Try SpotterConfigure interfaces in Fortinet's FortiOS and FortiGate.
| "added in version" 2.0.0 of lix_fortinet.fortios"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico)
preview | supported by community
Install with ansible-galaxy collection install lix_fortinet.fortios:==102.2.120
collections:
- name: lix_fortinet.fortios
version: 102.2.120This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and interface category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure interfaces.
fortios_system_interface:
vdom: "{{ vdom }}"
state: "present"
access_token: "<your_own_value>"
system_interface:
ac_name: "<your_own_value>"
aggregate: "<your_own_value>"
aggregate_type: "physical"
algorithm: "L2"
alias: "<your_own_value>"
allowaccess: "ping"
ap_discover: "enable"
arpforward: "enable"
auth_cert: "<your_own_value> (source vpn.certificate.local.name)"
auth_portal_addr: "<your_own_value>"
auth_type: "auto"
auto_auth_extension_device: "enable"
bandwidth_measure_time: "0"
bfd: "global"
bfd_desired_min_tx: "250"
bfd_detect_mult: "3"
bfd_required_min_rx: "250"
broadcast_forticlient_discovery: "enable"
broadcast_forward: "enable"
captive_portal: "2147483647"
cli_conn_status: "0"
client_options:
-
code: "0"
id: "26"
ip: "<your_own_value>"
type: "hex"
value: "<your_own_value>"
color: "0"
dedicated_to: "none"
defaultgw: "enable"
description: "<your_own_value>"
detected_peer_mtu: "0"
detectprotocol: "ping"
detectserver: "<your_own_value>"
device_access_list: "<your_own_value>"
device_identification: "enable"
device_identification_active_scan: "enable"
device_netscan: "disable"
device_user_identification: "enable"
devindex: "0"
dhcp_classless_route_addition: "enable"
dhcp_client_identifier: "myId_44"
dhcp_relay_agent_option: "enable"
dhcp_relay_interface: "<your_own_value> (source system.interface.name)"
dhcp_relay_interface_select_method: "auto"
dhcp_relay_ip: "<your_own_value>"
dhcp_relay_link_selection: "<your_own_value>"
dhcp_relay_request_all_server: "disable"
dhcp_relay_service: "disable"
dhcp_relay_type: "regular"
dhcp_renew_time: "0"
dhcp_snooping_server_list:
-
name: "default_name_55"
server_ip: "<your_own_value>"
disc_retry_timeout: "1"
disconnect_threshold: "0"
distance: "5"
dns_server_override: "enable"
dns_server_protocol: "cleartext"
drop_fragment: "enable"
drop_overlapped_fragment: "enable"
eap_ca_cert: "<your_own_value> (source certificate.ca.name)"
eap_identity: "<your_own_value>"
eap_method: "tls"
eap_password: "<your_own_value>"
eap_supplicant: "enable"
eap_user_cert: "<your_own_value> (source certificate.local.name)"
egress_cos: "disable"
egress_queues:
cos0: "<your_own_value> (source system.isf-queue-profile.name)"
cos1: "<your_own_value> (source system.isf-queue-profile.name)"
cos2: "<your_own_value> (source system.isf-queue-profile.name)"
cos3: "<your_own_value> (source system.isf-queue-profile.name)"
cos4: "<your_own_value> (source system.isf-queue-profile.name)"
cos5: "<your_own_value> (source system.isf-queue-profile.name)"
cos6: "<your_own_value> (source system.isf-queue-profile.name)"
cos7: "<your_own_value> (source system.isf-queue-profile.name)"
egress_shaping_profile: "<your_own_value> (source firewall.shaping-profile.profile-name)"
endpoint_compliance: "enable"
estimated_downstream_bandwidth: "0"
estimated_upstream_bandwidth: "0"
explicit_ftp_proxy: "enable"
explicit_web_proxy: "enable"
external: "enable"
fail_action_on_extender: "soft-restart"
fail_alert_interfaces:
-
name: "default_name_89 (source system.interface.name)"
fail_alert_method: "link-failed-signal"
fail_detect: "enable"
fail_detect_option: "detectserver"
fortiheartbeat: "enable"
fortilink: "enable"
fortilink_backup_link: "0"
fortilink_neighbor_detect: "lldp"
fortilink_split_interface: "enable"
fortilink_stacking: "enable"
forward_domain: "0"
gi_gk: "enable"
gwdetect: "enable"
ha_priority: "1"
icmp_accept_redirect: "enable"
icmp_send_redirect: "enable"
ident_accept: "enable"
idle_timeout: "0"
ike_saml_server: "<your_own_value> (source user.saml.name)"
inbandwidth: "0"
ingress_cos: "disable"
ingress_shaping_profile: "<your_own_value> (source firewall.shaping-profile.profile-name)"
ingress_spillover_threshold: "0"
interface: "<your_own_value> (source system.interface.name)"
internal: "0"
ip: "<your_own_value>"
ip_managed_by_fortiipam: "enable"
ipmac: "enable"
ips_sniffer_mode: "enable"
ipunnumbered: "<your_own_value>"
ipv6:
autoconf: "enable"
cli_conn6_status: "0"
dhcp6_client_options: "rapid"
dhcp6_iapd_list:
-
iaid: "0"
prefix_hint: "<your_own_value>"
prefix_hint_plt: "604800"
prefix_hint_vlt: "2592000"
dhcp6_information_request: "enable"
dhcp6_prefix_delegation: "enable"
dhcp6_prefix_hint: "<your_own_value>"
dhcp6_prefix_hint_plt: "604800"
dhcp6_prefix_hint_vlt: "2592000"
dhcp6_relay_ip: "<your_own_value>"
dhcp6_relay_service: "disable"
dhcp6_relay_type: "regular"
icmp6_send_redirect: "enable"
interface_identifier: "myId_137"
ip6_address: "<your_own_value>"
ip6_allowaccess: "ping"
ip6_default_life: "1800"
ip6_delegated_prefix_iaid: "0"
ip6_delegated_prefix_list:
-
autonomous_flag: "enable"
delegated_prefix_iaid: "0"
onlink_flag: "enable"
prefix_id: "0"
rdnss: "<your_own_value>"
rdnss_service: "delegated"
subnet: "<your_own_value>"
upstream_interface: "<your_own_value> (source system.interface.name)"
ip6_dns_server_override: "enable"
ip6_extra_addr:
-
prefix: "<your_own_value>"
ip6_hop_limit: "0"
ip6_link_mtu: "0"
ip6_manage_flag: "enable"
ip6_max_interval: "600"
ip6_min_interval: "198"
ip6_mode: "static"
ip6_other_flag: "enable"
ip6_prefix_list:
-
autonomous_flag: "enable"
dnssl:
-
domain: "<your_own_value>"
onlink_flag: "enable"
