fortinet.fortimanager.fmgr_fsp_vlan_interface – Configure interfaces.
Note
This plugin is part of the fortinet.fortimanager collection (version 2.1.3).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install fortinet.fortimanager.
To use it in a playbook, specify: fortinet.fortimanager.fmgr_fsp_vlan_interface.
New in version 2.10: of fortinet.fortimanager
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values which need to be adjusted to data sources before usage.
Parameters
| Parameter | Choices/Defaults | Comments | |||
|---|---|---|---|---|---|
| adom
string / required
|
the parameter (adom) in requested url
|
||||
| bypass_validation
boolean
|
|
only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters
|
|||
| enable_log
boolean
|
|
Enable/Disable logging for task
|
|||
| fsp_vlan_interface
dictionary
|
the top level parameters set
|
||||
| ac-name
string
|
no description
|
||||
| aggregate
string
|
no description
|
||||
| algorithm
string
|
|
no description
|
|||
| alias
string
|
no description
|
||||
| allowaccess
list / elements=string
|
|
no description
|
|||
| ap-discover
string
|
|
no description
|
|||
| arpforward
string
|
|
no description
|
|||
| atm-protocol
string
|
|
no description
|
|||
| auth-type
string
|
|
no description
|
|||
| auto-auth-extension-device
string
|
|
no description
|
|||
| bandwidth-measure-time
integer
|
no description
|
||||
| bfd
string
|
|
no description
|
|||
| bfd-desired-min-tx
integer
|
no description
|
||||
| bfd-detect-mult
integer
|
no description
|
||||
| bfd-required-min-rx
integer
|
no description
|
||||
| broadcast-forticlient-discovery
string
|
|
no description
|
|||
| broadcast-forward
string
|
|
no description
|
|||
| captive-portal
integer
|
no description
|
||||
| cli-conn-status
integer
|
no description
|
||||
| color
integer
|
no description
|
||||
| ddns
string
|
|
no description
|
|||
| ddns-auth
string
|
|
no description
|
|||
| ddns-domain
string
|
no description
|
||||
| ddns-key
string
|
no description
|
||||
| ddns-keyname
string
|
no description
|
||||
| ddns-password
string
|
no description
|
||||
| ddns-server
string
|
|
no description
|
|||
| ddns-server-ip
string
|
no description
|
||||
| ddns-sn
string
|
no description
|
||||
| ddns-ttl
integer
|
no description
|
||||
| ddns-username
string
|
no description
|
||||
| ddns-zone
string
|
no description
|
||||
| dedicated-to
string
|
|
no description
|
|||
| defaultgw
string
|
|
no description
|
|||
| description
string
|
no description
|
||||
| detected-peer-mtu
integer
|
no description
|
||||
| detectprotocol
list / elements=string
|
|
no description
|
|||
| detectserver
string
|
no description
|
||||
| device-access-list
string
|
no description
|
||||
| device-identification
string
|
|
no description
|
|||
| device-identification-active-scan
string
|
|
no description
|
|||
| device-netscan
string
|
|
no description
|
|||
| device-user-identification
string
|
|
no description
|
|||
| devindex
integer
|
no description
|
||||
| dhcp-client-identifier
string
|
no description
|
||||
| dhcp-relay-agent-option
string
|
|
no description
|
|||
| dhcp-relay-interface
string
|
no description
|
||||
| dhcp-relay-interface-select-method
string
|
|
no description
|
|||
| dhcp-relay-ip
string
|
no description
|
||||
| dhcp-relay-request-all-server
string
|
|
Enable/disable sending of DHCP requests to all servers.
