lix_fortinet / lix_fortinet.fortios / 102.2.120 / module / fortios_system_sdwan Configure redundant Internet connections with multiple outbound links and health-check profiles in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of lix_fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communitylix_fortinet.fortios.fortios_system_sdwan (102.2.120) — module
Install with ansible-galaxy collection install lix_fortinet.fortios:==102.2.120
collections: - name: lix_fortinet.fortios version: 102.2.120
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and sdwan category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Configure redundant Internet connections with multiple outbound links and health-check profiles. fortios_system_sdwan: vdom: "{{ vdom }}" system_sdwan: duplication: - dstaddr: - name: "default_name_5 (source firewall.address.name firewall.addrgrp.name)" dstaddr6: - name: "default_name_7 (source firewall.address6.name firewall.addrgrp6.name)" dstintf: - name: "default_name_9 (source system.interface.name system.zone.name system.sdwan.zone.name)" id: "10" packet_de_duplication: "enable" packet_duplication: "disable" service: - name: "default_name_14 (source firewall.service.custom.name firewall.service.group.name)" service_id: - id: "16 (source system.sdwan.service.id)" sla_match_service: "enable" srcaddr: - name: "default_name_19 (source firewall.address.name firewall.addrgrp.name)" srcaddr6: - name: "default_name_21 (source firewall.address6.name firewall.addrgrp6.name)" srcintf: - name: "default_name_23 (source system.interface.name system.zone.name system.sdwan.zone.name)" duplication_max_num: "2" fail_alert_interfaces: - name: "default_name_26 (source system.interface.name)" fail_detect: "enable" health_check: - addr_mode: "ipv4" detect_mode: "active" diffservcode: "<your_own_value>" dns_match_ip: "<your_own_value>" dns_request_domain: "<your_own_value>" embed_measured_health: "enable" failtime: "5" ftp_file: "<your_own_value>" ftp_mode: "passive" ha_priority: "1" http_agent: "<your_own_value>" http_get: "<your_own_value>" http_match: "<your_own_value>" interval: "500" members: - seq_num: "0" mos_codec: "g711" name: "default_name_46" packet_size: "64" password: "<your_own_value>" port: "0" probe_count: "30" probe_packets: "disable" probe_timeout: "500" protocol: "ping" quality_measured_method: "half-open" recoverytime: "5" security_mode: "none" server: "192.168.100.40" sla: - id: "59" jitter_threshold: "5" latency_threshold: "5" link_cost_factor: "latency" mos_threshold: "<your_own_value>" packetloss_threshold: "0" priority_in_sla: "0" priority_out_sla: "0" sla_fail_log_period: "0" sla_id_redistribute: "0" sla_pass_log_period: "0" source: "<your_own_value>" system_dns: "disable" threshold_alert_jitter: "0" threshold_alert_latency: "0" threshold_alert_packetloss: "0" threshold_warning_jitter: "0" threshold_warning_latency: "0" threshold_warning_packetloss: "0" update_cascade_interface: "enable" update_static_route: "enable" user: "<your_own_value>" vrf: "0" load_balance_mode: "source-ip-based" members: - comment: "Comments." cost: "0" gateway: "<your_own_value>" gateway6: "<your_own_value>" ingress_spillover_threshold: "0" interface: "<your_own_value> (source system.interface.name)" priority: "1" priority6: "1024" seq_num: "0" source: "<your_own_value>" source6: "<your_own_value>" spillover_threshold: "0" status: "disable" volume_ratio: "1" weight: "1" zone: "<your_own_value> (source system.sdwan.zone.name)" neighbor: - health_check: "<your_own_value> (source system.sdwan.health-check.name)" ip: "<your_own_value> (source router.bgp.neighbor.ip)" member: - seq_num: "0" minimum_sla_meet_members: "1" mode: "sla" role: "standalone" sla_id: "0" neighbor_hold_boot_time: "0" neighbor_hold_down: "enable" neighbor_hold_down_time: "0" service: - addr_mode: "ipv4" bandwidth_weight: "0" default: "enable" dscp_forward: "enable" dscp_forward_tag: "<your_own_value>" dscp_reverse: "enable" dscp_reverse_tag: "<your_own_value>" dst: - name: "default_name_121 (source firewall.address.name firewall.addrgrp.name)" dst_negate: "enable" dst6: - name: "default_name_124 (source firewall.address6.name firewall.addrgrp6.name)" end_port: "65535" gateway: "enable" groups: - name: "default_name_128 (source user.group.name)" hash_mode: "round-robin" health_check: - name: "default_name_131 (source system.sdwan.health-check.name)" hold_down_time: "0" id: "133" input_device: - name: "default_name_135 (source system.interface.name)" input_device_negate: "enable" input_zone: - name: "default_name_138 (source system.sdwan.zone.name)" internet_service: "enable" internet_service_app_ctrl: - id: "141" internet_service_app_ctrl_category: - id: "143" internet_service_app_ctrl_group: - name: "default_name_145 (source application.group.name)" internet_service_custom: - name: "default_name_147 (source firewall.internet-service-custom.name)" internet_service_custom_group: - name: "default_name_149 (source firewall.internet-service-custom-group.name)" internet_service_group: - name: "default_name_151 (source firewall.internet-service-group.name)" internet_service_name: - name: "default_name_153 (source firewall.internet-service-name.name)" jitter_weight: "0" latency_weight: "0" link_cost_factor: "latency" link_cost_threshold: "10" minimum_sla_meet_members: "0" mode: "auto" name: "default_name_160" packet_loss_weight: "0" passive_measurement: "enable" priority_members: - seq_num: "0" priority_zone: - name: "default_name_166 (source system.sdwan.zone.name)" protocol: "0" quality_link: "0" role: "standalone" route_tag: "0" sla: - health_check: "<your_own_value> (source system.sdwan.health-check.name)" id: "173" sla_compare_method: "order" src: - name: "default_name_176 (source firewall.address.name firewall.addrgrp.name)" src_negate: "enable" src6: - name: "default_name_179 (source firewall.address6.name firewall.addrgrp6.name)" standalone_action: "enable" start_port: "1" status: "enable" tie_break: "zone" tos: "<your_own_value>" tos_mask: "<your_own_value>" use_shortcut_sla: "enable" users: - name: "default_name_188 (source user.local.name)" speedtest_bypass_routing: "disable" status: "disable" zone: - name: "default_name_192" service_sla_tie_break: "cfg-order"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str system_sdwan: default: null description: - Configure redundant Internet connections with multiple outbound links and health-check profiles. suboptions: duplication: description: - Create SD-WAN duplication rule. elements: dict suboptions: dstaddr: description: - Destination address or address group names. elements: dict suboptions: name: description: - Address or address group name. Source firewall.address.name firewall.addrgrp.name. type: str type: list dstaddr6: description: - Destination address6 or address6 group names. elements: dict suboptions: name: description: - Address6 or address6 group name. Source firewall.address6.name firewall.addrgrp6.name. type: str type: list dstintf: description: - Outgoing (egress) interfaces or zones. elements: dict suboptions: name: description: - Interface, zone or SDWAN zone name. Source system.interface.name system.zone.name system.sdwan.zone.name. type: str type: list id: description: - Duplication rule ID (1 - 255). type: int packet_de_duplication: choices: - enable - disable description: - Enable/disable discarding of packets that have been duplicated. type: str packet_duplication: choices: - disable - force - on-demand description: - Configure packet duplication method. type: str service: description: - Service and service group name. elements: dict suboptions: name: description: - Service and service group name. Source firewall.service.custom.name firewall.service.group.name. type: str type: list service_id: description: - SD-WAN service rule ID list. elements: dict suboptions: id: description: - SD-WAN service rule ID. Source system.sdwan.service.id. type: int type: list sla_match_service: choices: - enable - disable description: - Enable/disable packet duplication matching health-check SLAs in service rule. type: str srcaddr: description: - Source address or address group names. elements: dict suboptions: name: description: - Address or address group name. Source firewall.address.name firewall.addrgrp.name. type: str type: list srcaddr6: description: - Source address6 or address6 group names. elements: dict suboptions: name: description: - Address6 or address6 group name. Source firewall.address6.name firewall.addrgrp6.name. type: str type: list srcintf: description: - Incoming (ingress) interfaces or zones. elements: dict suboptions: name: description: - Interface, zone or SDWAN zone name. Source system.interface.name system.zone.name system.sdwan.zone.name. type: str type: list type: list duplication_max_num: description: - Maximum number of interface members a packet is duplicated in the SD-WAN zone (2 - 4). type: int fail_alert_interfaces: description: - Physical interfaces that will be alerted. elements: dict suboptions: name: description: - Physical interface