnet:
choices:
- enable
- disable
description:
- Enable/disable automatically adding local subnetwork of FortiAP to split-tunneling
ACL .
type: str
split_tunneling_acl_path:
choices:
- tunnel
- local
description:
- Split tunneling ACL path is local/tunnel.
type: str
syslog_profile:
description:
- System log server configuration profile name. Source wireless-controller.syslog-profile.name.
type: str
tun_mtu_downlink:
description:
- The MTU of downlink CAPWAP tunnel (576 - 1500 bytes or 0; 0 means the local
MTU of FortiAP; ).
type: int
tun_mtu_uplink:
description:
- The maximum transmission unit (MTU) of uplink CAPWAP tunnel (576 - 1500 bytes
or 0; 0 means the local MTU of FortiAP; ).
type: int
unii_4_5ghz_band:
choices:
- enable
- disable
description:
- Enable/disable UNII-4 5Ghz band channels .
type: str
wan_port_auth:
choices:
- none
- 802.1x
description:
- Set WAN port authentication mode .
type: str
wan_port_auth_macsec:
choices:
- enable
- disable
description:
- Enable/disable WAN port 802.1x supplicant MACsec policy .
type: str
wan_port_auth_methods:
choices:
- all
- EAP-FAST
- EAP-TLS
- EAP-PEAP
description:
- WAN port 802.1x supplicant EAP methods .
type: str
wan_port_auth_password:
description:
- Set WAN port 802.1x supplicant password.
type: str
wan_port_auth_usrname:
description:
- Set WAN port 802.1x supplicant user name.
type: str
wan_port_mode:
choices:
- wan-lan
- wan-only
description:
- Enable/disable using a WAN port as a LAN port.
type: str
type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str