|
|||
| dhcp-relay-service
string
|
|
no description
|
|||
| dhcp-relay-type
string
|
|
no description
|
|||
| dhcp-renew-time
integer
|
no description
|
||||
| disc-retry-timeout
integer
|
no description
|
||||
| disconnect-threshold
integer
|
no description
|
||||
| distance
integer
|
no description
|
||||
| dns-query
string
|
|
no description
|
|||
| dns-server-override
string
|
|
no description
|
|||
| drop-fragment
string
|
|
no description
|
|||
| drop-overlapped-fragment
string
|
|
no description
|
|||
| egress-cos
string
|
|
no description
|
|||
| egress-shaping-profile
string
|
no description
|
||||
| eip
string
|
no description
|
||||
| endpoint-compliance
string
|
|
no description
|
|||
| estimated-downstream-bandwidth
integer
|
no description
|
||||
| estimated-upstream-bandwidth
integer
|
no description
|
||||
| explicit-ftp-proxy
string
|
|
no description
|
|||
| explicit-web-proxy
string
|
|
no description
|
|||
| external
string
|
|
no description
|
|||
| fail-action-on-extender
string
|
|
no description
|
|||
| fail-alert-interfaces
string
|
no description
|
||||
| fail-alert-method
string
|
|
no description
|
|||
| fail-detect
string
|
|
no description
|
|||
| fail-detect-option
list / elements=string
|
|
no description
|
|||
| fdp
string
|
|
no description
|
|||
| fortiheartbeat
string
|
|
no description
|
|||
| fortilink
string
|
|
no description
|
|||
| fortilink-backup-link
integer
|
no description
|
||||
| fortilink-neighbor-detect
string
|
|
no description
|
|||
| fortilink-split-interface
string
|
|
no description
|
|||
| fortilink-stacking
string
|
|
no description
|
|||
| forward-domain
integer
|
no description
|
||||
| forward-error-correction
string
|
|
no description
|
|||
| fp-anomaly
list / elements=string
|
|
no description
|
|||
| fp-disable
list / elements=string
|
|
no description
|
|||
| gateway-address
string
|
no description
|
||||
| gi-gk
string
|
|
no description
|
|||
| gwaddr
string
|
no description
|
||||
| gwdetect
string
|
|
no description
|
|||
| ha-priority
integer
|
no description
|
||||
| icmp-accept-redirect
string
|
|
no description
|
|||
| icmp-redirect
string
|
|
no description
|
|||
| icmp-send-redirect
string
|
|
no description
|
|||
| ident-accept
string
|
|
no description
|
|||
| idle-timeout
integer
|
no description
|
||||
| if-mdix
string
|
|
no description
|
|||
| if-media
string
|
|
no description
|
|||
| in-force-vlan-cos
integer
|
no description
|
||||
| inbandwidth
integer
|
no description
|
||||
| ingress-cos
string
|
|
no description
|
|||
| ingress-shaping-profile
string
|
no description
|
||||
| ingress-spillover-threshold
integer
|
no description
|
||||
| internal
integer
|
no description
|
||||
| ip
string
|
no description
|
||||
| ip-managed-by-fortiipam
string
|
|
no description
|
|||
| ipmac
string
|
|
no description
|
|||
| ips-sniffer-mode
string
|
|
no description
|
|||
| ipunnumbered
string
|
no description
|
||||
| ipv6
dictionary
|
no description
|
||||
| autoconf
string
|
|
no description
|
|||
| cli-conn6-status
integer
|
no description
|
||||
| dhcp6-client-options
list / elements=string
|
|
no description
|
|||
| dhcp6-information-request
string
|
|
no description
|
|||
| dhcp6-prefix-delegation
string
|
|
no description
|
|||
| dhcp6-prefix-hint
string
|
no description
|
||||
| dhcp6-prefix-hint-plt
integer
|
no description
|
||||
| dhcp6-prefix-hint-vlt
integer
|
no description
|
||||
| dhcp6-relay-ip
string
|
no description
|
||||
| dhcp6-relay-service
string
|
|
no description
|
|||
| dhcp6-relay-type
string
|
|
no description
|
|||
| icmp6-send-redirect
string
|
|
Enable/disable sending of ICMPv6 redirects.
|
|||
| interface-identifier
string
|
no description
|
||||
| ip6-address
string
|
no description
|
||||
| ip6-allowaccess
list / elements=string
|
|
no description
|
|||
| ip6-default-life
integer
|
no description
|
||||
| ip6-delegated-prefix-list
list / elements=string
|
no description
|
||||
| autonomous-flag
string
|
|
no description
|
|||
| onlink-flag
string
|
|
no description
|
|||
| prefix-id
integer
|
no description
|
||||
| rdnss
string
|
no description
|
||||
| rdnss-service
string
|
|
no description
|
|||
| subnet
string
|
no description
|
||||
| upstream-interface
string
|
no description
|
||||
| ip6-dns-server-override
string
|
|
no description
|
|||
| ip6-extra-addr
list / elements=string
|
no description
|
||||
| prefix
string
|
no description
|
||||
| ip6-hop-limit
integer
|
no description
|
||||
| ip6-link-mtu
integer
|
no description
|
||||
| ip6-manage-flag
string
|
|
no description
|
|||
| ip6-max-interval
integer
|
no description
|
||||
| ip6-min-interval
integer
|
no description
|
||||
| ip6-mode
string
|
|
no description
|
|||
| ip6-other-flag
string
|
|
no description
|
|||
| ip6-prefix-list
list / elements=string
|
no description
|
||||
| autonomous-flag
string
|
|
no description
|
|||
| dnssl
string
|
no description
|
||||
| onlink-flag
string
|
|
no description
|
|||
| preferred-life-time
integer
|
no description
|
||||
| prefix
string
|
no description
|
||||
| rdnss
string
|
no description
|
||||
| valid-life-time
integer
|
no description
|
||||
| ip6-prefix-mode
string
|
|
Assigning a prefix from DHCP or RA.