name. Source system.interface.name. type: str type: list fail_detect: choices: - enable - disable description: - Enable/disable SD-WAN Internet connection status checking (failure detection). type: str health_check: description: - SD-WAN status checking or health checking. Identify a server on the Internet and determine how SD-WAN verifies that the FortiGate can communicate with it. elements: dict suboptions: addr_mode: choices: - ipv4 - ipv6 description: - Address mode (IPv4 or IPv6). type: str detect_mode: choices: - active - passive - prefer-passive - remote description: - The mode determining how to detect the server. type: str diffservcode: description: - Differentiated services code point (DSCP) in the IP header of the probe packet. type: str dns_match_ip: description: - Response IP expected from DNS server if the protocol is DNS. type: str dns_request_domain: description: - Fully qualified domain name to resolve for the DNS probe. type: str embed_measured_health: choices: - enable - disable description: - Enable/disable embedding measured health information. type: str failtime: description: - Number of failures before server is considered lost (1 - 3600). type: int ftp_file: description: - Full path and file name on the FTP server to download for FTP health-check to probe. type: str ftp_mode: choices: - passive - port description: - FTP mode. type: str ha_priority: description: - HA election priority (1 - 50). type: int http_agent: description: - String in the http-agent field in the HTTP header. type: str http_get: description: - URL used to communicate with the server if the protocol if the protocol is HTTP. type: str http_match: description: - Response string expected from the server if the protocol is HTTP. type: str interval: description: - Status check interval in milliseconds, or the time between attempting to connect to the server (500 - 3600*1000 msec). type: int members: description: - Member sequence number list. elements: dict suboptions: seq_num: description: - Member sequence number. Source system.sdwan.members.seq-num. type: int type: list mos_codec: choices: - g711 - g722 - g729 description: - Codec to use for MOS calculation . type: str name: description: - Status check or health check name. type: str packet_size: description: - Packet size of a TWAMP test session. type: int password: description: - TWAMP controller password in authentication mode. type: str port: description: - Port number used to communicate with the server over the selected protocol (0 - 65535). type: int probe_count: description: - Number of most recent probes that should be used to calculate latency and jitter (5 - 30). type: int probe_packets: choices: - disable - enable description: - Enable/disable transmission of probe packets. type: str probe_timeout: description: - Time to wait before a probe packet is considered lost (500 - 3600*1000 msec). type: int protocol: choices: - ping - tcp-echo - udp-echo - http - twamp - dns - tcp-connect - ftp - ping6 description: - Protocol used to determine if the FortiGate can communicate with the server. type: str quality_measured_method: choices: - half-open - half-close description: - Method to measure the quality of tcp-connect. type: str recoverytime: description: - Number of successful responses received before server is considered recovered (1 - 3600). type: int security_mode: choices: - none - authentication description: - Twamp controller security mode. type: str server: description: - IP address or FQDN name of the server. elements: str type: list sla: description: - Service level agreement (SLA). elements: dict suboptions: id: description: - SLA ID. type: int jitter_threshold: description: - Jitter for SLA to make decision in milliseconds. (0 - 10000000). type: int latency_threshold: description: - Latency for SLA to make decision in milliseconds. (0 - 10000000). type: int link_cost_factor: choices: - latency - jitter - packet-loss - mos description: - Criteria on which to base link selection. elements: str type: list mos_threshold: description: - Minimum Mean Opinion Score for SLA to be marked as pass. (1.0 - 5.0). type: str packetloss_threshold: description: - Packet loss for SLA to make decision in percentage. (0 - 100). type: int priority_in_sla: description: - Value to be distributed into routing table when in-sla (0 - 65535). type: int priority_out_sla: description: - Value to be distributed into routing table when out-sla (0 - 65535). type: int type: list sla_fail_log_period: description: - Time interval