preferred_life_time: "604800"
prefix: "<your_own_value>"
rdnss: "<your_own_value>"
valid_life_time: "2592000"
ip6_prefix_mode: "dhcp6"
ip6_reachable_time: "0"
ip6_retrans_time: "0"
ip6_send_adv: "enable"
ip6_subnet: "<your_own_value>"
ip6_upstream_interface: "<your_own_value> (source system.interface.name)"
nd_cert: "<your_own_value> (source certificate.local.name)"
nd_cga_modifier: "<your_own_value>"
nd_mode: "basic"
nd_security_level: "0"
nd_timestamp_delta: "300"
nd_timestamp_fuzz: "1"
ra_send_mtu: "enable"
unique_autoconf_addr: "enable"
vrip6_link_local: "<your_own_value>"
vrrp_virtual_mac6: "enable"
vrrp6:
-
accept_mode: "enable"
adv_interval: "1"
preempt: "enable"
priority: "100"
start_time: "3"
status: "enable"
vrdst6: "<your_own_value>"
vrgrp: "0"
vrid: "0"
vrip6: "<your_own_value>"
l2forward: "enable"
lacp_ha_secondary: "enable"
lacp_ha_slave: "enable"
lacp_mode: "static"
lacp_speed: "slow"
lcp_echo_interval: "5"
lcp_max_echo_fails: "3"
link_up_delay: "50"
lldp_network_policy: "<your_own_value> (source system.lldp.network-policy.name)"
lldp_reception: "enable"
lldp_transmission: "enable"
macaddr: "<your_own_value>"
managed_device:
-
name: "default_name_210"
managed_subnetwork_size: "32"
management_ip: "<your_own_value>"
measured_downstream_bandwidth: "0"
measured_upstream_bandwidth: "0"
mediatype: "cfp2-sr10"
member:
-
interface_name: "<your_own_value> (source system.interface.name)"
min_links: "1"
min_links_down: "operational"
mode: "static"
monitor_bandwidth: "enable"
mtu: "1500"
mtu_override: "enable"
name: "default_name_224"
ndiscforward: "enable"
netbios_forward: "disable"
netflow_sampler: "disable"
outbandwidth: "0"
padt_retry_timeout: "1"
password: "<your_own_value>"
ping_serv_status: "0"
polling_interval: "20"
pppoe_unnumbered_negotiate: "enable"
pptp_auth_type: "auto"
pptp_client: "enable"
pptp_password: "<your_own_value>"
pptp_server_ip: "<your_own_value>"
pptp_timeout: "0"
pptp_user: "<your_own_value>"
preserve_session_route: "enable"
priority: "1"
priority_override: "enable"
proxy_captive_portal: "enable"
reachable_time: "30000"
redundant_interface: "<your_own_value>"
remote_ip: "<your_own_value>"
replacemsg_override_group: "<your_own_value>"
ring_rx: "0"
ring_tx: "0"
role: "lan"
sample_direction: "tx"
sample_rate: "2000"
scan_botnet_connections: "disable"
secondary_IP: "enable"
secondaryip:
-
allowaccess: "ping"
detectprotocol: "ping"
detectserver: "<your_own_value>"
gwdetect: "enable"
ha_priority: "1"
id: "261"
ip: "<your_own_value>"
ping_serv_status: "0"
security_exempt_list: "<your_own_value>"
security_external_logout: "<your_own_value>"
security_external_web: "<your_own_value>"
security_groups:
-
name: "default_name_268 (source user.group.name)"
security_mac_auth_bypass: "mac-auth-only"
security_mode: "none"
security_redirect_url: "<your_own_value>"
service_name: "<your_own_value>"
sflow_sampler: "enable"
snmp_index: "0"
speed: "auto"
spillover_threshold: "0"
src_check: "enable"
status: "up"
stp: "disable"
stp_ha_secondary: "disable"
stp_ha_slave: "disable"
stpforward: "enable"
stpforward_mode: "rpl-all-ext-id"
subst: "enable"
substitute_dst_mac: "<your_own_value>"
sw_algorithm: "l2"
swc_first_create: "0"
swc_vlan: "0"
switch: "<your_own_value>"
switch_controller_access_vlan: "enable"
switch_controller_arp_inspection: "enable"
switch_controller_dhcp_snooping: "enable"
switch_controller_dhcp_snooping_option82: "enable"
switch_controller_dhcp_snooping_verify_mac: "enable"
switch_controller_dynamic: "<your_own_value> (source switch-controller.fortilink-settings.name)"
switch_controller_feature: "none"
switch_controller_igmp_snooping: "enable"
switch_controller_igmp_snooping_fast_leave: "enable"
switch_controller_igmp_snooping_proxy: "enable"
switch_controller_iot_scanning: "enable"
switch_controller_learning_limit: "0"
switch_controller_mgmt_vlan: "4094"
switch_controller_nac: "<your_own_value> (source switch-controller.fortilink-settings.name)"
switch_controller_netflow_collect: "disable"
switch_controller_rspan_mode: "disable"
switch_controller_source_ip: "outbound"
switch_controller_traffic_policy: "<your_own_value> (source switch-controller.traffic-policy.name)"
system_id: "<your_own_value>"
system_id_type: "auto"
tagging:
-
category: "<your_own_value> (source system.object-tagging.category)"
name: "default_name_312"
tags:
-
name: "default_name_314 (source system.object-tagging.tags.name)"
tcp_mss: "0"
trust_ip_1: "<your_own_value>"
trust_ip_2: "<your_own_value>"
trust_ip_3: "<your_own_value>"
trust_ip6_1: "<your_own_value>"
trust_ip6_2: "<your_own_value>"
trust_ip6_3: "<your_own_value>"
type: "physical"
username: "<your_own_value>"
vdom: "<your_own_value> (source system.vdom.name)"
vindex: "0"
vlan_protocol: "8021q"
vlanforward: "enable"
vlanid: "0"
vrf: "0"
vrrp:
-
accept_mode: "enable"
adv_interval: "1"
ignore_default_route: "enable"
preempt: "enable"
priority: "100"
proxy_arp:
-
id: "337"
ip: "<your_own_value>"
start_time: "3"
status: "enable"
version: "2"
vrdst: "<your_own_value>"
vrdst_priority: "0"
vrgrp: "0"
vrid: "0"
vrip: "<your_own_value>"
vrrp_virtual_mac: "enable"
wccp: "enable"
weight: "0"
wins_ip: "<your_own_value>"
vdom:
default: root
description:
- Virtual domain, among those defined previously. A vdom is a virtual instance of
the FortiGate that can be configured and used as a different unit.
type: str
state:
choices:
- present
- absent
description:
- Indicates whether to create or remove the object.
required: true
type: str
enable_log:
default: false
description:
- Enable/Disable logging for task.
required: false
type: bool
member_path:
description:
- Member attribute path to operate on.
