fortinet.fortios.fortios_wireless_controller_wtp – Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate in Fortinet’s FortiOS and FortiGate.

Note

This plugin is part of the fortinet.fortios collection (version 1.1.8).

To install it use: ansible-galaxy collection install fortinet.fortios.

To use it in a playbook, specify: fortinet.fortios.fortios_wireless_controller_wtp.

New in version 2.8: of fortinet.fortios

Synopsis
Requirements
Parameters
Notes
Examples
Return Values

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify wireless_controller feature and wtp category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

ansible>=2.9.0

Parameters

Parameter				Choices/Defaults	Comments
access_token string					Token-based authentication. Generated from GUI of Fortigate.
state string added in 2.9 of fortinet.fortios				Choices: present absent	Indicates whether to create or remove the object. This attribute was present already in previous version in a deeper level. It has been moved out to this outer level.
vdom string				Default: "root"	Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
wireless_controller_wtp dictionary					Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate.
	admin string			Choices: discovered disable enable	Configure how the FortiGate operating as a wireless controller discovers and manages this WTP, AP or FortiAP.
	allowaccess string			Choices: telnet http https ssh	Control management access to the managed WTP, FortiAP, or AP. Separate entries with a space.
	bonjour_profile string				Bonjour profile name. Source wireless-controller.bonjour-profile.name.
	coordinate_enable string			Choices: enable disable	Enable/disable WTP coordinates (X,Y axis).
	coordinate_latitude string				WTP latitude coordinate.
	coordinate_longitude string				WTP longitude coordinate.
	coordinate_x string				X axis coordinate.
	coordinate_y string				Y axis coordinate.
	image_download string			Choices: enable disable	Enable/disable WTP image download.
	index integer				Index (0 - 4294967295).
	ip_fragment_preventing string			Choices: tcp-mss-adjust icmp-unreachable	Method by which IP fragmentation is prevented for CAPWAP tunneled control and data packets .
	lan dictionary				WTP LAN port mapping.
		port1_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port 1 mode.
		port1_ssid string			Bridge LAN port 1 to SSID. Source wireless-controller.vap.name.
		port2_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port 2 mode.
		port2_ssid string			Bridge LAN port 2 to SSID. Source wireless-controller.vap.name.
		port3_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port 3 mode.
		port3_ssid string			Bridge LAN port 3 to SSID. Source wireless-controller.vap.name.
		port4_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port 4 mode.
		port4_ssid string			Bridge LAN port 4 to SSID. Source wireless-controller.vap.name.
		port5_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port 5 mode.
		port5_ssid string			Bridge LAN port 5 to SSID. Source wireless-controller.vap.name.
		port6_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port 6 mode.
		port6_ssid string			Bridge LAN port 6 to SSID. Source wireless-controller.vap.name.
		port7_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port 7 mode.
		port7_ssid string			Bridge LAN port 7 to SSID. Source wireless-controller.vap.name.
		port8_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port 8 mode.
		port8_ssid string			Bridge LAN port 8 to SSID. Source wireless-controller.vap.name.
		port_mode string		Choices: offline nat-to-wan bridge-to-wan bridge-to-ssid	LAN port mode.
		port_ssid string			Bridge LAN port to SSID. Source wireless-controller.vap.name.
	led_state string			Choices: enable disable	Enable to allow the FortiAPs LEDs to light. Disable to keep the LEDs off. You may want to keep the LEDs off so they are not distracting in low light areas etc.
	location string				Field for describing the physical location of the WTP, AP or FortiAP.
	login_passwd string				Set the managed WTP, FortiAP, or AP"s administrator password.
	login_passwd_change string			Choices: True default False	Change or reset the administrator password of a managed WTP, FortiAP or AP (yes, default, or no).
	mesh_bridge_enable string			Choices: default enable disable	Enable/disable mesh Ethernet bridge when WTP is configured as a mesh branch/leaf AP.
	name string				WTP, AP or FortiAP configuration name.
	override_allowaccess string			Choices: enable disable	Enable to override the WTP profile management access configuration.
	override_ip_fragment string			Choices: enable disable	Enable/disable overriding the WTP profile IP fragment prevention setting.
	override_lan string			Choices: enable disable	Enable to override the WTP profile LAN port setting.
	override_led_state string			Choices: enable disable	Enable to override the profile LED state setting for this FortiAP. You must enable this option to use the led-state command to turn off the FortiAP"s LEDs.
	override_login_passwd_change string			Choices: enable disable	Enable to override the WTP profile login-password (administrator password) setting.
	override_split_tunnel string			Choices: enable disable	Enable/disable overriding the WTP profile split tunneling setting.
	override_wan_port_mode string			Choices: enable disable	Enable/disable overriding the wan-port-mode in the WTP profile.
