fortinet.fortimanager.fmgr_vap – Configure Virtual Access Points
Note
This plugin is part of the fortinet.fortimanager collection (version 2.1.3).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install fortinet.fortimanager.
To use it in a playbook, specify: fortinet.fortimanager.fmgr_vap.
New in version 2.10: of fortinet.fortimanager
Synopsis
- This module is able to configure a FortiManager device.
- Examples include all parameters and values which need to be adjusted to data sources before usage.
Parameters
| Parameter | Choices/Defaults | Comments | |||
|---|---|---|---|---|---|
| adom
string / required
|
the parameter (adom) in requested url
|
||||
| bypass_validation
boolean
|
|
only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters
|
|||
| enable_log
boolean
|
|
Enable/Disable logging for task
|
|||
| proposed_method
string
|
|
The overridden method for the underlying Json RPC request
|
|||
| rc_failed
list / elements=string
|
the rc codes list with which the conditions to fail will be overriden
|
||||
| rc_succeeded
list / elements=string
|
the rc codes list with which the conditions to succeed will be overriden
|
||||
| state
string / required
|
|
the directive to create, update or delete an object
|
|||
| vap
dictionary
|
the top level parameters set
|
||||
| _centmgmt
string
|
|
no description
|
|||
| _dhcp_svr_id
string
|
no description
|
||||
| _intf_allowaccess
list / elements=string
|
|
no description
|
|||
| _intf_device-access-list
string
|
no description
|
||||
| _intf_device-identification
string
|
|
no description
|
|||
| _intf_device-netscan
string
|
|
no description
|
|||
| _intf_dhcp-relay-ip
string
|
no description
|
||||
| _intf_dhcp-relay-service
string
|
|
no description
|
|||
| _intf_dhcp-relay-type
string
|
|
no description
|
|||
| _intf_dhcp6-relay-ip
string
|
no description
|
||||
| _intf_dhcp6-relay-service
string
|
|
no description
|
|||
| _intf_dhcp6-relay-type
string
|
|
no description
|
|||
| _intf_ip
string
|
no description
|
||||
| _intf_ip6-address
string
|
no description
|
||||
| _intf_ip6-allowaccess
list / elements=string
|
|
no description
|
|||
| _intf_listen-forticlient-connection
string
|
|
no description
|
|||
| access-control-list
string
|
access-control-list profile name.
|
||||
| acct-interim-interval
integer
|
WiFi RADIUS accounting interim interval (60 - 86400 sec, default = 0).
|
||||
| additional-akms
list / elements=string
|
|
no description
|
|||
| address-group
string
|
Address group ID.
|
||||
| alias
string
|
Alias.
|
||||
| atf-weight
integer
|
Airtime weight in percentage (default = 20).
|
||||
| auth
string
|
|
Authentication protocol.
|
|||
| broadcast-ssid
string
|
|
Enable/disable broadcasting the SSID (default = enable).
|
|||
| broadcast-suppression
list / elements=string
|
|
no description
|
|||
| bss-color-partial
string
|
|
Enable/disable 802.11ax partial BSS color (default = enable).
|
|||
| bstm-disassociation-imminent
string
|
|
Enable/disable forcing of disassociation after the BSTM request timer has been reached (default = enable).
|
|||
| bstm-load-balancing-disassoc-timer
integer
|
Time interval for client to voluntarily leave AP before forcing a disassociation due to AP load-balancing (0 to 30, default = ...
|
||||
| bstm-rssi-disassoc-timer
integer
|
Time interval for client to voluntarily leave AP before forcing a disassociation due to low RSSI (0 to 2000, default = 200).
|
||||
| captive-portal-ac-name
string
|
Local-bridging captive portal ac-name.
|
||||
| captive-portal-auth-timeout
integer
|
Hard timeout - AP will always clear the session after timeout regardless of traffic (0 - 864000 sec, default = 0).
|
||||
| captive-portal-macauth-radius-secret
string
|
no description
|
||||
| captive-portal-macauth-radius-server
string
|
Captive portal external RADIUS server domain name or IP address.
|
||||
| captive-portal-radius-secret
string
|
no description
|
||||
| captive-portal-radius-server
string
|
Captive portal RADIUS server domain name or IP address.
|
||||
| captive-portal-session-timeout-interval
integer
|
Session timeout interval (0 - 864000 sec, default = 0).
|
||||
| dhcp-address-enforcement
string
|
|
Enable/disable DHCP address enforcement (default = disable).
|
|||
| dhcp-lease-time
integer
|
DHCP lease time in seconds for NAT IP address.