|
|||
| ip6-reachable-time
integer
|
no description
|
||||
| ip6-retrans-time
integer
|
no description
|
||||
| ip6-send-adv
string
|
|
no description
|
|||
| ip6-subnet
string
|
no description
|
||||
| ip6-upstream-interface
string
|
no description
|
||||
| nd-cert
string
|
no description
|
||||
| nd-cga-modifier
string
|
no description
|
||||
| nd-mode
string
|
|
no description
|
|||
| nd-security-level
integer
|
no description
|
||||
| nd-timestamp-delta
integer
|
no description
|
||||
| nd-timestamp-fuzz
integer
|
no description
|
||||
| ra-send-mtu
string
|
|
Enable/disable sending link MTU in RA packet.
|
|||
| unique-autoconf-addr
string
|
|
no description
|
|||
| vrip6_link_local
string
|
no description
|
||||
| vrrp-virtual-mac6
string
|
|
no description
|
|||
| vrrp6
list / elements=string
|
no description
|
||||
| accept-mode
string
|
|
no description
|
|||
| adv-interval
integer
|
no description
|
||||
| preempt
string
|
|
no description
|
|||
| priority
integer
|
no description
|
||||
| start-time
integer
|
no description
|
||||
| status
string
|
|
no description
|
|||
| vrdst6
string
|
no description
|
||||
| vrgrp
integer
|
no description
|
||||
| vrid
integer
|
no description
|
||||
| vrip6
string
|
no description
|
||||
| l2forward
string
|
|
no description
|
|||
| l2tp-client
string
|
|
no description
|
|||
| lacp-ha-slave
string
|
|
no description
|
|||
| lacp-mode
string
|
|
no description
|
|||
| lacp-speed
string
|
|
no description
|
|||
| lcp-echo-interval
integer
|
no description
|
||||
| lcp-max-echo-fails
integer
|
no description
|
||||
| link-up-delay
integer
|
no description
|
||||
| listen-forticlient-connection
string
|
|
no description
|
|||
| lldp-network-policy
string
|
no description
|
||||
| lldp-reception
string
|
|
no description
|
|||
| lldp-transmission
string
|
|
no description
|
|||
| log
string
|
|
no description
|
|||
| macaddr
string
|
no description
|
||||
| managed-subnetwork-size
string
|
|
no description
|
|||
| management-ip
string
|
no description
|
||||
| max-egress-burst-rate
integer
|
no description
|
||||
| max-egress-rate
integer
|
no description
|
||||
| measured-downstream-bandwidth
integer
|
no description
|
||||
| measured-upstream-bandwidth
integer
|
no description
|
||||
| mediatype
string
|
|
no description
|
|||
| member
string
|
no description
|
||||
| min-links
integer
|
no description
|
||||
| min-links-down
string
|
|
no description
|
|||
| mode
string
|
|
no description
|
|||
| monitor-bandwidth
string
|
|
no description
|
|||
| mtu
integer
|
no description
|
||||
| mtu-override
string
|
|
no description
|
|||
| mux-type
string
|
|
no description
|
|||
| name
string
|
no description
|
||||
| ndiscforward
string
|
|
no description
|
|||
| netbios-forward
string
|
|
no description
|
|||
| netflow-sampler
string
|
|
no description
|
|||
| np-qos-profile
integer
|
no description
|
||||
| npu-fastpath
string
|
|
no description
|
|||
| nst
string
|
|
no description
|
|||
| out-force-vlan-cos
integer
|
no description
|
||||
| outbandwidth
integer
|
no description
|
||||
| padt-retry-timeout
integer
|
no description
|
||||
| password
string
|
no description
|
||||
| peer-interface
string
|
no description
|
||||
| phy-mode
string
|
|
no description
|
|||
| ping-serv-status
integer
|
no description
|
||||
| poe
string
|
|
no description
|
|||
| polling-interval
integer
|
no description
|
||||
| pppoe-unnumbered-negotiate
string
|
|
no description
|
|||
| pptp-auth-type
string
|
|
no description
|
|||
| pptp-client
string
|
|
no description
|
|||
| pptp-password
string
|
no description
|
||||
| pptp-server-ip
string
|
no description
|
||||
| pptp-timeout
integer
|
no description
|
||||
| pptp-user
string
|
no description
|
||||
| preserve-session-route
string
|
|
no description
|
|||
| priority
integer