- Delimited by a slash character if there are more than one attribute.
- Parameter marked with member_path is legitimate for doing member operation.
type: str
access_token:
description:
- Token-based authentication. Generated from GUI of Fortigate.
required: false
type: str
member_state:
choices:
- present
- absent
description:
- Add or delete a member under specified attribute path.
- When member_state is specified, the state option is ignored.
type: str
system_interface:
default: null
description:
- Configure interfaces.
suboptions:
ac_name:
description:
- PPPoE server name.
type: str
aggregate:
description:
- Aggregate interface.
type: str
aggregate_type:
choices:
- physical
- vxlan
description:
- Type of aggregation.
type: str
algorithm:
choices:
- L2
- L3
- L4
- Source-MAC
description:
- Frame distribution algorithm.
type: str
alias:
description:
- Alias will be displayed with the interface name to make it easier to distinguish.
type: str
allowaccess:
choices:
- ping
- https
- ssh
- snmp
- http
- telnet
- fgfm
- radius-acct
- probe-response
- fabric
- ftm
- speed-test
- capwap
description:
- Permitted types of management access to this interface.
elements: str
type: list
ap_discover:
choices:
- enable
- disable
description:
- Enable/disable automatic registration of unknown FortiAP devices.
type: str
arpforward:
choices:
- enable
- disable
description:
- Enable/disable ARP forwarding.
type: str
auth_cert:
description:
- HTTPS server certificate. Source vpn.certificate.local.name.
type: str
auth_portal_addr:
description:
- Address of captive portal.
type: str
auth_type:
choices:
- auto
- pap
- chap
- mschapv1
- mschapv2
description:
- PPP authentication type to use.
type: str
auto_auth_extension_device:
choices:
- enable
- disable
description:
- Enable/disable automatic authorization of dedicated Fortinet extension device
on this interface.
type: str
bandwidth_measure_time:
description:
- Bandwidth measure time.
type: int
bfd:
choices:
- global
- enable
- disable
description:
- Bidirectional Forwarding Detection (BFD) settings.
type: str
bfd_desired_min_tx:
description:
- BFD desired minimal transmit interval.
type: int
bfd_detect_mult:
description:
- BFD detection multiplier.
type: int
bfd_required_min_rx:
description:
- BFD required minimal receive interval.
type: int
broadcast_forticlient_discovery:
choices:
- enable
- disable
description:
- Enable/disable broadcasting FortiClient discovery messages.
type: str
broadcast_forward:
choices:
- enable
- disable
description:
- Enable/disable broadcast forwarding.
type: str
captive_portal:
description:
- Enable/disable captive portal.
type: int
cli_conn_status:
description:
- CLI connection status.
type: int
client_options:
description:
- DHCP client options.
elements: dict
suboptions:
code:
description:
- DHCP client option code.
type: int
id:
description:
- ID.
type: int
ip:
description:
- DHCP option IPs.
elements: str
type: list
type:
choices:
- hex
- string
- ip
- fqdn
description:
- DHCP client option type.
type: str
value:
description:
- DHCP client option value.
type: str
type: list
color:
description:
- Color of icon on the GUI.
type: int
dedicated_to:
choices:
- none
- management
description:
- Configure interface for single purpose.
type: str
defaultgw:
choices:
- enable
- disable
description:
- Enable to get the gateway IP from the DHCP or PPPoE server.
type: str
description:
description:
- Description.
type: str
detected_peer_mtu:
description:
- MTU of detected peer (0 - 4294967295).
type: int
detectprotocol:
choices:
- ping
- tcp-echo
- udp-echo
description:
- Protocols used to detect the server.
elements: str
type: list
detectserver:
description:
- Gateway"s ping server for this IP.
type: str
device_access_list:
description:
- Device access list.
type: str
device_identification:
choices:
- enable
- disable
description:
- Enable/disable passively gathering of device identity information about the
devices on the network connected to this interface.
type: str
device_identification_active_scan:
choices:
- enable
- disable
description:
- Enable/disable active gathering of device identity information about the devices
on the network connected to this interface.
type: str
device_netscan:
choices:
- disable
- enable
description:
- Enable/disable inclusion of devices detected on this interface in network vulnerability
scans.
type: str
device_user_identification:
choices:
- enable
- disable
description:
- Enable/disable passive gathering of user identity information about users on
this interface.
type: str
devindex:
description:
- Device Index.
type: int
dhcp_classless_route_addition:
choices:
- enable
- disable
description:
- Enable/disable addition of classless static routes retrieved from DHCP server.
type: str
dhcp_client_identifier:
description:
- DHCP client identifier.
type: str
dhcp_relay_agent_option:
choices:
- enable
- disable
description:
- Enable/disable DHCP relay agent option.
type: str
dhcp_relay_interface:
description:
- Specify outgoing interface to reach server. Source system.interface.name.
type: str
dhcp_relay_interface_select_method:
choices:
- auto
- sdwan
- specify
description:
- Specify how to select outgoing interface to reach server.
type: str
dhcp_relay_ip:
description:
- DHCP relay IP address.
elements: str
type: list
dhcp_relay_link_selection:
description:
- DHCP relay link selection.
type: str
dhcp_relay_request_all_server:
choices:
- disable
- enable
description:
- Enable/disable sending of DHCP requests to all servers.
type: str
dhcp_relay_service:
choices:
- disable
- enable
description:
- Enable/disable allowing this interface to act as a DHCP relay.
type: str
dhcp_relay_type:
choices:
- regular
- ipsec
description:
- DHCP relay type (regular or IPsec).
type: str
dhcp_renew_time:
description:
- DHCP renew time in seconds (300-604800), 0 means use the renew time provided
by the server.