	radio_1 dictionary				Configuration options for radio 1.
		auto_power_high integer			Automatic transmission power high limit in decibels (dB) of the measured power referenced to one milliwatt (mW), or dBm (10 - 17 dBm).
		auto_power_level string		Choices: enable disable	Enable/disable automatic power-level adjustment to prevent co-channel interference .
		auto_power_low integer			Automatic transmission power low limit in dBm (the actual range of transmit power depends on the AP platform type).
		band string		Choices: 802.11a 802.11b 802.11g 802.11n 802.11n-5G 802.11n,g-only 802.11g-only 802.11n-only 802.11n-5G-only 802.11ac 802.11ac,n-only 802.11ac-only	WiFi band that Radio 1 operates on.
		channel list / elements=string			Selected list of wireless radio channels.
			chan string / required		Channel number.
		override_analysis string		Choices: enable disable	Enable to override the WTP profile spectrum analysis configuration.
		override_band string		Choices: enable disable	Enable to override the WTP profile band setting.
		override_channel string		Choices: enable disable	Enable to override WTP profile channel settings.
		override_txpower string		Choices: enable disable	Enable to override the WTP profile power level configuration.
		override_vaps string		Choices: enable disable	Enable to override WTP profile Virtual Access Point (VAP) settings.
		power_level integer			Radio power level as a percentage of the maximum transmit power (0 - 100).
		radio_id integer			radio-id
		spectrum_analysis string		Choices: enable disable	Enable/disable spectrum analysis to find interference that would negatively impact wireless performance.
		vap_all string		Choices: enable disable	Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) .
		vaps list / elements=string			Manually selected list of Virtual Access Points (VAPs).
			name string / required		Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name wireless-controller.vap.name.
	radio_2 dictionary				Configuration options for radio 2.
		auto_power_high integer			Automatic transmission power high limit in decibels (dB) of the measured power referenced to one milliwatt (mW), or dBm (10 - 17 dBm).
		auto_power_level string		Choices: enable disable	Enable/disable automatic power-level adjustment to prevent co-channel interference .
		auto_power_low integer			Automatic transmission power low limit in dBm (the actual range of transmit power depends on the AP platform type).
		band string		Choices: 802.11a 802.11b 802.11g 802.11n 802.11n-5G 802.11n,g-only 802.11g-only 802.11n-only 802.11n-5G-only 802.11ac 802.11ac,n-only 802.11ac-only	WiFi band that Radio 1 operates on.
		channel list / elements=string			Selected list of wireless radio channels.
			chan string / required		Channel number.
		override_analysis string		Choices: enable disable	Enable to override the WTP profile spectrum analysis configuration.
		override_band string		Choices: enable disable	Enable to override the WTP profile band setting.
		override_channel string		Choices: enable disable	Enable to override WTP profile channel settings.
		override_txpower string		Choices: enable disable	Enable to override the WTP profile power level configuration.
		override_vaps string		Choices: enable disable	Enable to override WTP profile Virtual Access Point (VAP) settings.
		power_level integer			Radio power level as a percentage of the maximum transmit power (0 - 100).
		radio_id integer			radio-id
		spectrum_analysis string		Choices: enable disable	Enable/disable spectrum analysis to find interference that would negatively impact wireless performance.
		vap_all string		Choices: enable disable	Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) .
		vaps list / elements=string			Manually selected list of Virtual Access Points (VAPs).
			name string / required		Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name wireless-controller.vap.name.
	split_tunneling_acl list / elements=string				Split tunneling ACL filter list.
		dest_ip string			Destination IP and mask for the split-tunneling subnet.
		id integer / required			ID.
	split_tunneling_acl_local_ap_subnet string			Choices: enable disable	Enable/disable automatically adding local subnetwork of FortiAP to split-tunneling ACL .
	split_tunneling_acl_path string			Choices: tunnel local	Split tunneling ACL path is local/tunnel.
	state string			Choices: present absent	Deprecated Starting with Ansible 2.9 we recommend using the top-level 'state' parameter. Indicates whether to create or remove the object.
	tun_mtu_downlink integer				Downlink tunnel MTU in octets. Set the value to either 0 (by default), 576, or 1500.
	tun_mtu_uplink integer				Uplink tunnel maximum transmission unit (MTU) in octets (eight-bit bytes). Set the value to either 0 (by default), 576, or 1500.
	wan_port_mode string			Choices: wan-lan wan-only	Enable/disable using the FortiAP WAN port as a LAN port.
	wtp_id string				WTP ID.
	wtp_mode string			Choices: normal remote	WTP, AP, or FortiAP operating mode; normal (by default) or remote. A tunnel mode SSID can be assigned to an AP in normal mode but not remote mode, while a local-bridge mode SSID can be assigned to an AP in either normal mode or remote mode.
	wtp_profile string				WTP profile name to apply to this WTP, AP or FortiAP. Source wireless-controller.wtp-profile.name.