|
no description
|
||||
| priority-override
string
|
|
no description
|
|||
| proxy-captive-portal
string
|
|
no description
|
|||
| redundant-interface
string
|
no description
|
||||
| remote-ip
string
|
no description
|
||||
| replacemsg-override-group
string
|
no description
|
||||
| retransmission
string
|
|
no description
|
|||
| ring-rx
integer
|
no description
|
||||
| ring-tx
integer
|
no description
|
||||
| role
string
|
|
no description
|
|||
| sample-direction
string
|
|
no description
|
|||
| sample-rate
integer
|
no description
|
||||
| scan-botnet-connections
string
|
|
no description
|
|||
| secondary-IP
string
|
|
no description
|
|||
| secondaryip
list / elements=string
|
no description
|
||||
| allowaccess
list / elements=string
|
|
no description
|
|||
| detectprotocol
list / elements=string
|
|
no description
|
|||
| detectserver
string
|
no description
|
||||
| gwdetect
string
|
|
no description
|
|||
| ha-priority
integer
|
no description
|
||||
| id
integer
|
no description
|
||||
| ip
string
|
no description
|
||||
| ping-serv-status
integer
|
no description
|
||||
| seq
integer
|
no description
|
||||
| security-8021x-dynamic-vlan-id
integer
|
no description
|
||||
| security-8021x-master
string
|
no description
|
||||
| security-8021x-mode
string
|
|
no description
|
|||
| security-exempt-list
string
|
no description
|
||||
| security-external-logout
string
|
no description
|
||||
| security-external-web
string
|
no description
|
||||
| security-groups
string
|
no description
|
||||
| security-mac-auth-bypass
string
|
|
no description
|
|||
| security-mode
string
|
|
no description
|
|||
| security-redirect-url
string
|
no description
|
||||
| service-name
string
|
no description
|
||||
| sflow-sampler
string
|
|
no description
|
|||
| speed
string
|
|
no description
|
|||
| spillover-threshold
integer
|
no description
|
||||
| src-check
string
|
|
no description
|
|||
| status
string
|
|
no description
|
|||
| stp
string
|
|
no description
|
|||
| stp-ha-secondary
string
|
|
Control STP behaviour on HA secondary.
|
|||
| stp-ha-slave
string
|
|
no description
|
|||
| stpforward
string
|
|
no description
|
|||
| stpforward-mode
string
|
|
no description
|
|||
| strip-priority-vlan-tag
string
|
|
no description
|
|||
| subst
string
|
|
no description
|
|||
| substitute-dst-mac
string
|
no description
|
||||
| swc-first-create
integer
|
Initial create for switch-controller VLANs.
|
||||
| swc-vlan
integer
|
no description
|
||||
| switch
string
|
no description
|
||||
| switch-controller-access-vlan
string
|
|
no description
|
|||
| switch-controller-arp-inspection
string
|
|
no description
|
|||
| switch-controller-auth
string
|
|
no description
|
|||
| switch-controller-dhcp-snooping
string
|
|
no description
|
|||
| switch-controller-dhcp-snooping-option82
string
|
|
no description
|
|||
| switch-controller-dhcp-snooping-verify-mac
string
|
|
no description
|
|||
| switch-controller-dynamic
string
|
Integrated FortiLink settings for managed FortiSwitch.
|
||||
| switch-controller-feature
string
|
|
no description
|
|||
| switch-controller-igmp-snooping
string
|
|
no description
|
|||
| switch-controller-igmp-snooping-fast-leave
string
|
|
no description
|
|||
| switch-controller-igmp-snooping-proxy
string
|
|
no description
|
|||
| switch-controller-iot-scanning
string
|
|
Enable/disable managed FortiSwitch IoT scanning.
|
|||
| switch-controller-learning-limit
integer
|
no description
|
||||
| switch-controller-mgmt-vlan
integer
|
no description
|
||||
| switch-controller-nac
string
|
no description
|
||||
| switch-controller-radius-server
string
|
no description
|
||||
| switch-controller-rspan-mode
string
|
|
no description
|
|||
| switch-controller-source-ip
string
|
|
Source IP address used in FortiLink over L3 connections.
