fortinet.fortimanager.fmgr_vap_dynamicmapping – no description
Note
This plugin is part of the fortinet.fortimanager collection (version 2.0.1).
To install it use: ansible-galaxy collection install fortinet.fortimanager.
To use it in a playbook, specify: fortinet.fortimanager.fmgr_vap_dynamicmapping.
New in version 2.10: of fortinet.fortimanager
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values which need to be adjusted to data sources before usage.
Parameters
| Parameter | Choices/Defaults | Comments | ||
|---|---|---|---|---|
| adom string / required | the parameter (adom) in requested url | |||
| bypass_validation boolean |
| only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters | ||
| rc_failed list / elements=string | the rc codes list with which the conditions to fail will be overriden | |||
| rc_succeeded list / elements=string | the rc codes list with which the conditions to succeed will be overriden | |||
| state string / required |
| the directive to create, update or delete an object | ||
| vap string / required | the parameter (vap) in requested url | |||
| vap_dynamicmapping dictionary | the top level parameters set | |||
| _centmgmt string |
| no description | ||
| _dhcp_svr_id string | no description | |||
| _intf_allowaccess list / elements=string |
| no description | ||
| _intf_device-identification string |
| no description | ||
| _intf_device-netscan string |
| no description | ||
| _intf_dhcp-relay-ip string | no description | |||
| _intf_dhcp-relay-service string |
| no description | ||
| _intf_dhcp-relay-type string |
| no description | ||
| _intf_dhcp6-relay-ip string | no description | |||
| _intf_dhcp6-relay-service string |
| no description | ||
| _intf_dhcp6-relay-type string |
| no description | ||
| _intf_ip string | no description | |||
| _intf_ip6-address string | no description | |||
| _intf_ip6-allowaccess list / elements=string |
| no description | ||
| _intf_listen-forticlient-connection string |
| no description | ||
| _scope list / elements=string | no description | |||
| name string | no description | |||
| vdom string | no description | |||
| acct-interim-interval integer | no description | |||
| address-group string | no description | |||
| alias string | no description | |||
| atf-weight integer | no description | |||
| auth string |
| no description | ||
| broadcast-ssid string |
| no description | ||
| broadcast-suppression list / elements=string |
| no description | ||
| captive-portal-ac-name string | no description | |||
| captive-portal-macauth-radius-secret string | no description | |||
| captive-portal-macauth-radius-server string | no description | |||
| captive-portal-radius-secret string | no description | |||
| captive-portal-radius-server string | no description | |||
| captive-portal-session-timeout-interval integer | no description | |||
| client-count integer | no description | |||
| dhcp-lease-time integer | no description | |||
| dhcp-option82-circuit-id-insertion string |
| no description | ||
| dhcp-option82-insertion string |
| no description | ||
| dhcp-option82-remote-id-insertion string |
| no description | ||
| dynamic-vlan string |
| no description | ||
| eap-reauth string |
| no description | ||
| eap-reauth-intv integer | no description | |||
| eapol-key-retries string |
| no description | ||
| encrypt string |
| no description | ||
| external-fast-roaming string |
| no description | ||
| external-logout string | no description | |||
| external-web string | no description | |||
| fast-bss-transition string |
| no description | ||
| fast-roaming string |
| no description | ||
| ft-mobility-domain integer | no description | |||
| ft-over-ds string |
| no description | ||
| ft-r0-key-lifetime integer | no description | |||
| gtk-rekey string |
| no description | ||
| gtk-rekey-intv integer | no description | |||
| hotspot20-profile string | no description | |||
| intra-vap-privacy string |
| no description | ||
| ip string | no description | |||
| key string | no description | |||
| keyindex integer | no description | |||
| ldpc string |
| no description | ||
| local-authentication string |
| no description | ||
| local-bridging string |
| no description | ||
| local-lan string |
| no description | ||
| local-standalone string |
| no description | ||
| local-standalone-nat string |
| no description | ||
| local-switching string |
| no description | ||
| mac-auth-bypass string |
| no description | ||
| mac-filter string |
| no description | ||
| mac-filter-policy-other string |
| no description | ||
| max-clients integer | no description | |||
| max-clients-ap integer | no description | |||
| me-disable-thresh integer | no description | |||
| mesh-backhaul string |
| no description | ||
| mpsk string |
| no description | ||
| mpsk-concurrent-clients integer | no description | |||
| multicast-enhance string |
| no description | ||