|
||||
| dhcp-option43-insertion
string
|
|
Enable/disable insertion of DHCP option 43 (default = enable).
|
|||
| dhcp-option82-circuit-id-insertion
string
|
|
Enable/disable DHCP option 82 circuit-id insert (default = disable).
|
|||
| dhcp-option82-insertion
string
|
|
Enable/disable DHCP option 82 insert (default = disable).
|
|||
| dhcp-option82-remote-id-insertion
string
|
|
Enable/disable DHCP option 82 remote-id insert (default = disable).
|
|||
| dynamic-vlan
string
|
|
Enable/disable dynamic VLAN assignment.
|
|||
| dynamic_mapping
list / elements=string
|
no description
|
||||
| _centmgmt
string
|
|
no description
|
|||
| _dhcp_svr_id
string
|
no description
|
||||
| _intf_allowaccess
list / elements=string
|
|
no description
|
|||
| _intf_device-access-list
string
|
no description
|
||||
| _intf_device-identification
string
|
|
no description
|
|||
| _intf_device-netscan
string
|
|
no description
|
|||
| _intf_dhcp-relay-ip
string
|
no description
|
||||
| _intf_dhcp-relay-service
string
|
|
no description
|
|||
| _intf_dhcp-relay-type
string
|
|
no description
|
|||
| _intf_dhcp6-relay-ip
string
|
no description
|
||||
| _intf_dhcp6-relay-service
string
|
|
no description
|
|||
| _intf_dhcp6-relay-type
string
|
|
no description
|
|||
| _intf_ip
string
|
no description
|
||||
| _intf_ip6-address
string
|
no description
|
||||
| _intf_ip6-allowaccess
list / elements=string
|
|
no description
|
|||
| _intf_listen-forticlient-connection
string
|
|
no description
|
|||
| _scope
list / elements=string
|
no description
|
||||
| name
string
|
no description
|
||||
| vdom
string
|
no description
|
||||
| access-control-list
string
|
no description
|
||||
| acct-interim-interval
integer
|
no description
|
||||
| additional-akms
list / elements=string
|
|
no description
|
|||
| address-group
string
|
no description
|
||||
| alias
string
|
no description
|
||||
| atf-weight
integer
|
no description
|
||||
| auth
string
|
|
no description
|
|||
| broadcast-ssid
string
|
|
no description
|
|||
| broadcast-suppression
list / elements=string
|
|
no description
|
|||
| bss-color-partial
string
|
|
no description
|
|||
| bstm-disassociation-imminent
string
|
|
Enable/disable forcing of disassociation after the BSTM request timer has been reached (default = enable).
|
|||
| bstm-load-balancing-disassoc-timer
integer
|
Time interval for client to voluntarily leave AP before forcing a disassociation due to AP load-balancing (0 to 30, de...
|
||||
| bstm-rssi-disassoc-timer
integer
|
Time interval for client to voluntarily leave AP before forcing a disassociation due to low RSSI (0 to 2000, default =...
|
||||
| captive-portal-ac-name
string
|
no description
|
||||
| captive-portal-auth-timeout
integer
|
no description
|
||||
| captive-portal-macauth-radius-secret
string
|
no description
|
||||
| captive-portal-macauth-radius-server
string
|
no description
|
||||
| captive-portal-radius-secret
string
|
no description
|
||||
| captive-portal-radius-server
string
|
no description
|
||||
| captive-portal-session-timeout-interval
integer
|
no description
|
||||
| client-count
integer
|
no description
|
||||
| dhcp-address-enforcement
string
|
|
Enable/disable DHCP address enforcement (default = disable).
|
|||
| dhcp-lease-time
integer
|
no description
|
||||
| dhcp-option43-insertion
string
|
|
no description
|
|||
| dhcp-option82-circuit-id-insertion
string
|
|
no description
|
|||
| dhcp-option82-insertion
string
|
|
no description
|
|||
| dhcp-option82-remote-id-insertion
string
|
|
no description
|
|||
| dynamic-vlan
string
|
|
no description
|
|||
| eap-reauth
string
|
|
no description
|
|||
| eap-reauth-intv
integer
|
no description
|
||||
| eapol-key-retries
string
|
|
no description
|
|||
| encrypt
string
|
|
no description
|
|||
| external-fast-roaming
string
|
|
no description
|
|||
| external-logout
string
|
no description
|
||||
| external-web
string
|
no description
|
||||
| external-web-format
string
|
|
no description
|
|||
| fast-bss-transition
string
|
|
no description
|
|||
| fast-roaming
string
|
|
no description
|
|||
| ft-mobility-domain
integer
|
no description
|
||||
| ft-over-ds
string
|
|
no description
|
|||
| ft-r0-key-lifetime
integer
|
no description
|
||||
| gas-comeback-delay
integer
|
GAS comeback delay (0 or 100 - 10000 milliseconds, default = 500).