Notes

Note

Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- hosts: fortigates
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:
  - name: Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate.
    fortios_wireless_controller_wtp:
      vdom:  "{{ vdom }}"
      state: "present"
      access_token: "<your_own_value>"
      wireless_controller_wtp:
        admin: "discovered"
        allowaccess: "telnet"
        bonjour_profile: "<your_own_value> (source wireless-controller.bonjour-profile.name)"
        coordinate_enable: "enable"
        coordinate_latitude: "<your_own_value>"
        coordinate_longitude: "<your_own_value>"
        coordinate_x: "<your_own_value>"
        coordinate_y: "<your_own_value>"
        image_download: "enable"
        index: "12"
        ip_fragment_preventing: "tcp-mss-adjust"
        lan:
            port_mode: "offline"
            port_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port1_mode: "offline"
            port1_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port2_mode: "offline"
            port2_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port3_mode: "offline"
            port3_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port4_mode: "offline"
            port4_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port5_mode: "offline"
            port5_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port6_mode: "offline"
            port6_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port7_mode: "offline"
            port7_ssid: "<your_own_value> (source wireless-controller.vap.name)"
            port8_mode: "offline"
            port8_ssid: "<your_own_value> (source wireless-controller.vap.name)"
        led_state: "enable"
        location: "<your_own_value>"
        login_passwd: "<your_own_value>"
        login_passwd_change: "yes"
        mesh_bridge_enable: "default"
        name: "default_name_38"
        override_allowaccess: "enable"
        override_ip_fragment: "enable"
        override_lan: "enable"
        override_led_state: "enable"
        override_login_passwd_change: "enable"
        override_split_tunnel: "enable"
        override_wan_port_mode: "enable"
        radio_1:
            auto_power_high: "47"
            auto_power_level: "enable"
            auto_power_low: "49"
            band: "802.11a"
            channel:
             -
                chan: "<your_own_value>"
            override_analysis: "enable"
            override_band: "enable"
            override_channel: "enable"
            override_txpower: "enable"
            override_vaps: "enable"
            power_level: "58"
            radio_id: "59"
            spectrum_analysis: "enable"
            vap_all: "enable"
            vaps:
             -
                name: "default_name_63 (source wireless-controller.vap-group.name wireless-controller.vap.name)"
        radio_2:
            auto_power_high: "65"
            auto_power_level: "enable"
            auto_power_low: "67"
            band: "802.11a"
            channel:
             -
                chan: "<your_own_value>"
            override_analysis: "enable"
            override_band: "enable"
            override_channel: "enable"
            override_txpower: "enable"
            override_vaps: "enable"
            power_level: "76"
            radio_id: "77"
            spectrum_analysis: "enable"
            vap_all: "enable"
            vaps:
             -
                name: "default_name_81 (source wireless-controller.vap-group.name wireless-controller.vap.name)"
        split_tunneling_acl:
         -
            dest_ip: "<your_own_value>"
            id:  "84"
        split_tunneling_acl_local_ap_subnet: "enable"
        split_tunneling_acl_path: "tunnel"
        tun_mtu_downlink: "87"
        tun_mtu_uplink: "88"
        wan_port_mode: "wan-lan"
        wtp_id: "<your_own_value>"
        wtp_mode: "normal"
        wtp_profile: "<your_own_value> (source wireless-controller.wtp-profile.name)"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
build string	always	Build number of the fortigate image Sample: 1547
http_method string	always	Last method used to provision the content into FortiGate Sample: PUT
http_status string	always	Last result given by FortiGate on last operation applied Sample: 200
mkey string	success	Master key (id) used in the last call to FortiGate Sample: id
name string	always	Name of the table used to fulfill the request Sample: urlfilter
path string	always	Path of the table used to fulfill the request Sample: webfilter
revision string	always	Internal revision number Sample: 17.0.2.10658
serial string	always	Serial number of the unit Sample: FGVMEVYYQT3AB5352
status string	always	Indication of the operation's result Sample: success
vdom string	always	Virtual domain used Sample: root
version string	always	Version of the FortiGate Sample: v5.6.3

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/fortinet/fortios/fortios_wireless_controller_wtp_module.html