/ home / paloaltonetworks / paloaltonetworks.panos / 2.19.1 / module / panos_interface

paloaltonetworks.panos.panos_interface (2.19.1) — module

Manage data-port network interfaces

| "added in version" 1.0.0 of paloaltonetworks.panos"

Authors: Luigi Mori (@jtschichold), Ivan Bojer (@ivanbojer), Garfield Lee Freeman (@shinmog)

Install collection

Install with ansible-galaxy collection install paloaltonetworks.panos:==2.19.1

Add to requirements.yml

  collections:
    - name: paloaltonetworks.panos
      version: 2.19.1

Description

Manage data-port (DP) network interface. By default DP interfaces are static.

Requirements

pan-python can be obtained from PyPI U(https://pypi.python.org/pypi/pan-python)
pandevice can be obtained from PyPI U(https://pypi.python.org/pypi/pandevice)
pandevice >= 0.8.0

Usage examples

Scanned by Steampunk Spotter

# Create ethernet1/1 as DHCP.
- name: enable DHCP client on ethernet1/1 in zone public
  paloaltonetworks.panos.panos_interface:
    provider: '{{ provider }}'
    if_name: "ethernet1/1"
    zone_name: "public"
    create_default_route: "yes"

Scanned by Steampunk Spotter

# Update ethernet1/2 with a static IP address in zone dmz.
- name: ethernet1/2 as static in zone dmz
  paloaltonetworks.panos.panos_interface:
    provider: '{{ provider }}'
    if_name: "ethernet1/2"
    mode: "layer3"
    ip: ["10.1.1.1/24"]
    enable_dhcp: false
    zone_name: "dmz"

Inputs

    
ip:
    description:
    - List of static IP addresses.
    elements: str
    type: list

mtu:
    description:
    - MTU for layer3 interface.
    type: int

mode:
    choices:
    - layer3
    - layer2
    - virtual-wire
    - tap
    - ha
    - decrypt-mirror
    - aggregate-group
    default: layer3
    description:
    - The interface mode.
    type: str

port:
    default: 443
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The port number to connect to the PAN-OS device on.
    type: int

vsys:
    description:
    - The vsys this object should be imported into.  Objects that are imported include
      interfaces, virtual routers, virtual wires, and VLANs.  Interfaces are typically
      imported into vsys1 if no vsys is specified.
    type: str

state:
    choices:
    - present
    - absent
    - replaced
    - merged
    - deleted
    - gathered
    default: present
    description:
    - The state.
    type: str

commit:
    description:
    - B(Deprecated)
    - Please use M(paloaltonetworks.panos.panos_commit_firewall), M(paloaltonetworks.panos.panos_commit_panorama),
      M(paloaltonetworks.panos.panos_commit_push) instead.
    - HORIZONTALLINE
    - Commit changes after creating object.  If I(ip_address) is a Panorama device, and
      I(device_group) or I(template) are also set, perform a commit to Panorama and a
      commit-all to the device group/template.
    type: bool

api_key:
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The API key to use instead of generating it using I(username) / I(password).
    type: str

comment:
    description:
    - Interface comment.
    type: str

if_name:
    description:
    - Name of the interface to configure.
    type: str

vr_name:
    default: default
    description:
    - Name of the virtual router; it must already exist.
    type: str

vsys_dg:
    description:
    - B(Deprecated)
    - Use I(vsys) to specify the vsys instead.
    - HORIZONTALLINE
    - Name of the vsys (if firewall) or device group (if panorama) to put this object.
    type: str

password:
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The password to use for authentication.  This is ignored if I(api_key) is specified.
    type: str

provider:
    description:
    - A dict object containing connection details.
    suboptions:
      api_key:
        description:
        - The API key to use instead of generating it using I(username) / I(password).
        type: str
      ip_address:
        description:
        - The IP address or hostname of the PAN-OS device being configured.
        type: str
      password:
        description:
        - The password to use for authentication.  This is ignored if I(api_key) is specified.
        type: str
      port:
        default: 443
        description:
        - The port number to connect to the PAN-OS device on.
        type: int
      serial_number:
        description:
        - The serial number of a firewall to use for targeted commands. If I(ip_address)
          is not a Panorama PAN-OS device, then this param is ignored.
        type: str
      username:
        default: admin
        description:
        - The username to use for authentication.  This is ignored if I(api_key) is specified.
        type: str
    type: dict
    version_added: 1.0.0
    version_added_collection: paloaltonetworks.panos

template:
    description:
    - (Panorama only) The template this operation should target.  This param is required
      if the PAN-OS device is Panorama.
    type: str

username:
    default: admin
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The username to use for authentication.  This is ignored if I(api_key) is specified.
    type: str

vlan_name:
    description:
    - The VLAN to put this interface in.
    - If the VLAN does not exist it is created.
    - Only specify this if I(mode=layer2).
    type: str

zone_name:
    description:
    - Name of the zone for the interface.
    - If the zone does not exist it is created.
    - If the zone already exists its mode should match I(mode).
    type: str

ip_address:
    description:
    - B(Deprecated)
    - Use I(provider) to specify PAN-OS connectivity instead.
    - HORIZONTALLINE
    - The IP address or hostname of the PAN-OS device being configured.
    type: str

link_speed:
    choices:
    - auto
    - '10'
    - '100'
    - '1000'
    description:
    - Link speed.
    type: str

link_state:
    choices:
    - auto
    - up
    - down
    description:
    - Link state.
    type: str

enable_dhcp:
    default: true
    description:
    - Enable DHCP on this interface.
    type: bool

link_duplex:
    choices:
    - auto
    - full
    - half
    description:
    - Link duplex.
    type: str

ipv6_enabled:
    description:
    - Enable IPv6.
    type: bool

lldp_enabled:
    description:
    - Enable LLDP for layer2 interface.
    type: str

lldp_profile:
    description:
    - LLDP profile name for layer2 interface.
    type: str

adjust_tcp_mss:
    description:
    - Adjust TCP MSS for layer3 interface.
    type: bool

aggregate_group:
    description:
    - Aggregate interface name.
    type: str

gathered_filter:
    description:
    - When I(state=gathered).
    - An advanced filtering option to filter results returned from PAN-OS.
    - Refer to the guide discussing I(gathered_filter) for more information.
    type: str

ipv4_mss_adjust:
    description:
    - (7.1+) TCP MSS adjustment for IPv4.
    type: int

ipv6_mss_adjust:
    description:
    - (7.1+) TCP MSS adjustment for IPv6.
    type: int

netflow_profile:
    description:
    - Netflow profile for layer3 interface.
    type: str

management_profile:
    description:
    - Interface management profile name.
    type: str

netflow_profile_l2:
    description:
    - Netflow profile name for layer2 interface.
    type: str

create_default_route:
    default: false
    description:
    - Whether or not to add default route with router learned via DHCP.
    type: bool

dhcp_default_route_metric:
    description:
    - Metric for the DHCP default route.
    type: int