|
||||
| gas-fragmentation-limit
integer
|
GAS fragmentation limit (512 - 4096, default = 1024).
|
||||
| gtk-rekey
string
|
|
no description
|
|||
| gtk-rekey-intv
integer
|
no description
|
||||
| high-efficiency
string
|
|
no description
|
|||
| hotspot20-profile
string
|
no description
|
||||
| igmp-snooping
string
|
|
Enable/disable IGMP snooping.
|
|||
| intra-vap-privacy
string
|
|
no description
|
|||
| ip
string
|
no description
|
||||
| ipv6-rules
list / elements=string
|
|
no description
|
|||
| key
string
|
no description
|
||||
| keyindex
integer
|
no description
|
||||
| ldpc
string
|
|
no description
|
|||
| local-authentication
string
|
|
no description
|
|||
| local-bridging
string
|
|
no description
|
|||
| local-lan
string
|
|
no description
|
|||
| local-standalone
string
|
|
no description
|
|||
| local-standalone-nat
string
|
|
no description
|
|||
| local-switching
string
|
|
no description
|
|||
| mac-auth-bypass
string
|
|
no description
|
|||
| mac-called-station-delimiter
string
|
|
MAC called station delimiter (default = hyphen).
|
|||
| mac-calling-station-delimiter
string
|
|
MAC calling station delimiter (default = hyphen).
|
|||
| mac-case
string
|
|
MAC case (default = uppercase).
|
|||
| mac-filter
string
|
|
no description
|
|||
| mac-filter-policy-other
string
|
|
no description
|
|||
| mac-password-delimiter
string
|
|
MAC authentication password delimiter (default = hyphen).
|
|||
| mac-username-delimiter
string
|
|
MAC authentication username delimiter (default = hyphen).
|
|||
| max-clients
integer
|
no description
|
||||
| max-clients-ap
integer
|
no description
|
||||
| mbo
string
|
|
Enable/disable Multiband Operation (default = disable).
|
|||
| mbo-cell-data-conn-pref
string
|
|
MBO cell data connection preference (0, 1, or 255, default = 1).
|
|||
| me-disable-thresh
integer
|
no description
|
||||
| mesh-backhaul
string
|
|
no description
|
|||
| mpsk
string
|
|
no description
|
|||
| mpsk-concurrent-clients
integer
|
no description
|
||||
| mpsk-profile
string
|
no description
|
||||
| mu-mimo
string
|
|
no description
|
|||
| multicast-enhance
string
|
|
no description
|
|||
| multicast-rate
string
|
|
no description
|
|||
| nac
string
|
|
Enable/disable network access control.
|
|||
| nac-profile
string
|
NAC profile name.
|
||||
| neighbor-report-dual-band
string
|
|
Enable/disable dual-band neighbor report (default = disable).
|
|||
| okc
string
|
|
no description
|
|||
| owe-groups
list / elements=string
|
|
no description
|
|||
| owe-transition
string
|
|
no description
|
|||
| owe-transition-ssid
string
|
no description
|
||||
| passphrase
string
|
no description
|
||||
| pmf
string
|
|
no description
|
|||
| pmf-assoc-comeback-timeout
integer
|
no description
|
||||
| pmf-sa-query-retry-timeout
integer
|
no description
|
||||
| port-macauth
string
|
|
Enable/disable LAN port MAC authentication (default = disable).
|
|||
| port-macauth-reauth-timeout
integer
|
LAN port MAC authentication re-authentication timeout value (default = 7200 sec).
|
||||
| port-macauth-timeout
integer
|
LAN port MAC authentication idle timeout value (default = 600 sec).