| multicast-rate string |
| no description | ||
| okc string |
| no description | ||
| owe-groups list / elements=string |
| no description | ||
| owe-transition string |
| no description | ||
| owe-transition-ssid string | no description | |||
| passphrase string | no description | |||
| pmf string |
| no description | ||
| pmf-assoc-comeback-timeout integer | no description | |||
| pmf-sa-query-retry-timeout integer | no description | |||
| portal-message-override-group string | no description | |||
| portal-type string |
| no description | ||
| probe-resp-suppression string |
| no description | ||
| probe-resp-threshold string | no description | |||
| ptk-rekey string |
| no description | ||
| ptk-rekey-intv integer | no description | |||
| qos-profile string | no description | |||
| quarantine string |
| no description | ||
| radio-2g-threshold string | no description | |||
| radio-5g-threshold string | no description | |||
| radio-sensitivity string |
| no description | ||
| radius-mac-auth string |
| no description | ||
| radius-mac-auth-server string | no description | |||
| radius-mac-auth-usergroups string | no description | |||
| radius-server string | no description | |||
| rates-11a list / elements=string |
| no description | ||
| rates-11ac-ss12 list / elements=string |
| no description | ||
| rates-11ac-ss34 list / elements=string |
| no description | ||
| rates-11bg list / elements=string |
| no description | ||
| rates-11n-ss12 list / elements=string |
| no description | ||
| rates-11n-ss34 list / elements=string |
| no description | ||
| sae-groups list / elements=string |
| no description | ||
| sae-password string | no description | |||
| schedule string | no description | |||
| security string |
| no description | ||
| security-exempt-list string | no description | |||
| security-obsolete-option string |
| no description | ||
| security-redirect-url string | no description | |||
| selected-usergroups string | no description | |||
| split-tunneling string |
| no description | ||
| ssid string | no description | |||
| tkip-counter-measure string |
| no description | ||
| usergroup string | no description | |||
| utm-profile string | no description | |||
| vdom string | no description | |||
| vlan-auto string |
| no description | ||
| vlan-pooling string |
| no description | ||
| vlanid integer | no description | |||
| voice-enterprise string |
| no description | ||
| workspace_locking_adom string | the adom to lock for FortiManager running in workspace mode, the value can be global and others including root | |||
| workspace_locking_timeout integer | Default: 300 | the maximum time in seconds to wait for other user to release the workspace lock | ||
Notes
Note
- Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- To create or update an object, use state present directive.
- To delete an object, use state absent directive.
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: no description
fmgr_vap_dynamicmapping:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
vap: <your own value>
state: <value in [present, absent]>
vap_dynamicmapping:
_centmgmt: <value in [disable, enable]>
_dhcp_svr_id: <value of string>
_intf_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
_intf_device-identification: <value in [disable, enable]>
_intf_device-netscan: <value in [disable, enable]>
_intf_dhcp-relay-ip: <value of string>
_intf_dhcp-relay-service: <value in [disable, enable]>
_intf_dhcp-relay-type: <value in [regular, ipsec]>
_intf_dhcp6-relay-ip: <value of string>
_intf_dhcp6-relay-service: <value in [disable, enable]>
_intf_dhcp6-relay-type: <value in [regular]>
_intf_ip: <value of string>
_intf_ip6-address: <value of string>
_intf_ip6-allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- any
- fgfm
- capwap
_intf_listen-forticlient-connection: <value in [disable, enable]>
_scope:
-
name: <value of string>
vdom: <value of string>
acct-interim-interval: <value of integer>
address-group: <value of string>
alias: <value of string>
atf-weight: <value of integer>
auth: <value in [PSK, psk, RADIUS, ...]>
broadcast-ssid: <value in [disable, enable]>
broadcast-suppression:
- dhcp
- arp
- dhcp2
- arp2
- netbios-ns
- netbios-ds
- arp3
- dhcp-up
- dhcp-down
- arp-known
- arp-unknown
- arp-reply
- ipv6
- dhcp-starvation
- arp-poison
- all-other-mc
- all-other-bc
- arp-proxy
- dhcp-ucast
captive-portal-ac-name: <value of string>
captive-portal-macauth-radius-secret: <value of string>
captive-portal-macauth-radius-server: <value of string>
captive-portal-radius-secret: <value of string>
captive-portal-radius-server: <value of string>
captive-portal-session-timeout-interval: <value of integer>
client-count: <value of integer>
dhcp-lease-time: <value of integer>
dhcp-option82-circuit-id-insertion: <value in [disable, style-1, style-2]>
dhcp-option82-insertion: <value in [disable, enable]>