in seconds that SLA fail log messages will be generated (0 - 3600). type: int sla_id_redistribute: description: - Select the ID from the SLA sub-table. The selected SLA"s priority value will be distributed into the routing table (0 - 32). type: int sla_pass_log_period: description: - Time interval in seconds that SLA pass log messages will be generated (0 - 3600). type: int source: description: - Source IP address used in the health-check packet to the server. type: str system_dns: choices: - disable - enable description: - Enable/disable system DNS as the probe server. type: str threshold_alert_jitter: description: - Alert threshold for jitter (ms). type: int threshold_alert_latency: description: - Alert threshold for latency (ms). type: int threshold_alert_packetloss: description: - Alert threshold for packet loss (percentage). type: int threshold_warning_jitter: description: - Warning threshold for jitter (ms). type: int threshold_warning_latency: description: - Warning threshold for latency (ms). type: int threshold_warning_packetloss: description: - Warning threshold for packet loss (percentage). type: int update_cascade_interface: choices: - enable - disable description: - Enable/disable update cascade interface. type: str update_static_route: choices: - enable - disable description: - Enable/disable updating the static route. type: str user: description: - The user name to access probe server. type: str vrf: description: - Virtual Routing Forwarding ID. type: int type: list load_balance_mode: choices: - source-ip-based - weight-based - usage-based - source-dest-ip-based - measured-volume-based description: - Algorithm or mode to use for load balancing Internet traffic to SD-WAN members. type: str members: description: - FortiGate interfaces added to the SD-WAN. elements: dict suboptions: comment: description: - Comments. type: str cost: description: - Cost of this interface for services in SLA mode (0 - 4294967295). type: int gateway: description: - The default gateway for this interface. Usually the default gateway of the Internet service provider that this interface is connected to. type: str gateway6: description: - IPv6 gateway. type: str ingress_spillover_threshold: description: - Ingress spillover threshold for this interface (0 - 16776000 kbit/s). When this traffic volume threshold is reached, new sessions spill over to other interfaces in the SD-WAN. type: int interface: description: - Interface name. Source system.interface.name. type: str priority: description: - Priority of the interface for IPv4 (1 - 65535). Used for SD-WAN rules or priority rules. type: int priority6: description: - Priority of the interface for IPv6 (1 - 65535). Used for SD-WAN rules or priority rules. type: int seq_num: description: - Sequence number(1-512). type: int source: description: - Source IP address used in the health-check packet to the server. type: str source6: description: - Source IPv6 address used in the health-check packet to the server. type: str spillover_threshold: description: - Egress spillover threshold for this interface (0 - 16776000 kbit/s). When this traffic volume threshold is reached, new sessions spill over to other interfaces in the SD-WAN. type: int status: choices: - disable - enable description: - Enable/disable this interface in the SD-WAN. type: str volume_ratio: description: - Measured volume ratio (this value / sum of all values = percentage of link volume, 1 - 255). type: int weight: description: - Weight of this interface for weighted load balancing. (1 - 255) More traffic is directed to interfaces with higher weights. type: int zone: description: - Zone name. Source system.sdwan.zone.name. type: str type: list neighbor: description: - Create SD-WAN neighbor from BGP neighbor table to control route advertisements according to SLA status. elements: dict suboptions: health_check: description: - SD-WAN health-check name. Source system.sdwan.health-check.name. type: str ip: description: - IP/IPv6 address of neighbor. Source router.bgp.neighbor.ip. type: str member: description: - Member sequence number list. Source system.sdwan.members.seq-num. elements: dict suboptions: seq_num: description: - Member sequence number. Source system.sdwan.members.seq-num. type: int type: list minimum_sla_meet_members: description: - Minimum number of members which meet SLA when the neighbor is preferred. type: int mode: choices: - sla - speedtest description: - What metric to select the neighbor. type: str role: choices: - standalone - primary - secondary description: - Role of neighbor. type: str sla_id: description: - SLA ID. type: int type: list neighbor_hold_boot_time: description: - Waiting period in seconds when switching from the primary neighbor to the secondary neighbor from the neighbor start. (0 - 10000000). type: int neighbor_hold_down: choices: - enable - disable description: - Enable/disable hold switching from the secondary neighbor to the primary neighbor. type: str neighbor_hold_down_time: description: - Waiting period in seconds when switching from the secondary neighbor to the primary neighbor when hold-down is disabled. (0 - 10000000). type: int service: description: - Create SD-WAN rules (also called services) to control how sessions are distributed to interfaces in the SD-WAN. elements: dict suboptions: addr_mode: choices: - ipv4 - ipv6 description: - Address mode (IPv4 or IPv6). type: str bandwidth_weight: description: - Coefficient of reciprocal of available bidirectional bandwidth in the formula of custom-profile-1. type: int default: choices: - enable - disable description: - Enable/disable use of SD-WAN as default service. type: str dscp_forward: choices: - enable - disable description: - Enable/disable forward traffic DSCP tag. type: str dscp_forward_tag: description: - Forward traffic DSCP tag. type: str dscp_reverse: choices: - enable - disable description: - Enable/disable reverse traffic DSCP tag. type: str dscp_reverse_tag: description: - Reverse traffic DSCP tag. type: str dst: description: - Destination address name. elements: dict suboptions: name: description: - Address or address group name. Source firewall.address.name firewall.addrgrp.name. type: str type: list dst6: description: - Destination address6 name. elements: dict suboptions: name: description: - Address6 or address6 group name. Source firewall.address6.name firewall.addrgrp6.name. type: str type: list dst_negate: choices: - enable - disable description: - Enable/disable negation of destination address match. type: str end_port: description: - End destination port number. type: int gateway: choices: - enable - disable description: - Enable/disable SD-WAN service gateway. type: str groups: description: - User groups. elements: dict suboptions: name: description: - Group name. Source user.group.name. type: str type: list hash_mode: choices: - round-robin - source-ip-based - source-dest-ip-based - inbandwidth - outbandwidth - bibandwidth description: - Hash algorithm for selected priority members for load balance mode. type: str health_check: description: - Health check list. elements: dict suboptions: name: description: - Health check name. Source system.sdwan.health-check.name. type: str type: list hold_down_time: description: - Waiting period in seconds when switching from the back-up member to the primary member (0 - 10000000). type: int id: description: - SD-WAN rule ID (1 - 4000). type: int input_device: description: - Source interface name. elements: dict suboptions: name: description: - Interface name. Source system.interface.name. type: str type: list input_device_negate: choices: - enable - disable description: - Enable/disable negation of input device match. type: str input_zone: description: - Source input-zone name. elements: dict suboptions: name: description: - Zone. Source system.sdwan.zone.name. type: str type: list internet_service: choices: - enable - disable description: - Enable/disable use of Internet service for application-based load balancing. type: str internet_service_app_ctrl: description: - Application control based Internet Service ID list. elements: dict suboptions: id: description: - Application control based Internet Service ID. type: int type: list internet_service_app_ctrl_category: description: - IDs of one or more application control categories. elements: dict suboptions: id: description: - Application control category ID. type: int type: list internet_service_app_ctrl_group: description: - Application control based Internet Service group list. elements: dict suboptions: name: description: - Application control based Internet Service group name. Source application.group.name. type: str type: list internet_service_custom: description: - Custom Internet service name list. elements: dict suboptions: name: description: - Custom Internet service name. Source firewall.internet-service-custom.name. type: str type: list internet_service_custom_group: description: - Custom Internet Service group list. elements: dict suboptions: name: description: - Custom Internet Service