type: int
dhcp_snooping_server_list:
description:
- Configure DHCP server access list.
elements: dict
suboptions:
name:
description:
- DHCP server name.
type: str
server_ip:
description:
- IP address for DHCP server.
type: str
type: list
disc_retry_timeout:
description:
- Time in seconds to wait before retrying to start a PPPoE discovery, 0 means
no timeout.
type: int
disconnect_threshold:
description:
- Time in milliseconds to wait before sending a notification that this interface
is down or disconnected.
type: int
distance:
description:
- Distance for routes learned through PPPoE or DHCP, lower distance indicates
preferred route.
type: int
dns_server_override:
choices:
- enable
- disable
description:
- Enable/disable use DNS acquired by DHCP or PPPoE.
type: str
dns_server_protocol:
choices:
- cleartext
- dot
- doh
description:
- DNS transport protocols.
elements: str
type: list
drop_fragment:
choices:
- enable
- disable
description:
- Enable/disable drop fragment packets.
type: str
drop_overlapped_fragment:
choices:
- enable
- disable
description:
- Enable/disable drop overlapped fragment packets.
type: str
eap_ca_cert:
description:
- EAP CA certificate name. Source certificate.ca.name.
type: str
eap_identity:
description:
- EAP identity.
type: str
eap_method:
choices:
- tls
- peap
description:
- EAP method.
type: str
eap_password:
description:
- EAP password.
type: str
eap_supplicant:
choices:
- enable
- disable
description:
- Enable/disable EAP-Supplicant.
type: str
eap_user_cert:
description:
- EAP user certificate name. Source certificate.local.name.
type: str
egress_cos:
choices:
- disable
- cos0
- cos1
- cos2
- cos3
- cos4
- cos5
- cos6
- cos7
description:
- Override outgoing CoS in user VLAN tag.
type: str
egress_queues:
description:
- Configure queues of NP port on egress path.
suboptions:
cos0:
description:
- CoS profile name for CoS 0. Source system.isf-queue-profile.name.
type: str
cos1:
description:
- CoS profile name for CoS 1. Source system.isf-queue-profile.name.
type: str
cos2:
description:
- CoS profile name for CoS 2. Source system.isf-queue-profile.name.
type: str
cos3:
description:
- CoS profile name for CoS 3. Source system.isf-queue-profile.name.
type: str
cos4:
description:
- CoS profile name for CoS 4. Source system.isf-queue-profile.name.
type: str
cos5:
description:
- CoS profile name for CoS 5. Source system.isf-queue-profile.name.
type: str
cos6:
description:
- CoS profile name for CoS 6. Source system.isf-queue-profile.name.
type: str
cos7:
description:
- CoS profile name for CoS 7. Source system.isf-queue-profile.name.
type: str
type: dict
egress_shaping_profile:
description:
- Outgoing traffic shaping profile. Source firewall.shaping-profile.profile-name.
type: str
endpoint_compliance:
choices:
- enable
- disable
description:
- Enable/disable endpoint compliance enforcement.
type: str
estimated_downstream_bandwidth:
description:
- Estimated maximum downstream bandwidth (kbps). Used to estimate link utilization.
type: int
estimated_upstream_bandwidth:
description:
- Estimated maximum upstream bandwidth (kbps). Used to estimate link utilization.
type: int
explicit_ftp_proxy:
choices:
- enable
- disable
description:
- Enable/disable the explicit FTP proxy on this interface.
type: str
explicit_web_proxy:
choices:
- enable
- disable
description:
- Enable/disable the explicit web proxy on this interface.
type: str
external:
choices:
- enable
- disable
description:
- Enable/disable identifying the interface as an external interface (which usually
means it"s connected to the Internet).
type: str
fail_action_on_extender:
choices:
- soft-restart
- hard-restart
- reboot
description:
- Action on FortiExtender when interface fail.
type: str
fail_alert_interfaces:
description:
- Names of the FortiGate interfaces to which the link failure alert is sent.
elements: dict
suboptions:
name:
description:
- Names of the non-virtual interface. Source system.interface.name.
type: str
type: list
fail_alert_method:
choices:
- link-failed-signal
- link-down
description:
- Select link-failed-signal or link-down method to alert about a failed link.
type: str
fail_detect:
choices:
- enable
- disable
description:
- Enable/disable fail detection features for this interface.
type: str
fail_detect_option:
choices:
- detectserver
- link-down
description:
- Options for detecting that this interface has failed.
elements: str
type: list
fortiheartbeat:
choices:
- enable
- disable
description:
- Enable/disable FortiHeartBeat (FortiTelemetry on GUI).
type: str
fortilink:
choices:
- enable
- disable
description:
- Enable FortiLink to dedicate this interface to manage other Fortinet devices.
type: str
fortilink_backup_link:
description:
- FortiLink split interface backup link.
type: int
fortilink_neighbor_detect:
choices:
- lldp
- fortilink
description:
- Protocol for FortiGate neighbor discovery.
type: str
fortilink_split_interface:
choices:
- enable
- disable
description:
- Enable/disable FortiLink split interface to connect member link to different
FortiSwitch in stack for uplink redundancy.
type: str
fortilink_stacking:
choices:
- enable
- disable
description:
- Enable/disable FortiLink switch-stacking on this interface.
type: str
forward_domain:
description:
- Transparent mode forward domain.
type: int
gi_gk:
choices:
- enable
- disable
description:
- Enable/disable Gi Gatekeeper.
type: str
gwdetect:
choices:
- enable
- disable
description:
- Enable/disable detect gateway alive for first.
type: str
ha_priority:
description:
- HA election priority for the PING server.
type: int
icmp_accept_redirect:
choices:
- enable
- disable
description:
- Enable/disable ICMP accept redirect.
type: str
icmp_send_redirect:
choices:
- enable
- disable
description:
- Enable/disable sending of ICMP redirects.
type: str
ident_accept:
choices:
- enable
- disable
description:
- Enable/disable authentication for this interface.
type: str
idle_timeout:
description:
- PPPoE auto disconnect after idle timeout seconds, 0 means no timeout.
type: int
ike_saml_server:
description:
- Configure IKE authentication SAML server. Source user.saml.name.
type: str
inbandwidth:
description:
- Bandwidth limit for incoming traffic (0 - 80000000 kbps), 0 means unlimited.