|
|||
| switch-controller-traffic-policy
string
|
no description
|
||||
| tc-mode
string
|
|
no description
|
|||
| tcp-mss
integer
|
no description
|
||||
| trunk
string
|
|
no description
|
|||
| trust-ip-1
string
|
no description
|
||||
| trust-ip-2
string
|
no description
|
||||
| trust-ip-3
string
|
no description
|
||||
| trust-ip6-1
string
|
no description
|
||||
| trust-ip6-2
string
|
no description
|
||||
| trust-ip6-3
string
|
no description
|
||||
| type
string
|
|
no description
|
|||
| username
string
|
no description
|
||||
| vci
integer
|
no description
|
||||
| vectoring
string
|
|
no description
|
|||
| vindex
integer
|
no description
|
||||
| vlan-protocol
string
|
|
no description
|
|||
| vlanforward
string
|
|
no description
|
|||
| vlanid
integer
|
no description
|
||||
| vpi
integer
|
no description
|
||||
| vrf
integer
|
no description
|
||||
| vrrp
list / elements=string
|
no description
|
||||
| accept-mode
string
|
|
no description
|
|||
| adv-interval
integer
|
no description
|
||||
| ignore-default-route
string
|
|
no description
|
|||
| preempt
string
|
|
no description
|
|||
| priority
integer
|
no description
|
||||
| start-time
integer
|
no description
|
||||
| status
string
|
|
no description
|
|||
| version
string
|
|
no description
|
|||
| vrdst
string
|
no description
|
||||
| vrdst-priority
integer
|
no description
|
||||
| vrgrp
integer
|
no description
|
||||
| vrid
integer
|
no description
|
||||
| vrip
string
|
no description
|
||||
| vrrp-virtual-mac
string
|
|
no description
|
|||
| wccp
string
|
|
no description
|
|||
| weight
integer
|
no description
|
||||
| wifi-5g-threshold
string
|
no description
|
||||
| wifi-acl
string
|
|
no description
|
|||
| wifi-ap-band
string
|
|
no description
|
|||
| wifi-auth
string
|
|
no description
|
|||
| wifi-auto-connect
string
|
|
no description
|
|||
| wifi-auto-save
string
|
|
no description
|
|||
| wifi-broadcast-ssid
string
|
|
no description
|
|||
| wifi-encrypt
string
|
|
no description
|
|||
| wifi-fragment-threshold
integer
|
no description
|
||||
| wifi-key
string
|
no description
|
||||
| wifi-keyindex
integer
|
no description
|
||||
| wifi-mac-filter
string
|
|
no description
|
|||
| wifi-passphrase
string
|
no description
|
||||
| wifi-radius-server
string
|
no description
|
||||
| wifi-rts-threshold
integer
|
no description
|
||||
| wifi-security
string
|
|
no description
|
|||
| wifi-ssid
string
|
no description
|
||||
| wifi-usergroup
string
|
no description
|
||||
| wins-ip
string
|
no description
|
||||
| proposed_method
string
|
|
The overridden method for the underlying Json RPC request
|
|||
| rc_failed
list / elements=string
|
the rc codes list with which the conditions to fail will be overriden
|
||||
| rc_succeeded
list / elements=string
|
the rc codes list with which the conditions to succeed will be overriden
|
||||
| state
string / required
|
|
the directive to create, update or delete an object
|
|||
| vlan
string / required
|
the parameter (vlan) in requested url
|
||||
| workspace_locking_adom
string
|
the adom to lock for FortiManager running in workspace mode, the value can be global and others including root
|
||||
| workspace_locking_timeout
integer
|
Default:
300
|
the maximum time in seconds to wait for other user to release the workspace lock
|
|||
Notes
Note
- Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- To create or update an object, use state present directive.
- To delete an object, use state absent directive.
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure interfaces.
fmgr_fsp_vlan_interface:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
vlan: <your own value>
fsp_vlan_interface:
ac-name: <value of string>
aggregate: <value of string>
algorithm: <value in [L2, L3, L4]>
alias: <value of string>
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
ap-discover: <value in [disable, enable]>
arpforward: <value in [disable, enable]>
atm-protocol: <value in [none, ipoa]>
auth-type: <value in [auto, pap, chap, ...]>
auto-auth-extension-device: <value in [disable, enable]>
bfd: <value in [global, enable, disable]>
bfd-desired-min-tx: <value of integer>
bfd-detect-mult: <value of integer>
bfd-required-min-rx: <value of integer>
broadcast-forticlient-discovery: <value in [disable, enable]>
broadcast-forward: <value in [disable, enable]>
captive-portal: <value of integer>
cli-conn-status: <value of integer>
color: <value of integer>
ddns: <value in [disable, enable]>
ddns-auth: <value in [disable, tsig]>
ddns-domain: <value of string>
ddns-key: <value of string>
ddns-keyname: <value of string>
ddns-password: <value of string>
ddns-server: <value in [dhs.org, dyndns.org, dyns.net, ...]>
ddns-server-ip: <value of string>
ddns-sn: <value of string>