|
||||
| portal-message-override-group
string
|
no description
|
||||
| portal-type
string
|
|
no description
|
|||
| primary-wag-profile
string
|
no description
|
||||
| probe-resp-suppression
string
|
|
no description
|
|||
| probe-resp-threshold
string
|
no description
|
||||
| ptk-rekey
string
|
|
no description
|
|||
| ptk-rekey-intv
integer
|
no description
|
||||
| qos-profile
string
|
no description
|
||||
| quarantine
string
|
|
no description
|
|||
| radio-2g-threshold
string
|
no description
|
||||
| radio-5g-threshold
string
|
no description
|
||||
| radio-sensitivity
string
|
|
no description
|
|||
| radius-mac-auth
string
|
|
no description
|
|||
| radius-mac-auth-server
string
|
no description
|
||||
| radius-mac-auth-usergroups
string
|
no description
|
||||
| radius-server
string
|
no description
|
||||
| rates-11a
list / elements=string
|
|
no description
|
|||
| rates-11ac-ss12
list / elements=string
|
|
no description
|
|||
| rates-11ac-ss34
list / elements=string
|
|
no description
|
|||
| rates-11bg
list / elements=string
|
|
no description
|
|||
| rates-11n-ss12
list / elements=string
|
|
no description
|
|||
| rates-11n-ss34
list / elements=string
|
|
no description
|
|||
| sae-groups
list / elements=string
|
|
no description
|
|||
| sae-password
string
|
no description
|
||||
| schedule
string
|
no description
|
||||
| secondary-wag-profile
string
|
no description
|
||||
| security
string
|
|
no description
|
|||
| security-exempt-list
string
|
no description
|
||||
| security-obsolete-option
string
|
|
no description
|
|||
| security-redirect-url
string
|
no description
|
||||
| selected-usergroups
string
|
no description
|
||||
| split-tunneling
string
|
|
no description
|
|||
| ssid
string
|
no description
|
||||
| sticky-client-remove
string
|
|
no description
|
|||
| sticky-client-threshold-2g
string
|
no description
|
||||
| sticky-client-threshold-5g
string
|
no description
|
||||
| target-wake-time
string
|
|
no description
|
|||
| tkip-counter-measure
string
|
|
no description
|
|||
| tunnel-echo-interval
integer
|
no description
|
||||
| tunnel-fallback-interval
integer
|
no description
|
||||
| usergroup
string
|
no description
|
||||
| utm-profile
string
|
no description
|
||||
| vdom
string
|
no description
|
||||
| vlan-auto
string
|
|
no description
|
|||
| vlan-pooling
string
|
|
no description
|
|||
| vlanid
integer
|
no description
|
||||
| voice-enterprise
string
|
|
no description
|
|||
| eap-reauth
string
|
|
Enable/disable EAP re-authentication for WPA-Enterprise security.
|
|||
| eap-reauth-intv
integer
|
EAP re-authentication interval (1800 - 864000 sec, default = 86400).
|
||||
| eapol-key-retries
string
|
|
Enable/disable retransmission of EAPOL-Key frames (message 3/4 and group message 1/2) (default = enable).
|
|||
| encrypt
string
|
|
Encryption protocol to use (only available when security is set to a WPA type).
|
|||
| external-fast-roaming
string
|
|
Enable/disable fast roaming or pre-authentication with external APs not managed by the FortiGate (default = disable).
|
|||
| external-logout
string
|
URL of external authentication logout server.
|
||||
| external-web
string
|
URL of external authentication web server.
|
||||
| external-web-format
string
|
|
URL query parameter detection (default = auto-detect).
|
|||
| fast-bss-transition
string
|
|
Enable/disable 802.11r Fast BSS Transition (FT) (default = disable).
|
|||
| fast-roaming
string
|
|
Enable/disable fast-roaming, or pre-authentication, where supported by clients (default = disable).
|
|||
| ft-mobility-domain
integer
|
Mobility domain identifier in FT (1 - 65535, default = 1000).
|
||||
| ft-over-ds
string
|
|
Enable/disable FT over the Distribution System (DS).
|
|||
| ft-r0-key-lifetime
integer
|
Lifetime of the PMK-R0 key in FT, 1-65535 minutes.
|
||||
| gas-comeback-delay
integer
|
GAS comeback delay (0 or 100 - 10000 milliseconds, default = 500).
|
||||
| gas-fragmentation-limit
integer
|
GAS fragmentation limit (512 - 4096, default = 1024).
|
||||
| gtk-rekey
string
|
|
Enable/disable GTK rekey for WPA security.
|
|||
| gtk-rekey-intv
integer
|
GTK rekey interval (1800 - 864000 sec, default = 86400).
|
||||
| high-efficiency
string
|
|
Enable/disable 802.11ax high efficiency (default = enable).
|
|||
| hotspot20-profile
string
|
Hotspot 2.0 profile name.
|
||||
| igmp-snooping
string
|
|
Enable/disable IGMP snooping.
|
|||
| intra-vap-privacy
string
|
|
Enable/disable blocking communication between clients on the same SSID (called intra-SSID privacy) (default = disable).
|
|||
| ip
string
|
IP address and subnet mask for the local standalone NAT subnet.
|
||||
| ipv6-rules
list / elements=string
|
|
no description
|
|||
| key
string
|
no description
|
||||
| keyindex
integer
|
WEP key index (1 - 4).