dhcp-option82-remote-id-insertion: <value in [disable, style-1]>
dynamic-vlan: <value in [disable, enable]>
eap-reauth: <value in [disable, enable]>
eap-reauth-intv: <value of integer>
eapol-key-retries: <value in [disable, enable]>
encrypt: <value in [TKIP, AES, TKIP-AES]>
external-fast-roaming: <value in [disable, enable]>
external-logout: <value of string>
external-web: <value of string>
fast-bss-transition: <value in [disable, enable]>
fast-roaming: <value in [disable, enable]>
ft-mobility-domain: <value of integer>
ft-over-ds: <value in [disable, enable]>
ft-r0-key-lifetime: <value of integer>
gtk-rekey: <value in [disable, enable]>
gtk-rekey-intv: <value of integer>
hotspot20-profile: <value of string>
intra-vap-privacy: <value in [disable, enable]>
ip: <value of string>
key: <value of string>
keyindex: <value of integer>
ldpc: <value in [disable, tx, rx, ...]>
local-authentication: <value in [disable, enable]>
local-bridging: <value in [disable, enable]>
local-lan: <value in [deny, allow]>
local-standalone: <value in [disable, enable]>
local-standalone-nat: <value in [disable, enable]>
local-switching: <value in [disable, enable]>
mac-auth-bypass: <value in [disable, enable]>
mac-filter: <value in [disable, enable]>
mac-filter-policy-other: <value in [deny, allow]>
max-clients: <value of integer>
max-clients-ap: <value of integer>
me-disable-thresh: <value of integer>
mesh-backhaul: <value in [disable, enable]>
mpsk: <value in [disable, enable]>
mpsk-concurrent-clients: <value of integer>
multicast-enhance: <value in [disable, enable]>
multicast-rate: <value in [0, 6000, 12000, ...]>
okc: <value in [disable, enable]>
owe-groups:
- 19
- 20
- 21
owe-transition: <value in [disable, enable]>
owe-transition-ssid: <value of string>
passphrase: <value of string>
pmf: <value in [disable, enable, optional]>
pmf-assoc-comeback-timeout: <value of integer>
pmf-sa-query-retry-timeout: <value of integer>
portal-message-override-group: <value of string>
portal-type: <value in [auth, auth+disclaimer, disclaimer, ...]>
probe-resp-suppression: <value in [disable, enable]>
probe-resp-threshold: <value of string>
ptk-rekey: <value in [disable, enable]>
ptk-rekey-intv: <value of integer>
qos-profile: <value of string>
quarantine: <value in [disable, enable]>
radio-2g-threshold: <value of string>
radio-5g-threshold: <value of string>
radio-sensitivity: <value in [disable, enable]>
radius-mac-auth: <value in [disable, enable]>
radius-mac-auth-server: <value of string>
radius-mac-auth-usergroups: <value of string>
radius-server: <value of string>
rates-11a:
- 1
- 1-basic
- 2
- 2-basic
- 5.5
- 5.5-basic
- 6
- 6-basic
- 9
- 9-basic
- 12
- 12-basic
- 18
- 18-basic
- 24
- 24-basic
- 36
- 36-basic
- 48
- 48-basic
- 54
- 54-basic
- 11
- 11-basic
rates-11ac-ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/1
- mcs9/1
- mcs0/2
- mcs1/2
- mcs2/2
- mcs3/2
- mcs4/2
- mcs5/2
- mcs6/2
- mcs7/2
- mcs8/2
- mcs9/2
- mcs10/1
- mcs11/1
- mcs10/2
- mcs11/2
rates-11ac-ss34:
- mcs0/3
- mcs1/3
- mcs2/3
- mcs3/3
- mcs4/3
- mcs5/3
- mcs6/3
- mcs7/3
- mcs8/3
- mcs9/3
- mcs0/4
- mcs1/4
- mcs2/4
- mcs3/4
- mcs4/4
- mcs5/4
- mcs6/4
- mcs7/4
- mcs8/4
- mcs9/4
- mcs10/3
- mcs11/3
- mcs10/4
- mcs11/4
rates-11bg:
- 1
- 1-basic
- 2
- 2-basic
- 5.5
- 5.5-basic
- 6
- 6-basic
- 9
- 9-basic
- 12
- 12-basic
- 18
- 18-basic
- 24
- 24-basic
- 36
- 36-basic
- 48
- 48-basic
- 54
- 54-basic
- 11
- 11-basic
rates-11n-ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/2
- mcs9/2
- mcs10/2
- mcs11/2
- mcs12/2
- mcs13/2
- mcs14/2
- mcs15/2
rates-11n-ss34:
- mcs16/3
- mcs17/3
- mcs18/3
- mcs19/3
- mcs20/3
- mcs21/3
- mcs22/3
- mcs23/3
- mcs24/4
- mcs25/4
- mcs26/4
- mcs27/4
- mcs28/4
- mcs29/4
- mcs30/4
- mcs31/4
sae-groups:
- 1
- 2
- 5
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 27
- 28
- 29
- 30
- 31
sae-password: <value of string>
schedule: <value of string>
security: <value in [None, WEP64, wep64, ...]>
security-exempt-list: <value of string>
security-obsolete-option: <value in [disable, enable]>
security-redirect-url: <value of string>
selected-usergroups: <value of string>
split-tunneling: <value in [disable, enable]>
ssid: <value of string>
tkip-counter-measure: <value in [disable, enable]>
usergroup: <value of string>
utm-profile: <value of string>
vdom: <value of string>
vlan-auto: <value in [disable, enable]>
vlan-pooling: <value in [wtp-group, round-robin, hash, ...]>
vlanid: <value of integer>
voice-enterprise: <value in [disable, enable]>
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| request_url string | always | The full url requested Sample: /sys/login/user |
| response_code integer | always | The status of api request |
| response_message string | always | The descriptive message of the api response Sample: OK. |
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/fortinet/fortimanager/fmgr_vap_dynamicmapping_module.html