ddns-ttl: <value of integer>
ddns-username: <value of string>
ddns-zone: <value of string>
dedicated-to: <value in [none, management]>
defaultgw: <value in [disable, enable]>
description: <value of string>
detected-peer-mtu: <value of integer>
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <value of string>
device-access-list: <value of string>
device-identification: <value in [disable, enable]>
device-identification-active-scan: <value in [disable, enable]>
device-netscan: <value in [disable, enable]>
device-user-identification: <value in [disable, enable]>
devindex: <value of integer>
dhcp-client-identifier: <value of string>
dhcp-relay-agent-option: <value in [disable, enable]>
dhcp-relay-ip: <value of string>
dhcp-relay-service: <value in [disable, enable]>
dhcp-relay-type: <value in [regular, ipsec]>
dhcp-renew-time: <value of integer>
disc-retry-timeout: <value of integer>
disconnect-threshold: <value of integer>
distance: <value of integer>
dns-query: <value in [disable, recursive, non-recursive]>
dns-server-override: <value in [disable, enable]>
drop-fragment: <value in [disable, enable]>
drop-overlapped-fragment: <value in [disable, enable]>
egress-cos: <value in [disable, cos0, cos1, ...]>
egress-shaping-profile: <value of string>
endpoint-compliance: <value in [disable, enable]>
estimated-downstream-bandwidth: <value of integer>
estimated-upstream-bandwidth: <value of integer>
explicit-ftp-proxy: <value in [disable, enable]>
explicit-web-proxy: <value in [disable, enable]>
external: <value in [disable, enable]>
fail-action-on-extender: <value in [soft-restart, hard-restart, reboot]>
fail-alert-interfaces: <value of string>
fail-alert-method: <value in [link-failed-signal, link-down]>
fail-detect: <value in [disable, enable]>
fail-detect-option:
- detectserver
- link-down
fdp: <value in [disable, enable]>
fortiheartbeat: <value in [disable, enable]>
fortilink: <value in [disable, enable]>
fortilink-backup-link: <value of integer>
fortilink-split-interface: <value in [disable, enable]>
fortilink-stacking: <value in [disable, enable]>
forward-domain: <value of integer>
forward-error-correction: <value in [disable, enable, rs-fec, ...]>
fp-anomaly:
- drop_tcp_fin_noack
- pass_winnuke
- pass_tcpland
- pass_udpland
- pass_icmpland
- pass_ipland
- pass_iprr
- pass_ipssrr
- pass_iplsrr
- pass_ipstream
- pass_ipsecurity
- pass_iptimestamp
- pass_ipunknown_option
- pass_ipunknown_prot
- pass_icmp_frag
- pass_tcp_no_flag
- pass_tcp_fin_noack
- drop_winnuke
- drop_tcpland
- drop_udpland
- drop_icmpland
- drop_ipland
- drop_iprr
- drop_ipssrr
- drop_iplsrr
- drop_ipstream
- drop_ipsecurity
- drop_iptimestamp
- drop_ipunknown_option
- drop_ipunknown_prot
- drop_icmp_frag
- drop_tcp_no_flag
fp-disable:
- all
- ipsec
- none
gateway-address: <value of string>
gi-gk: <value in [disable, enable]>
gwaddr: <value of string>
gwdetect: <value in [disable, enable]>
ha-priority: <value of integer>
icmp-accept-redirect: <value in [disable, enable]>
icmp-redirect: <value in [disable, enable]>
icmp-send-redirect: <value in [disable, enable]>
ident-accept: <value in [disable, enable]>
idle-timeout: <value of integer>
if-mdix: <value in [auto, normal, crossover]>
if-media: <value in [auto, copper, fiber]>
in-force-vlan-cos: <value of integer>
inbandwidth: <value of integer>
ingress-cos: <value in [disable, cos0, cos1, ...]>
ingress-spillover-threshold: <value of integer>
internal: <value of integer>
ip: <value of string>
ipmac: <value in [disable, enable]>
ips-sniffer-mode: <value in [disable, enable]>
ipunnumbered: <value of string>
ipv6:
autoconf: <value in [disable, enable]>
dhcp6-client-options:
- rapid
- iapd
- iana
- dns
- dnsname
dhcp6-information-request: <value in [disable, enable]>
dhcp6-prefix-delegation: <value in [disable, enable]>
dhcp6-prefix-hint: <value of string>
dhcp6-prefix-hint-plt: <value of integer>
dhcp6-prefix-hint-vlt: <value of integer>
dhcp6-relay-ip: <value of string>
dhcp6-relay-service: <value in [disable, enable]>
dhcp6-relay-type: <value in [regular]>
ip6-address: <value of string>
ip6-allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- capwap
- fabric
ip6-default-life: <value of integer>
ip6-dns-server-override: <value in [disable, enable]>
ip6-hop-limit: <value of integer>
ip6-link-mtu: <value of integer>
ip6-manage-flag: <value in [disable, enable]>
ip6-max-interval: <value of integer>
ip6-min-interval: <value of integer>
ip6-mode: <value in [static, dhcp, pppoe, ...]>
ip6-other-flag: <value in [disable, enable]>
ip6-reachable-time: <value of integer>
ip6-retrans-time: <value of integer>
ip6-send-adv: <value in [disable, enable]>
ip6-subnet: <value of string>
ip6-upstream-interface: <value of string>
nd-cert: <value of string>
nd-cga-modifier: <value of string>