|
||||
| ldpc
string
|
|
VAP low-density parity-check (LDPC) coding configuration.
|
|||
| local-authentication
string
|
|
Enable/disable AP local authentication.
|
|||
| local-bridging
string
|
|
Enable/disable bridging of wireless and Ethernet interfaces on the FortiAP (default = disable).
|
|||
| local-lan
string
|
|
Allow/deny traffic destined for a Class A, B, or C private IP address (default = allow).
|
|||
| local-standalone
string
|
|
Enable/disable AP local standalone (default = disable).
|
|||
| local-standalone-nat
string
|
|
Enable/disable AP local standalone NAT mode.
|
|||
| mac-auth-bypass
string
|
|
Enable/disable MAC authentication bypass.
|
|||
| mac-called-station-delimiter
string
|
|
MAC called station delimiter (default = hyphen).
|
|||
| mac-calling-station-delimiter
string
|
|
MAC calling station delimiter (default = hyphen).
|
|||
| mac-case
string
|
|
MAC case (default = uppercase).
|
|||
| mac-filter
string
|
|
Enable/disable MAC filtering to block wireless clients by mac address.
|
|||
| mac-filter-list
list / elements=string
|
no description
|
||||
| id
integer
|
ID.
|
||||
| mac
string
|
MAC address.
|
||||
| mac-filter-policy
string
|
|
Deny or allow the client with this MAC address.
|
|||
| mac-filter-policy-other
string
|
|
Allow or block clients with MAC addresses that are not in the filter list.
|
|||
| mac-password-delimiter
string
|
|
MAC authentication password delimiter (default = hyphen).
|
|||
| mac-username-delimiter
string
|
|
MAC authentication username delimiter (default = hyphen).
|
|||
| max-clients
integer
|
Maximum number of clients that can connect simultaneously to the VAP (default = 0, meaning no limitation).
|
||||
| max-clients-ap
integer
|
Maximum number of clients that can connect simultaneously to each radio (default = 0, meaning no limitation).
|
||||
| mbo
string
|
|
Enable/disable Multiband Operation (default = disable).
|
|||
| mbo-cell-data-conn-pref
string
|
|
MBO cell data connection preference (0, 1, or 255, default = 1).
|
|||
| me-disable-thresh
integer
|
Disable multicast enhancement when this many clients are receiving multicast traffic.
|
||||
| mesh-backhaul
string
|
|
Enable/disable using this VAP as a WiFi mesh backhaul (default = disable). This entry is only available when security is set t...
|
|||
| mpsk
string
|
|
Enable/disable multiple pre-shared keys (PSKs.)
|
|||
| mpsk-concurrent-clients
integer
|
Number of pre-shared keys (PSKs) to allow if multiple pre-shared keys are enabled.
|
||||
| mpsk-key
list / elements=string
|
no description
|
||||
| comment
string
|
Comment.
|
||||
| concurrent-clients
string
|
Number of clients that can connect using this pre-shared key.
|
||||
| key-name
string
|
Pre-shared key name.
|
||||
| mpsk-schedules
string
|
Firewall schedule for MPSK passphrase. The passphrase will be effective only when at least one schedule is valid.
|
||||
| passphrase
string
|
no description
|
||||
| mpsk-profile
string
|
MPSK profile name.
|
||||
| mu-mimo
string
|
|
Enable/disable Multi-user MIMO (default = enable).
|
|||
| multicast-enhance
string
|
|
Enable/disable converting multicast to unicast to improve performance (default = disable).
|
|||
| multicast-rate
string
|
|
Multicast rate (0, 6000, 12000, or 24000 kbps, default = 0).
|
|||
| nac
string
|
|
Enable/disable network access control.
|
|||
| nac-profile
string
|
NAC profile name.
|
||||
| name
string
|
Virtual AP name.
|
||||
| neighbor-report-dual-band
string
|
|
Enable/disable dual-band neighbor report (default = disable).
|
|||
| okc
string
|
|
Enable/disable Opportunistic Key Caching (OKC) (default = enable).
|
|||
| owe-groups
list / elements=string
|
|
no description
|
|||
| owe-transition
string
|
|
Enable/disable OWE transition mode support.
|
|||
| owe-transition-ssid
string
|
OWE transition mode peer SSID.
|
||||
| passphrase
string
|
no description
|
||||
| pmf
string
|
|
Protected Management Frames (PMF) support (default = disable).
|
|||
| pmf-assoc-comeback-timeout
integer
|
Protected Management Frames (PMF) comeback maximum timeout (1-20 sec).