group name. Source firewall.internet-service-custom-group.name. type: str type: list internet_service_group: description: - Internet Service group list. elements: dict suboptions: name: description: - Internet Service group name. Source firewall.internet-service-group.name. type: str type: list internet_service_name: description: - Internet service name list. elements: dict suboptions: name: description: - Internet service name. Source firewall.internet-service-name.name. type: str type: list jitter_weight: description: - Coefficient of jitter in the formula of custom-profile-1. type: int latency_weight: description: - Coefficient of latency in the formula of custom-profile-1. type: int link_cost_factor: choices: - latency - jitter - packet-loss - inbandwidth - outbandwidth - bibandwidth - custom-profile-1 description: - Link cost factor. type: str link_cost_threshold: description: - Percentage threshold change of link cost values that will result in policy route regeneration (0 - 10000000). type: int minimum_sla_meet_members: description: - Minimum number of members which meet SLA. type: int mode: choices: - auto - manual - priority - sla - load-balance description: - Control how the SD-WAN rule sets the priority of interfaces in the SD-WAN. type: str name: description: - SD-WAN rule name. type: str packet_loss_weight: description: - Coefficient of packet-loss in the formula of custom-profile-1. type: int passive_measurement: choices: - enable - disable description: - Enable/disable passive measurement based on the service criteria. type: str priority_members: description: - Member sequence number list. elements: dict suboptions: seq_num: description: - Member sequence number. Source system.sdwan.members.seq-num. type: int type: list priority_zone: description: - Priority zone name list. elements: dict suboptions: name: description: - Priority zone name. Source system.sdwan.zone.name. type: str type: list protocol: description: - Protocol number. type: int quality_link: description: - Quality grade. type: int role: choices: - standalone - primary - secondary description: - Service role to work with neighbor. type: str route_tag: description: - IPv4 route map route-tag. type: int sla: description: - Service level agreement (SLA). elements: dict suboptions: health_check: description: - SD-WAN health-check. Source system.sdwan.health-check.name. type: str id: description: - SLA ID. type: int type: list sla_compare_method: choices: - order - number description: - Method to compare SLA value for SLA mode. type: str src: description: - Source address name. elements: dict suboptions: name: description: - Address or address group name. Source firewall.address.name firewall.addrgrp.name. type: str type: list src6: description: - Source address6 name. elements: dict suboptions: name: description: - Address6 or address6 group name. Source firewall.address6.name firewall.addrgrp6.name. type: str type: list src_negate: choices: - enable - disable description: - Enable/disable negation of source address match. type: str standalone_action: choices: - enable - disable description: - Enable/disable service when selected neighbor role is standalone while service role is not standalone. type: str start_port: description: - Start destination port number. type: int status: choices: - enable - disable description: - Enable/disable SD-WAN service. type: str tie_break: choices: - zone - cfg-order - fib-best-match - input-device description: - Method of selecting member if more than one meets the SLA. type: str tos: description: - Type of service bit pattern. type: str tos_mask: description: - Type of service evaluated bits. type: str use_shortcut_sla: choices: - enable - disable description: - Enable/disable use of ADVPN shortcut for quality comparison. type: str users: description: - User name. elements: dict suboptions: name: description: - User name. Source user.local.name. type: str type: list type: list speedtest_bypass_routing: choices: - disable - enable description: - Enable/disable bypass routing when speedtest on a SD-WAN member. type: str status: choices: - disable - enable description: - Enable/disable SD-WAN. type: str zone: description: - Configure SD-WAN zones. elements: dict suboptions: name: description: - Zone name. type: str service_sla_tie_break: choices: - cfg-order - fib-best-match - input-device description: - Method of selecting member if more than one meets the SLA. type: str type: list type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str