type: int
ingress_cos:
choices:
- disable
- cos0
- cos1
- cos2
- cos3
- cos4
- cos5
- cos6
- cos7
description:
- Override incoming CoS in user VLAN tag on VLAN interface or assign a priority
VLAN tag on physical interface.
type: str
ingress_shaping_profile:
description:
- Incoming traffic shaping profile. Source firewall.shaping-profile.profile-name.
type: str
ingress_spillover_threshold:
description:
- Ingress Spillover threshold (0 - 16776000 kbps), 0 means unlimited.
type: int
interface:
description:
- Interface name. Source system.interface.name.
type: str
internal:
description:
- Implicitly created.
type: int
ip:
description:
- 'Interface IPv4 address and subnet mask, syntax: X.X.X.X/24.'
type: str
ip_managed_by_fortiipam:
choices:
- enable
- disable
description:
- Enable/disable automatic IP address assignment of this interface by FortiIPAM.
type: str
ipmac:
choices:
- enable
- disable
description:
- Enable/disable IP/MAC binding.
type: str
ips_sniffer_mode:
choices:
- enable
- disable
description:
- Enable/disable the use of this interface as a one-armed sniffer.
type: str
ipunnumbered:
description:
- Unnumbered IP used for PPPoE interfaces for which no unique local address is
provided.
type: str
ipv6:
description:
- IPv6 of interface.
suboptions:
autoconf:
choices:
- enable
- disable
description:
- Enable/disable address auto config.
type: str
cli_conn6_status:
description:
- CLI IPv6 connection status.
type: int
dhcp6_client_options:
choices:
- rapid
- iapd
- iana
description:
- DHCPv6 client options.
elements: str
type: list
dhcp6_iapd_list:
description:
- DHCPv6 IA-PD list.
elements: dict
suboptions:
iaid:
description:
- Identity association identifier.
type: int
prefix_hint:
description:
- DHCPv6 prefix that will be used as a hint to the upstream DHCPv6 server.
type: str
prefix_hint_plt:
description:
- DHCPv6 prefix hint preferred life time (sec), 0 means unlimited lease
time.
type: int
prefix_hint_vlt:
description:
- DHCPv6 prefix hint valid life time (sec).
type: int
type: list
dhcp6_information_request:
choices:
- enable
- disable
description:
- Enable/disable DHCPv6 information request.
type: str
dhcp6_prefix_delegation:
choices:
- enable
- disable
description:
- Enable/disable DHCPv6 prefix delegation.
type: str
dhcp6_prefix_hint:
description:
- DHCPv6 prefix that will be used as a hint to the upstream DHCPv6 server.
type: str
dhcp6_prefix_hint_plt:
description:
- DHCPv6 prefix hint preferred life time (sec), 0 means unlimited lease time.
type: int
dhcp6_prefix_hint_vlt:
description:
- DHCPv6 prefix hint valid life time (sec).
type: int
dhcp6_relay_ip:
description:
- DHCPv6 relay IP address.
elements: str
type: list
dhcp6_relay_service:
choices:
- disable
- enable
description:
- Enable/disable DHCPv6 relay.
type: str
dhcp6_relay_type:
choices:
- regular
description:
- DHCPv6 relay type.
type: str
icmp6_send_redirect:
choices:
- enable
- disable
description:
- Enable/disable sending of ICMPv6 redirects.
type: str
interface_identifier:
description:
- IPv6 interface identifier.
type: str
ip6_address:
description:
- 'Primary IPv6 address prefix. Syntax: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx.'
type: str
ip6_allowaccess:
choices:
- ping
- https
- ssh
- snmp
- http
- telnet
- fgfm
- fabric
- capwap
description:
- Allow management access to the interface.
elements: str
type: list
ip6_default_life:
description:
- Default life (sec).
type: int
ip6_delegated_prefix_iaid:
description:
- IAID of obtained delegated-prefix from the upstream interface.
type: int
ip6_delegated_prefix_list:
description:
- Advertised IPv6 delegated prefix list.
elements: dict
suboptions:
autonomous_flag:
choices:
- enable
- disable
description:
- Enable/disable the autonomous flag.
type: str
delegated_prefix_iaid:
description:
- IAID of obtained delegated-prefix from the upstream interface.
type: int
onlink_flag:
choices:
- enable
- disable
description:
- Enable/disable the onlink flag.
type: str
prefix_id:
description:
- Prefix ID.
type: int
rdnss:
description:
- Recursive DNS server option.
elements: str
type: list
rdnss_service:
choices:
- delegated
- default
- specify
description:
- Recursive DNS service option.
type: str
subnet:
description:
- Add subnet ID to routing prefix.
type: str
upstream_interface:
description:
- Name of the interface that provides delegated information. Source system.interface.name.
type: str
type: list
ip6_dns_server_override:
choices:
- enable
- disable
description:
- Enable/disable using the DNS server acquired by DHCP.
type: str
ip6_extra_addr:
description:
- Extra IPv6 address prefixes of interface.
elements: dict
suboptions:
prefix:
description:
- IPv6 address prefix.
type: str
type: list
ip6_hop_limit:
description:
- Hop limit (0 means unspecified).
type: int
ip6_link_mtu:
description:
- IPv6 link MTU.
type: int
ip6_manage_flag:
choices:
- enable
- disable
description:
- Enable/disable the managed flag.
type: str
ip6_max_interval:
description:
- IPv6 maximum interval (4 to 1800 sec).
type: int
ip6_min_interval:
description:
- IPv6 minimum interval (3 to 1350 sec).
type: int
ip6_mode:
choices:
- static
- dhcp
- pppoe
- delegated
description:
- Addressing mode (static, DHCP, delegated).
type: str
ip6_other_flag:
choices:
- enable
- disable
description:
- Enable/disable the other IPv6 flag.
type: str
ip6_prefix_list:
description:
- Advertised prefix list.
elements: dict
suboptions:
autonomous_flag:
choices:
- enable
- disable
description:
- Enable/disable the autonomous flag.
type: str
dnssl:
description:
- DNS search list option.
elements: dict
suboptions:
domain:
description:
- Domain name.
type: str
type: list
onlink_flag:
choices:
- enable
- disable
description:
- Enable/disable the onlink flag.
type: str
preferred_life_time:
description:
- Preferred life time (sec).
type: int
prefix:
description:
- IPv6 prefix.
type: str
rdnss:
description:
- Recursive DNS server option.
elements: str
type: list
valid_life_time:
description:
- Valid life time (sec).