|
||||
| pmf-sa-query-retry-timeout
integer
|
Protected Management Frames (PMF) SA query retry timeout interval (1 - 5 100s of msec).
|
||||
| port-macauth
string
|
|
Enable/disable LAN port MAC authentication (default = disable).
|
|||
| port-macauth-reauth-timeout
integer
|
LAN port MAC authentication re-authentication timeout value (default = 7200 sec).
|
||||
| port-macauth-timeout
integer
|
LAN port MAC authentication idle timeout value (default = 600 sec).
|
||||
| portal-message-override-group
string
|
Replacement message group for this VAP (only available when security is set to a captive portal type).
|
||||
| portal-message-overrides
dictionary
|
no description
|
||||
| auth-disclaimer-page
string
|
Override auth-disclaimer-page message with message from portal-message-overrides group.
|
||||
| auth-login-failed-page
string
|
Override auth-login-failed-page message with message from portal-message-overrides group.
|
||||
| auth-login-page
string
|
Override auth-login-page message with message from portal-message-overrides group.
|
||||
| auth-reject-page
string
|
Override auth-reject-page message with message from portal-message-overrides group.
|
||||
| portal-type
string
|
|
Captive portal functionality. Configure how the captive portal authenticates users and whether it includes a disclaimer.
|
|||
| primary-wag-profile
string
|
Primary wireless access gateway profile name.
|
||||
| probe-resp-suppression
string
|
|
Enable/disable probe response suppression (to ignore weak signals) (default = disable).
|
|||
| probe-resp-threshold
string
|
Minimum signal level/threshold in dBm required for the AP response to probe requests (-95 to -20, default = -80).
|
||||
| ptk-rekey
string
|
|
Enable/disable PTK rekey for WPA-Enterprise security.
|
|||
| ptk-rekey-intv
integer
|
PTK rekey interval (1800 - 864000 sec, default = 86400).
|
||||
| qos-profile
string
|
Quality of service profile name.
|
||||
| quarantine
string
|
|
Enable/disable station quarantine (default = enable).
|
|||
| radio-2g-threshold
string
|
Minimum signal level/threshold in dBm required for the AP response to receive a packet in 2.4G band (-95 to -20, default = -79).
|
||||
| radio-5g-threshold
string
|
Minimum signal level/threshold in dBm required for the AP response to receive a packet in 5G band(-95 to -20, default = -76).
|
||||
| radio-sensitivity
string
|
|
Enable/disable software radio sensitivity (to ignore weak signals) (default = disable).
|
|||
| radius-mac-auth
string
|
|
Enable/disable RADIUS-based MAC authentication of clients (default = disable).
|
|||
| radius-mac-auth-server
string
|
RADIUS-based MAC authentication server.
|
||||
| radius-mac-auth-usergroups
string
|
no description
|
||||
| radius-server
string
|
RADIUS server to be used to authenticate WiFi users.
|
||||
| rates-11a
list / elements=string
|
|
no description
|
|||
| rates-11ac-ss12
list / elements=string
|
|
no description
|
|||
| rates-11ac-ss34
list / elements=string
|
|
no description
|
|||
| rates-11bg
list / elements=string
|
|
no description
|
|||
| rates-11n-ss12
list / elements=string
|
|
no description
|
|||
| rates-11n-ss34
list / elements=string
|
|
no description
|
|||
| sae-groups
list / elements=string
|
|
no description
|
|||
| sae-password
string
|
no description
|
||||
| schedule
string
|
VAP schedule name.
|
||||
| secondary-wag-profile
string
|
Secondary wireless access gateway profile name.
|
||||
| security
string
|
|
Security mode for the wireless interface (default = wpa2-only-personal).
|
|||
| security-exempt-list
string
|
Optional security exempt list for captive portal authentication.
|
||||
| security-obsolete-option
string
|
|
Enable/disable obsolete security options.
|
|||
| security-redirect-url
string
|
Optional URL for redirecting users after they pass captive portal authentication.
|
||||
| selected-usergroups
string
|
Selective user groups that are permitted to authenticate.
|
||||
| split-tunneling
string
|
|
Enable/disable split tunneling (default = disable).
|
|||
| ssid
string
|
IEEE 802.11 service set identifier (SSID) for the wireless interface. Users who wish to use the wireless network must configur...
|
||||
| sticky-client-remove
string
|
|
Enable/disable sticky client remove to maintain good signal level clients in SSID. (default = disable).
|
|||
| sticky-client-threshold-2g
string
|
Minimum signal level/threshold in dBm required for the 2G client to be serviced by the AP (-95 to -20, default = -79).
