lix_fortinet / lix_fortinet.fortios / 102.2.120 / module / fortios_system_dhcp_server Configure DHCP servers in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of lix_fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communitylix_fortinet.fortios.fortios_system_dhcp_server (102.2.120) — module
Install with ansible-galaxy collection install lix_fortinet.fortios:==102.2.120
collections: - name: lix_fortinet.fortios version: 102.2.120
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system_dhcp feature and server category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Configure DHCP servers. fortios_system_dhcp_server: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" system_dhcp_server: auto_configuration: "disable" auto_managed_status: "disable" conflicted_ip_timeout: "1800" ddns_auth: "disable" ddns_key: "<your_own_value>" ddns_keyname: "<your_own_value>" ddns_server_ip: "<your_own_value>" ddns_ttl: "300" ddns_update: "disable" ddns_update_override: "disable" ddns_zone: "<your_own_value>" default_gateway: "<your_own_value>" dhcp_settings_from_fortiipam: "disable" dns_server1: "<your_own_value>" dns_server2: "<your_own_value>" dns_server3: "<your_own_value>" dns_server4: "<your_own_value>" dns_service: "local" domain: "<your_own_value>" exclude_range: - end_ip: "<your_own_value>" id: "24" start_ip: "<your_own_value>" vci_match: "disable" vci_string: - vci_string: "<your_own_value>" filename: "<your_own_value>" forticlient_on_net_status: "disable" id: "31" interface: "<your_own_value> (source system.interface.name)" ip_mode: "range" ip_range: - end_ip: "<your_own_value>" id: "36" start_ip: "<your_own_value>" vci_match: "disable" vci_string: - vci_string: "<your_own_value>" ipsec_lease_hold: "60" lease_time: "604800" mac_acl_default_action: "assign" netmask: "<your_own_value>" next_server: "<your_own_value>" ntp_server1: "<your_own_value>" ntp_server2: "<your_own_value>" ntp_server3: "<your_own_value>" ntp_service: "local" options: - code: "0" id: "52" ip: "<your_own_value>" type: "hex" value: "<your_own_value>" vci_match: "disable" vci_string: - vci_string: "<your_own_value>" reserved_address: - action: "assign" circuit_id: "<your_own_value>" circuit_id_type: "hex" description: "<your_own_value>" id: "64" ip: "<your_own_value>" mac: "<your_own_value>" remote_id: "<your_own_value>" remote_id_type: "hex" type: "mac" server_type: "regular" status: "disable" tftp_server: - tftp_server: "<your_own_value>" timezone: "01" timezone_option: "disable" vci_match: "disable" vci_string: - vci_string: "<your_own_value>" wifi_ac_service: "specify" wifi_ac1: "<your_own_value>" wifi_ac2: "<your_own_value>" wifi_ac3: "<your_own_value>" wins_server1: "<your_own_value>" wins_server2: "<your_own_value>"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str state: choices: - present - absent description: - Indicates whether to create or remove the object. required: true type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str system_dhcp_server: default: null description: - Configure DHCP servers. suboptions: auto_configuration: choices: - disable - enable description: - Enable/disable auto configuration. type: str auto_managed_status: choices: - disable - enable description: - Enable/disable use of this DHCP server once this interface has been assigned an IP address from FortiIPAM. type: str conflicted_ip_timeout: description: - Time in seconds to wait after a conflicted IP address is removed from the DHCP range before it can be reused. type: int ddns_auth: choices: - disable - tsig description: - DDNS authentication mode. type: str ddns_key: description: - DDNS update key (base 64 encoding). type: str ddns_keyname: description: - DDNS update key name. type: str ddns_server_ip: description: - DDNS server IP. type: str ddns_ttl: description: - TTL. type: int ddns_update: choices: - disable - enable description: - Enable/disable DDNS update for DHCP. type: str ddns_update_override: choices: - disable - enable description: - Enable/disable DDNS update override for DHCP. type: str ddns_zone: description: - Zone of your domain name (ex. DDNS.com). type: str default_gateway: description: - Default gateway IP address assigned by the DHCP server. type: str dhcp_settings_from_fortiipam: choices: - disable - enable description: - Enable/disable populating of DHCP server settings from FortiIPAM. type: str dns_server1: description: - DNS server 1. type: str dns_server2: description: - DNS server 2. type: str dns_server3: description: - DNS server 3. type: str dns_server4: description: - DNS server 4. type: str dns_service: choices: - local - default - specify description: - Options for assigning DNS servers to DHCP clients. type: str domain: description: - Domain name suffix for the IP addresses that the DHCP server assigns to clients. type: str exclude_range: description: - Exclude one or more ranges of IP addresses from being assigned to clients. elements: dict suboptions: end_ip: description: - End of IP range. type: str id: description: - ID. type: int start_ip: description: - Start of IP range. type: str vci_match: choices: - disable - enable description: - Enable/disable vendor class identifier (VCI) matching. When enabled only DHCP requests with a matching VCI are served with this range. type: str vci_string: description: - One or more VCI strings in quotes separated by spaces. elements: dict suboptions: vci_string: description: - VCI strings. type: str type: list type: list filename: description: - Name of the boot file on the TFTP server. type: str forticlient_on_net_status: choices: - disable - enable description: - Enable/disable FortiClient-On-Net service for this DHCP server. type: str id: description: - ID. required: true type: int interface: description: - DHCP server can assign IP configurations to clients connected to this interface. Source system.interface.name. type: str ip_mode: choices: - range - usrgrp description: - Method used to assign client IP. type: str ip_range: description: - DHCP IP range configuration. elements: dict suboptions: end_ip: description: - End of IP range. type: str id: description: - ID. type: int start_ip: description: - Start of IP range. type: str vci_match: choices: - disable - enable description: - Enable/disable vendor class identifier (VCI) matching. When enabled only DHCP requests with a matching VCI are served with this range. type: str vci_string: description: - One or more VCI strings in quotes separated by spaces. elements: dict suboptions: vci_string: description: - VCI strings. type: str type: list type: list ipsec_lease_hold: description: - DHCP over IPsec leases expire this many seconds after tunnel down (0 to disable forced-expiry). type: int lease_time: description: - Lease time in seconds, 0 means unlimited. type: int mac_acl_default_action: choices: - assign - block description: - MAC access control default action (allow or block assigning IP settings). type: str netmask: description: - Netmask assigned by the DHCP server. type: str next_server: description: - IP address of a server (for example, a TFTP sever) that DHCP clients can download a boot file from. type: str ntp_server1: description: - NTP server 1. type: str ntp_server2: description: - NTP server 2. type: str ntp_server3: description: - NTP server 3. type: str ntp_service: choices: - local - default - specify description: - Options for assigning Network Time Protocol (NTP) servers to DHCP clients. type: str options: description: - DHCP options. elements: dict suboptions: code: description: - DHCP option code. type: int id: description: - ID. type: int ip: description: - DHCP option IPs. elements: str type: list type: choices: - hex - string - ip - fqdn description: - DHCP option type. type: str value: description: - DHCP option value. type: str vci_match: choices: - disable - enable description: - Enable/disable vendor class identifier (VCI) matching. When enabled only DHCP requests with a matching VCI are served with this option. type: str vci_string: description: - One or more VCI strings in quotes separated by spaces. elements: dict suboptions: vci_string: description: - VCI strings. type: str type: list type: list reserved_address: description: - Options for the DHCP server to assign IP settings to specific MAC addresses. elements: dict suboptions: action: choices: - assign - block - reserved description: - Options for the DHCP server to configure the client with the reserved MAC address. type: str circuit_id: description: - Option 82 circuit-ID of the client that will get the reserved IP address. type: str circuit_id_type: choices: - hex - string description: - DHCP option type. type: str description: description: - Description. type: str id: description: - ID. type: int ip: description: - IP address to be reserved for the MAC address. type: str mac: description: - MAC address of the client that will get the reserved IP address. type: str remote_id: description: - Option 82 remote-ID of the client that will get the reserved IP address. type: str remote_id_type: choices: - hex - string description: - DHCP option type. type: str type: choices: - mac - option82 description: - DHCP reserved-address type. type: str type: list server_type: choices: - regular - ipsec description: - DHCP server can be a normal DHCP server or an IPsec DHCP server. type: str status: choices: - disable - enable description: - Enable/disable this DHCP configuration. type: str tftp_server: description: - One or more hostnames or IP addresses of the TFTP servers in quotes separated by spaces. elements: dict suboptions: tftp_server: description: - TFTP server. type: str type: list timezone: choices: - '01' - '02' - '03' - '04' - '05' - '81' - '06' - '07' - 08 - 09 - '10' - '11' - '12' - '13' - '74' - '14' - '77' - '15' - '87' - '16' - '17' - '18' - '19' - '20' - '75' - '21' - '22' - '23' - '24' - '80' - '79' - '25' - '26' - '27' - '28' - '78' - '29' - '30' - '31' - '32' - '33' - '34' - '35' - '36' - '37' - '38' - '83' - '84' - '40' - '85' - '39' - '41' - '42' - '43' - '44' - '45' - '46' - '47' - '51' - '48' - '49' - '50' - '52' - '53' - '54' - '55' - '56' - '57' - '58' - '59' - '60' - '61' - '62' - '63' - '64' - '65' - '66' - '67' - '68' - '69' - '70' - '71' - '72' - '00' - '82' - '73' - '86' - '76' description: - Select the time zone to be assigned to DHCP clients. type: str timezone_option: choices: - disable - default - specify description: - Options for the DHCP server to set the client"s time zone. type: str vci_match: choices: - disable - enable description: - Enable/disable vendor class identifier (VCI) matching. When enabled only DHCP requests with a matching VCI are served. type: str vci_string: description: - One or more VCI strings in quotes separated by spaces. elements: dict suboptions: vci_string: description: - VCI strings. type: str type: list wifi_ac1: description: - WiFi Access Controller 1 IP address (DHCP option 138, RFC 5417). type: str wifi_ac2: description: - WiFi Access Controller 2 IP address (DHCP option 138, RFC 5417). type: str wifi_ac3: description: - WiFi Access Controller 3 IP address (DHCP option 138, RFC 5417). type: str wifi_ac_service: choices: - specify - local description: - Options for assigning WiFi access controllers to DHCP clients. type: str wins_server1: description: - WINS server 1. type: str wins_server2: description: - WINS server 2. type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str