type: int
type: list
ip6_prefix_mode:
choices:
- dhcp6
- ra
description:
- Assigning a prefix from DHCP or RA.
type: str
ip6_reachable_time:
description:
- IPv6 reachable time (milliseconds; 0 means unspecified).
type: int
ip6_retrans_time:
description:
- IPv6 retransmit time (milliseconds; 0 means unspecified).
type: int
ip6_send_adv:
choices:
- enable
- disable
description:
- Enable/disable sending advertisements about the interface.
type: str
ip6_subnet:
description:
- 'Subnet to routing prefix. Syntax: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx.'
type: str
ip6_upstream_interface:
description:
- Interface name providing delegated information. Source system.interface.name.
type: str
nd_cert:
description:
- Neighbor discovery certificate. Source certificate.local.name.
type: str
nd_cga_modifier:
description:
- Neighbor discovery CGA modifier.
type: str
nd_mode:
choices:
- basic
- SEND-compatible
description:
- Neighbor discovery mode.
type: str
nd_security_level:
description:
- Neighbor discovery security level (0 - 7; 0 = least secure).
type: int
nd_timestamp_delta:
description:
- Neighbor discovery timestamp delta value (1 - 3600 sec; ).
type: int
nd_timestamp_fuzz:
description:
- Neighbor discovery timestamp fuzz factor (1 - 60 sec; ).
type: int
ra_send_mtu:
choices:
- enable
- disable
description:
- Enable/disable sending link MTU in RA packet.
type: str
unique_autoconf_addr:
choices:
- enable
- disable
description:
- Enable/disable unique auto config address.
type: str
vrip6_link_local:
description:
- Link-local IPv6 address of virtual router.
type: str
vrrp6:
description:
- IPv6 VRRP configuration.
elements: dict
suboptions:
accept_mode:
choices:
- enable
- disable
description:
- Enable/disable accept mode.
type: str
adv_interval:
description:
- Advertisement interval (1 - 255 seconds).
type: int
preempt:
choices:
- enable
- disable
description:
- Enable/disable preempt mode.
type: str
priority:
description:
- Priority of the virtual router (1 - 255).
type: int
start_time:
description:
- Startup time (1 - 255 seconds).
type: int
status:
choices:
- enable
- disable
description:
- Enable/disable VRRP.
type: str
vrdst6:
description:
- Monitor the route to this destination.
elements: str
type: list
vrgrp:
description:
- VRRP group ID (1 - 65535).
type: int
vrid:
description:
- Virtual router identifier (1 - 255).
type: int
vrip6:
description:
- IPv6 address of the virtual router.
type: str
type: list
vrrp_virtual_mac6:
choices:
- enable
- disable
description:
- Enable/disable virtual MAC for VRRP.
type: str
type: dict
l2forward:
choices:
- enable
- disable
description:
- Enable/disable l2 forwarding.
type: str
lacp_ha_secondary:
choices:
- enable
- disable
description:
- LACP HA secondary member.
type: str
lacp_ha_slave:
choices:
- enable
- disable
description:
- LACP HA slave.
type: str
lacp_mode:
choices:
- static
- passive
- active
description:
- LACP mode.
type: str
lacp_speed:
choices:
- slow
- fast
description:
- How often the interface sends LACP messages.
type: str
lcp_echo_interval:
description:
- Time in seconds between PPPoE Link Control Protocol (LCP) echo requests.
type: int
lcp_max_echo_fails:
description:
- Maximum missed LCP echo messages before disconnect.
type: int
link_up_delay:
description:
- Number of milliseconds to wait before considering a link is up.
type: int
lldp_network_policy:
description:
- LLDP-MED network policy profile. Source system.lldp.network-policy.name.
type: str
lldp_reception:
choices:
- enable
- disable
- vdom
description:
- Enable/disable Link Layer Discovery Protocol (LLDP) reception.
type: str
lldp_transmission:
choices:
- enable
- disable
- vdom
description:
- Enable/disable Link Layer Discovery Protocol (LLDP) transmission.
type: str
macaddr:
description:
- Change the interface"s MAC address.
type: str
managed_device:
description:
- Available when FortiLink is enabled, used for managed devices through FortiLink
interface.
elements: dict
suboptions:
name:
description:
- Managed dev identifier.
type: str
type: list
managed_subnetwork_size:
choices:
- '32'
- '64'
- '128'
- '256'
- '512'
- '1024'
- '2048'
- '4096'
- '8192'
- '16384'
- '32768'
- '65536'
description:
- Number of IP addresses to be allocated by FortiIPAM and used by this FortiGate
unit"s DHCP server settings.
type: str
management_ip:
description:
- High Availability in-band management IP address of this interface.
type: str
measured_downstream_bandwidth:
description:
- Measured downstream bandwidth (kbps).
type: int
measured_upstream_bandwidth:
description:
- Measured upstream bandwidth (kbps).
type: int
mediatype:
choices:
- cfp2-sr10
- cfp2-lr4
description:
- Select SFP media interface type
type: str
member:
description:
- Physical interfaces that belong to the aggregate or redundant interface.
elements: dict
suboptions:
interface_name:
description:
- Physical interface name. Source system.interface.name.
type: str
type: list
min_links:
description:
- Minimum number of aggregated ports that must be up.
type: int
min_links_down:
choices:
- operational
- administrative
description:
- Action to take when less than the configured minimum number of links are active.
type: str
mode:
choices:
- static
- dhcp
- pppoe
description:
- Addressing mode (static, DHCP, PPPoE).
type: str
monitor_bandwidth:
choices:
- enable
- disable
description:
- Enable monitoring bandwidth on this interface.
type: str
mtu:
description:
- MTU value for this interface.
type: int
mtu_override:
choices:
- enable
- disable
description:
- Enable to set a custom MTU for this interface.
type: str
name:
description:
- Name.
required: true
type: str
ndiscforward:
choices:
- enable
- disable
description:
- Enable/disable NDISC forwarding.
type: str
netbios_forward:
choices:
- disable
- enable
description:
- Enable/disable NETBIOS forwarding.
type: str
netflow_sampler:
choices:
- disable
- tx
- rx
- both
description:
- Enable/disable NetFlow on this interface and set the data that NetFlow collects
(rx, tx, or both).
type: str
outbandwidth:
description:
- Bandwidth limit for outgoing traffic (0 - 80000000 kbps).