|
||||
| sticky-client-threshold-5g
string
|
Minimum signal level/threshold in dBm required for the 5G client to be serviced by the AP (-95 to -20, default = -76).
|
||||
| target-wake-time
string
|
|
Enable/disable 802.11ax target wake time (default = enable).
|
|||
| tkip-counter-measure
string
|
|
Enable/disable TKIP counter measure.
|
|||
| tunnel-echo-interval
integer
|
The time interval to send echo to both primary and secondary tunnel peers (1 - 65535 sec, default = 300).
|
||||
| tunnel-fallback-interval
integer
|
The time interval for secondary tunnel to fall back to primary tunnel (0 - 65535 sec, default = 7200).
|
||||
| usergroup
string
|
Firewall user group to be used to authenticate WiFi users.
|
||||
| utm-profile
string
|
UTM profile name.
|
||||
| vdom
string
|
Name of the VDOM that the Virtual AP has been added to.
|
||||
| vlan-auto
string
|
|
Enable/disable automatic management of SSID VLAN interface.
|
|||
| vlan-pool
list / elements=string
|
no description
|
||||
| _wtp-group
string
|
no description
|
||||
| id
integer
|
ID.
|
||||
| wtp-group
string
|
WTP group name.
|
||||
| vlan-pooling
string
|
|
Enable/disable VLAN pooling, to allow grouping of multiple wireless controller VLANs into VLAN pools (default = disable). When...
|
|||
| vlanid
integer
|
Optional VLAN ID.
|
||||
| voice-enterprise
string
|
|
Enable/disable 802.11k and 802.11v assisted Voice-Enterprise roaming (default = disable).
|
|||
| workspace_locking_adom
string
|
the adom to lock for FortiManager running in workspace mode, the value can be global and others including root
|
||||
| workspace_locking_timeout
integer
|
Default:
300
|
the maximum time in seconds to wait for other user to release the workspace lock
|
|||
Notes
Note
- Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- To create or update an object, use state present directive.
- To delete an object, use state absent directive.
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure Virtual Access Points
fmgr_vap:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
vap:
_centmgmt: <value in [disable, enable]>
_dhcp_svr_id: <value of string>
_intf_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
_intf_device-identification: <value in [disable, enable]>
_intf_device-netscan: <value in [disable, enable]>
_intf_dhcp-relay-ip: <value of string>
_intf_dhcp-relay-service: <value in [disable, enable]>
_intf_dhcp-relay-type: <value in [regular, ipsec]>
_intf_dhcp6-relay-ip: <value of string>
_intf_dhcp6-relay-service: <value in [disable, enable]>
_intf_dhcp6-relay-type: <value in [regular]>
_intf_ip: <value of string>
_intf_ip6-address: <value of string>
_intf_ip6-allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- any
- fgfm
- capwap
_intf_listen-forticlient-connection: <value in [disable, enable]>
acct-interim-interval: <value of integer>
alias: <value of string>
auth: <value in [PSK, psk, RADIUS, ...]>
broadcast-ssid: <value in [disable, enable]>
broadcast-suppression:
- dhcp
- arp
- dhcp2
- arp2
- netbios-ns
- netbios-ds
- arp3
- dhcp-up
- dhcp-down
- arp-known
- arp-unknown
- arp-reply
- ipv6
- dhcp-starvation
- arp-poison
- all-other-mc
- all-other-bc
- arp-proxy
- dhcp-ucast
captive-portal-ac-name: <value of string>
captive-portal-macauth-radius-secret: <value of string>
captive-portal-macauth-radius-server: <value of string>
captive-portal-radius-secret: <value of string>
captive-portal-radius-server: <value of string>
captive-portal-session-timeout-interval: <value of integer>
dhcp-lease-time: <value of integer>
dhcp-option82-circuit-id-insertion: <value in [disable, style-1, style-2, ...]>
dhcp-option82-insertion: <value in [disable, enable]>
dhcp-option82-remote-id-insertion: <value in [disable, style-1]>
dynamic-vlan: <value in [disable, enable]>
dynamic_mapping:
-
_centmgmt: <value in [disable, enable]>
_dhcp_svr_id: <value of string>
_intf_allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- fgfm
- auto-ipsec
- radius-acct
- probe-response
- capwap
_intf_device-identification: <value in [disable, enable]>
_intf_device-netscan: <value in [disable, enable]>
_intf_dhcp-relay-ip: <value of string>