nd-mode: <value in [basic, SEND-compatible]>
nd-security-level: <value of integer>
nd-timestamp-delta: <value of integer>
nd-timestamp-fuzz: <value of integer>
vrip6_link_local: <value of string>
vrrp-virtual-mac6: <value in [disable, enable]>
ip6-delegated-prefix-list:
-
autonomous-flag: <value in [disable, enable]>
onlink-flag: <value in [disable, enable]>
prefix-id: <value of integer>
rdnss: <value of string>
rdnss-service: <value in [delegated, default, specify]>
subnet: <value of string>
upstream-interface: <value of string>
ip6-extra-addr:
-
prefix: <value of string>
ip6-prefix-list:
-
autonomous-flag: <value in [disable, enable]>
dnssl: <value of string>
onlink-flag: <value in [disable, enable]>
preferred-life-time: <value of integer>
prefix: <value of string>
rdnss: <value of string>
valid-life-time: <value of integer>
vrrp6:
-
accept-mode: <value in [disable, enable]>
adv-interval: <value of integer>
preempt: <value in [disable, enable]>
priority: <value of integer>
start-time: <value of integer>
status: <value in [disable, enable]>
vrdst6: <value of string>
vrgrp: <value of integer>
vrid: <value of integer>
vrip6: <value of string>
interface-identifier: <value of string>
unique-autoconf-addr: <value in [disable, enable]>
icmp6-send-redirect: <value in [disable, enable]>
cli-conn6-status: <value of integer>
ip6-prefix-mode: <value in [dhcp6, ra]>
ra-send-mtu: <value in [disable, enable]>
l2forward: <value in [disable, enable]>
l2tp-client: <value in [disable, enable]>
lacp-ha-slave: <value in [disable, enable]>
lacp-mode: <value in [static, passive, active]>
lacp-speed: <value in [slow, fast]>
lcp-echo-interval: <value of integer>
lcp-max-echo-fails: <value of integer>
link-up-delay: <value of integer>
listen-forticlient-connection: <value in [disable, enable]>
lldp-network-policy: <value of string>
lldp-reception: <value in [disable, enable, vdom]>
lldp-transmission: <value in [enable, disable, vdom]>
log: <value in [disable, enable]>
macaddr: <value of string>
management-ip: <value of string>
max-egress-burst-rate: <value of integer>
max-egress-rate: <value of integer>
mediatype: <value in [serdes-sfp, sgmii-sfp, cfp2-sr10, ...]>
member: <value of string>
min-links: <value of integer>
min-links-down: <value in [operational, administrative]>
mode: <value in [static, dhcp, pppoe, ...]>
mtu: <value of integer>
mtu-override: <value in [disable, enable]>
mux-type: <value in [llc-encaps, vc-encaps]>
name: <value of string>
ndiscforward: <value in [disable, enable]>
netbios-forward: <value in [disable, enable]>
netflow-sampler: <value in [disable, tx, rx, ...]>
npu-fastpath: <value in [disable, enable]>
nst: <value in [disable, enable]>
out-force-vlan-cos: <value of integer>
outbandwidth: <value of integer>
padt-retry-timeout: <value of integer>
password: <value of string>
peer-interface: <value of string>
phy-mode: <value in [auto, adsl, vdsl]>
ping-serv-status: <value of integer>
poe: <value in [disable, enable]>
polling-interval: <value of integer>
pppoe-unnumbered-negotiate: <value in [disable, enable]>
pptp-auth-type: <value in [auto, pap, chap, ...]>
pptp-client: <value in [disable, enable]>
pptp-password: <value of string>
pptp-server-ip: <value of string>
pptp-timeout: <value of integer>
pptp-user: <value of string>
preserve-session-route: <value in [disable, enable]>
priority: <value of integer>
priority-override: <value in [disable, enable]>
proxy-captive-portal: <value in [disable, enable]>
redundant-interface: <value of string>
remote-ip: <value of string>
replacemsg-override-group: <value of string>
retransmission: <value in [disable, enable]>
role: <value in [lan, wan, dmz, ...]>
sample-direction: <value in [rx, tx, both]>
sample-rate: <value of integer>
scan-botnet-connections: <value in [disable, block, monitor]>
secondary-IP: <value in [disable, enable]>
secondaryip:
-
allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
- dnp
- ftm
- fabric
detectprotocol:
- ping
- tcp-echo
- udp-echo
detectserver: <value of string>
gwdetect: <value in [disable, enable]>
ha-priority: <value of integer>
id: <value of integer>
ip: <value of string>
ping-serv-status: <value of integer>
seq: <value of integer>
security-8021x-dynamic-vlan-id: <value of integer>
security-8021x-master: <value of string>
security-8021x-mode: <value in [default, dynamic-vlan, fallback, ...]>
security-exempt-list: <value of string>
security-external-logout: <value of string>
security-external-web: <value of string>
security-groups: <value of string>
security-mac-auth-bypass: <value in [disable, enable, mac-auth-only]>
security-mode: <value in [none, captive-portal, 802.1X]>
security-redirect-url: <value of string>
service-name: <value of string>
sflow-sampler: <value in [disable, enable]>