type: int
padt_retry_timeout:
description:
- PPPoE Active Discovery Terminate (PADT) used to terminate sessions after an
idle time.
type: int
password:
description:
- PPPoE account"s password.
type: str
ping_serv_status:
description:
- PING server status.
type: int
polling_interval:
description:
- sFlow polling interval in seconds (1 - 255).
type: int
pppoe_unnumbered_negotiate:
choices:
- enable
- disable
description:
- Enable/disable PPPoE unnumbered negotiation.
type: str
pptp_auth_type:
choices:
- auto
- pap
- chap
- mschapv1
- mschapv2
description:
- PPTP authentication type.
type: str
pptp_client:
choices:
- enable
- disable
description:
- Enable/disable PPTP client.
type: str
pptp_password:
description:
- PPTP password.
type: str
pptp_server_ip:
description:
- PPTP server IP address.
type: str
pptp_timeout:
description:
- Idle timer in minutes (0 for disabled).
type: int
pptp_user:
description:
- PPTP user name.
type: str
preserve_session_route:
choices:
- enable
- disable
description:
- Enable/disable preservation of session route when dirty.
type: str
priority:
description:
- Priority of learned routes.
type: int
priority_override:
choices:
- enable
- disable
description:
- Enable/disable fail back to higher priority port once recovered.
type: str
proxy_captive_portal:
choices:
- enable
- disable
description:
- Enable/disable proxy captive portal on this interface.
type: str
reachable_time:
description:
- IPv4 reachable time in milliseconds (30000 - 3600000).
type: int
redundant_interface:
description:
- Redundant interface.
type: str
remote_ip:
description:
- Remote IP address of tunnel.
type: str
replacemsg_override_group:
description:
- Replacement message override group.
type: str
ring_rx:
description:
- RX ring size.
type: int
ring_tx:
description:
- TX ring size.
type: int
role:
choices:
- lan
- wan
- dmz
- undefined
description:
- Interface role.
type: str
sample_direction:
choices:
- tx
- rx
- both
description:
- Data that NetFlow collects (rx, tx, or both).
type: str
sample_rate:
description:
- sFlow sample rate (10 - 99999).
type: int
scan_botnet_connections:
choices:
- disable
- block
- monitor
description:
- Enable monitoring or blocking connections to Botnet servers through this interface.
type: str
secondary_IP:
choices:
- enable
- disable
description:
- Enable/disable adding a secondary IP to this interface.
type: str
secondaryip:
description:
- Second IP address of interface.
elements: dict
suboptions:
allowaccess:
choices:
- ping
- https
- ssh
- snmp
- http
- telnet
- fgfm
- radius-acct
- probe-response
- fabric
- ftm
- speed-test
- capwap
description:
- Management access settings for the secondary IP address.
elements: str
type: list
detectprotocol:
choices:
- ping
- tcp-echo
- udp-echo
description:
- Protocols used to detect the server.
elements: str
type: list
detectserver:
description:
- Gateway"s ping server for this IP.
type: str
gwdetect:
choices:
- enable
- disable
description:
- Enable/disable detect gateway alive for first.
type: str
ha_priority:
description:
- HA election priority for the PING server.
type: int
id:
description:
- ID.
type: int
ip:
description:
- Secondary IP address of the interface.
type: str
ping_serv_status:
description:
- PING server status.
type: int
type: list
security_exempt_list:
description:
- Name of security-exempt-list.
type: str
security_external_logout:
description:
- URL of external authentication logout server.
type: str
security_external_web:
description:
- URL of external authentication web server.
type: str
security_groups:
description:
- User groups that can authenticate with the captive portal.
elements: dict
suboptions:
name:
description:
- Names of user groups that can authenticate with the captive portal. Source
user.group.name.
type: str
type: list
security_mac_auth_bypass:
choices:
- mac-auth-only
- enable
- disable
description:
- Enable/disable MAC authentication bypass.
type: str
security_mode:
choices:
- none
- captive-portal
- 802.1X
description:
- Turn on captive portal authentication for this interface.
type: str
security_redirect_url:
description:
- URL redirection after disclaimer/authentication.
type: str
service_name:
description:
- PPPoE service name.
type: str
sflow_sampler:
choices:
- enable
- disable
description:
- Enable/disable sFlow on this interface.
type: str
snmp_index:
description:
- Permanent SNMP Index of the interface.
type: int
speed:
choices:
- auto
- 10full
- 10half
- 100full
- 100half
- 1000full
- 1000auto
- 10000full
- 10000auto
- 40000full
- 100Gfull
- 1000half
description:
- Interface speed. The default setting and the options available depend on the
interface hardware.
type: str
spillover_threshold:
description:
- Egress Spillover threshold (0 - 16776000 kbps), 0 means unlimited.
type: int
src_check:
choices:
- enable
- disable
description:
- Enable/disable source IP check.
type: str
status:
choices:
- up
- down
description:
- Bring the interface up or shut the interface down.
type: str
stp:
choices:
- disable
- enable
description:
- Enable/disable STP.
type: str
stp_ha_secondary:
choices:
- disable
- enable
- priority-adjust
description:
- Control STP behaviour on HA secondary.
type: str
stp_ha_slave:
choices:
- disable
- enable
- priority-adjust
description:
- Control STP behaviour on HA slave.
type: str
stpforward:
choices:
- enable
- disable
description:
- Enable/disable STP forwarding.
type: str
stpforward_mode:
choices:
- rpl-all-ext-id
- rpl-bridge-ext-id
- rpl-nothing
description:
- Configure STP forwarding mode.
type: str
subst:
choices:
- enable
- disable
description:
- Enable to always send packets from this interface to a destination MAC address.
type: str
substitute_dst_mac:
description:
- Destination MAC address that all packets are sent to from this interface.
type: str
sw_algorithm:
choices:
- l2
- l3
- eh
description:
- Frame distribution algorithm for switch.
type: str
swc_first_create:
description:
- Initial create for switch-controller VLANs.
type: int
swc_vlan:
description:
- Creation status for switch-controller VLANs.
type: int
switch:
description:
- Contained in switch.
type: str
switch_controller_access_vlan:
choices:
- enable
- disable
description:
- Block FortiSwitch port-to-port traffic.
type: str
switch_controller_arp_inspection:
choices:
- enable
- disable
description:
- Enable/disable FortiSwitch ARP inspection.
type: str
switch_controller_dhcp_snooping:
choices:
- enable
- disable
description:
- Switch controller DHCP snooping.