speed: <value in [auto, 10full, 10half, ...]>
spillover-threshold: <value of integer>
src-check: <value in [disable, enable]>
status: <value in [down, up]>
stp: <value in [disable, enable]>
stp-ha-slave: <value in [disable, enable, priority-adjust]>
stpforward: <value in [disable, enable]>
stpforward-mode: <value in [rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing]>
strip-priority-vlan-tag: <value in [disable, enable]>
subst: <value in [disable, enable]>
substitute-dst-mac: <value of string>
switch: <value of string>
switch-controller-access-vlan: <value in [disable, enable]>
switch-controller-arp-inspection: <value in [disable, enable]>
switch-controller-auth: <value in [radius, usergroup]>
switch-controller-dhcp-snooping: <value in [disable, enable]>
switch-controller-dhcp-snooping-option82: <value in [disable, enable]>
switch-controller-dhcp-snooping-verify-mac: <value in [disable, enable]>
switch-controller-igmp-snooping: <value in [disable, enable]>
switch-controller-learning-limit: <value of integer>
switch-controller-radius-server: <value of string>
switch-controller-traffic-policy: <value of string>
tc-mode: <value in [ptm, atm]>
tcp-mss: <value of integer>
trunk: <value in [disable, enable]>
trust-ip-1: <value of string>
trust-ip-2: <value of string>
trust-ip-3: <value of string>
trust-ip6-1: <value of string>
trust-ip6-2: <value of string>
trust-ip6-3: <value of string>
type: <value in [physical, vlan, aggregate, ...]>
username: <value of string>
vci: <value of integer>
vectoring: <value in [disable, enable]>
vindex: <value of integer>
vlanforward: <value in [disable, enable]>
vlanid: <value of integer>
vpi: <value of integer>
vrf: <value of integer>
vrrp:
-
accept-mode: <value in [disable, enable]>
adv-interval: <value of integer>
ignore-default-route: <value in [disable, enable]>
preempt: <value in [disable, enable]>
priority: <value of integer>
start-time: <value of integer>
status: <value in [disable, enable]>
version: <value in [2, 3]>
vrdst: <value of string>
vrdst-priority: <value of integer>
vrgrp: <value of integer>
vrid: <value of integer>
vrip: <value of string>
vrrp-virtual-mac: <value in [disable, enable]>
wccp: <value in [disable, enable]>
weight: <value of integer>
wifi-5g-threshold: <value of string>
wifi-acl: <value in [deny, allow]>
wifi-ap-band: <value in [any, 5g-preferred, 5g-only]>
wifi-auth: <value in [PSK, RADIUS, radius, ...]>
wifi-auto-connect: <value in [disable, enable]>
wifi-auto-save: <value in [disable, enable]>
wifi-broadcast-ssid: <value in [disable, enable]>
wifi-encrypt: <value in [TKIP, AES]>
wifi-fragment-threshold: <value of integer>
wifi-key: <value of string>
wifi-keyindex: <value of integer>
wifi-mac-filter: <value in [disable, enable]>
wifi-passphrase: <value of string>
wifi-radius-server: <value of string>
wifi-rts-threshold: <value of integer>
wifi-security: <value in [None, WEP64, wep64, ...]>
wifi-ssid: <value of string>
wifi-usergroup: <value of string>
wins-ip: <value of string>
eip: <value of string>
fortilink-neighbor-detect: <value in [lldp, fortilink]>
ingress-shaping-profile: <value of string>
ring-rx: <value of integer>
ring-tx: <value of integer>
switch-controller-igmp-snooping-fast-leave: <value in [disable, enable]>
switch-controller-igmp-snooping-proxy: <value in [disable, enable]>
switch-controller-rspan-mode: <value in [disable, enable]>
bandwidth-measure-time: <value of integer>
ip-managed-by-fortiipam: <value in [disable, enable]>
managed-subnetwork-size: <value in [256, 512, 1024, ...]>
measured-downstream-bandwidth: <value of integer>
measured-upstream-bandwidth: <value of integer>
monitor-bandwidth: <value in [disable, enable]>
swc-vlan: <value of integer>
switch-controller-feature: <value in [none, default-vlan, quarantine, ...]>
switch-controller-mgmt-vlan: <value of integer>
switch-controller-nac: <value of string>
vlan-protocol: <value in [8021q, 8021ad]>
dhcp-relay-interface: <value of string>
dhcp-relay-interface-select-method: <value in [auto, sdwan, specify]>
np-qos-profile: <value of integer>
swc-first-create: <value of integer>
switch-controller-iot-scanning: <value in [disable, enable]>
switch-controller-source-ip: <value in [outbound, fixed]>
dhcp-relay-request-all-server: <value in [disable, enable]>
stp-ha-secondary: <value in [disable, enable, priority-adjust]>
switch-controller-dynamic: <value of string>
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| request_url
string
|
always |
The full url requested
Sample:
/sys/login/user
|
| response_code
integer
|
always |
The status of api request
|
| response_message
string
|
always |
The descriptive message of the api response
Sample:
OK.
|
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortimanager/fmgr_fsp_vlan_interface_module.html