type: str
switch_controller_dhcp_snooping_option82:
choices:
- enable
- disable
description:
- Switch controller DHCP snooping option82.
type: str
switch_controller_dhcp_snooping_verify_mac:
choices:
- enable
- disable
description:
- Switch controller DHCP snooping verify MAC.
type: str
switch_controller_dynamic:
description:
- Integrated FortiLink settings for managed FortiSwitch. Source switch-controller.fortilink-settings.name.
type: str
switch_controller_feature:
choices:
- none
- default-vlan
- quarantine
- rspan
- voice
- video
- nac
- nac-segment
description:
- Interface"s purpose when assigning traffic (read only).
type: str
switch_controller_igmp_snooping:
choices:
- enable
- disable
description:
- Switch controller IGMP snooping.
type: str
switch_controller_igmp_snooping_fast_leave:
choices:
- enable
- disable
description:
- Switch controller IGMP snooping fast-leave.
type: str
switch_controller_igmp_snooping_proxy:
choices:
- enable
- disable
description:
- Switch controller IGMP snooping proxy.
type: str
switch_controller_iot_scanning:
choices:
- enable
- disable
description:
- Enable/disable managed FortiSwitch IoT scanning.
type: str
switch_controller_learning_limit:
description:
- Limit the number of dynamic MAC addresses on this VLAN (1 - 128, 0 = no limit,
default).
type: int
switch_controller_mgmt_vlan:
description:
- VLAN to use for FortiLink management purposes.
type: int
switch_controller_nac:
description:
- Integrated FortiLink settings for managed FortiSwitch. Source switch-controller.fortilink-settings.name.
type: str
switch_controller_netflow_collect:
choices:
- disable
- enable
description:
- NetFlow collection and processing.
type: str
switch_controller_rspan_mode:
choices:
- disable
- enable
description:
- Stop Layer2 MAC learning and interception of BPDUs and other packets on this
interface.
type: str
switch_controller_source_ip:
choices:
- outbound
- fixed
description:
- Source IP address used in FortiLink over L3 connections.
type: str
switch_controller_traffic_policy:
description:
- Switch controller traffic policy for the VLAN. Source switch-controller.traffic-policy.name.
type: str
system_id:
description:
- Define a system ID for the aggregate interface.
type: str
system_id_type:
choices:
- auto
- user
description:
- Method in which system ID is generated.
type: str
tagging:
description:
- Config object tagging.
elements: dict
suboptions:
category:
description:
- Tag category. Source system.object-tagging.category.
type: str
name:
description:
- Tagging entry name.
type: str
tags:
description:
- Tags.
elements: dict
suboptions:
name:
description:
- Tag name. Source system.object-tagging.tags.name.
type: str
type: list
type: list
tcp_mss:
description:
- TCP maximum segment size. 0 means do not change segment size.
type: int
trust_ip6_1:
description:
- Trusted IPv6 host for dedicated management traffic (::/0 for all hosts).
type: str
trust_ip6_2:
description:
- Trusted IPv6 host for dedicated management traffic (::/0 for all hosts).
type: str
trust_ip6_3:
description:
- Trusted IPv6 host for dedicated management traffic (::/0 for all hosts).
type: str
trust_ip_1:
description:
- Trusted host for dedicated management traffic (0.0.0.0/24 for all hosts).
type: str
trust_ip_2:
description:
- Trusted host for dedicated management traffic (0.0.0.0/24 for all hosts).
type: str
trust_ip_3:
description:
- Trusted host for dedicated management traffic (0.0.0.0/24 for all hosts).
type: str
type:
choices:
- physical
- vlan
- aggregate
- redundant
- tunnel
- vdom-link
- loopback
- switch
- vap-switch
- wl-mesh
- fext-wan
- vxlan
- geneve
- hdlc
- switch-vlan
- emac-vlan
- ssl
- lan-extension
- hard-switch
description:
- Interface type.
type: str
username:
description:
- Username of the PPPoE account, provided by your ISP.
type: str
vdom:
description:
- Interface is in this virtual domain (VDOM). Source system.vdom.name.
type: str
vindex:
description:
- Switch control interface VLAN ID.
type: int
vlan_protocol:
choices:
- 8021q
- 8021ad
description:
- Ethernet protocol of VLAN.
type: str
vlanforward:
choices:
- enable
- disable
description:
- Enable/disable traffic forwarding between VLANs on this interface.
type: str
vlanid:
description:
- VLAN ID (1 - 4094).
type: int
vrf:
description:
- Virtual Routing Forwarding ID.
type: int
vrrp:
description:
- VRRP configuration.
elements: dict
suboptions:
accept_mode:
choices:
- enable
- disable
description:
- Enable/disable accept mode.
type: str
adv_interval:
description:
- Advertisement interval (1 - 255 seconds).
type: int
ignore_default_route:
choices:
- enable
- disable
description:
- Enable/disable ignoring of default route when checking destination.
type: str
preempt:
choices:
- enable
- disable
description:
- Enable/disable preempt mode.
type: str
priority:
description:
- Priority of the virtual router (1 - 255).
type: int
proxy_arp:
description:
- VRRP Proxy ARP configuration.
elements: dict
suboptions:
id:
description:
- ID.
type: int
ip:
description:
- Set IP addresses of proxy ARP.
type: str
type: list
start_time:
description:
- Startup time (1 - 255 seconds).
type: int
status:
choices:
- enable
- disable
description:
- Enable/disable this VRRP configuration.
type: str
version:
choices:
- '2'
- '3'
description:
- VRRP version.
type: str
vrdst:
description:
- Monitor the route to this destination.
elements: str
type: list
vrdst_priority:
description:
- Priority of the virtual router when the virtual router destination becomes
unreachable (0 - 254).
type: int
vrgrp:
description:
- VRRP group ID (1 - 65535).
type: int
vrid:
description:
- Virtual router identifier (1 - 255).
type: int
vrip:
description:
- IP address of the virtual router.
type: str
type: list
vrrp_virtual_mac:
choices:
- enable
- disable
description:
- Enable/disable use of virtual MAC for VRRP.
type: str
wccp:
choices:
- enable
- disable
description:
- Enable/disable WCCP on this interface. Used for encapsulated WCCP communication
between WCCP clients and servers.
type: str
weight:
description:
- Default weight for static routes (if route has no weight configured).
type: int
wins_ip:
description:
- WINS server IP.
type: str
type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str