_intf_dhcp-relay-service: <value in [disable, enable]>
_intf_dhcp-relay-type: <value in [regular, ipsec]>
_intf_dhcp6-relay-ip: <value of string>
_intf_dhcp6-relay-service: <value in [disable, enable]>
_intf_dhcp6-relay-type: <value in [regular]>
_intf_ip: <value of string>
_intf_ip6-address: <value of string>
_intf_ip6-allowaccess:
- https
- ping
- ssh
- snmp
- http
- telnet
- any
- fgfm
- capwap
_intf_listen-forticlient-connection: <value in [disable, enable]>
_scope:
-
name: <value of string>
vdom: <value of string>
acct-interim-interval: <value of integer>
address-group: <value of string>
alias: <value of string>
atf-weight: <value of integer>
auth: <value in [PSK, psk, RADIUS, ...]>
broadcast-ssid: <value in [disable, enable]>
broadcast-suppression:
- dhcp
- arp
- dhcp2
- arp2
- netbios-ns
- netbios-ds
- arp3
- dhcp-up
- dhcp-down
- arp-known
- arp-unknown
- arp-reply
- ipv6
- dhcp-starvation
- arp-poison
- all-other-mc
- all-other-bc
- arp-proxy
- dhcp-ucast
captive-portal-ac-name: <value of string>
captive-portal-macauth-radius-secret: <value of string>
captive-portal-macauth-radius-server: <value of string>
captive-portal-radius-secret: <value of string>
captive-portal-radius-server: <value of string>
captive-portal-session-timeout-interval: <value of integer>
client-count: <value of integer>
dhcp-lease-time: <value of integer>
dhcp-option82-circuit-id-insertion: <value in [disable, style-1, style-2, ...]>
dhcp-option82-insertion: <value in [disable, enable]>
dhcp-option82-remote-id-insertion: <value in [disable, style-1]>
dynamic-vlan: <value in [disable, enable]>
eap-reauth: <value in [disable, enable]>
eap-reauth-intv: <value of integer>
eapol-key-retries: <value in [disable, enable]>
encrypt: <value in [TKIP, AES, TKIP-AES]>
external-fast-roaming: <value in [disable, enable]>
external-logout: <value of string>
external-web: <value of string>
fast-bss-transition: <value in [disable, enable]>
fast-roaming: <value in [disable, enable]>
ft-mobility-domain: <value of integer>
ft-over-ds: <value in [disable, enable]>
ft-r0-key-lifetime: <value of integer>
gtk-rekey: <value in [disable, enable]>
gtk-rekey-intv: <value of integer>
hotspot20-profile: <value of string>
intra-vap-privacy: <value in [disable, enable]>
ip: <value of string>
key: <value of string>
keyindex: <value of integer>
ldpc: <value in [disable, tx, rx, ...]>
local-authentication: <value in [disable, enable]>
local-bridging: <value in [disable, enable]>
local-lan: <value in [deny, allow]>
local-standalone: <value in [disable, enable]>
local-standalone-nat: <value in [disable, enable]>
local-switching: <value in [disable, enable]>
mac-auth-bypass: <value in [disable, enable]>
mac-filter: <value in [disable, enable]>
mac-filter-policy-other: <value in [deny, allow]>
max-clients: <value of integer>
max-clients-ap: <value of integer>
me-disable-thresh: <value of integer>
mesh-backhaul: <value in [disable, enable]>
mpsk: <value in [disable, enable]>
mpsk-concurrent-clients: <value of integer>
multicast-enhance: <value in [disable, enable]>
multicast-rate: <value in [0, 6000, 12000, ...]>
okc: <value in [disable, enable]>
owe-groups:
- 19
- 20
- 21
owe-transition: <value in [disable, enable]>
owe-transition-ssid: <value of string>
passphrase: <value of string>
pmf: <value in [disable, enable, optional]>
pmf-assoc-comeback-timeout: <value of integer>
pmf-sa-query-retry-timeout: <value of integer>
portal-message-override-group: <value of string>
portal-type: <value in [auth, auth+disclaimer, disclaimer, ...]>
probe-resp-suppression: <value in [disable, enable]>
probe-resp-threshold: <value of string>
ptk-rekey: <value in [disable, enable]>
ptk-rekey-intv: <value of integer>
qos-profile: <value of string>
quarantine: <value in [disable, enable]>
radio-2g-threshold: <value of string>
radio-5g-threshold: <value of string>
radio-sensitivity: <value in [disable, enable]>
radius-mac-auth: <value in [disable, enable]>
radius-mac-auth-server: <value of string>
radius-mac-auth-usergroups: <value of string>
radius-server: <value of string>
rates-11a:
- 1
- 1-basic
- 2
- 2-basic
- 5.5
- 5.5-basic
- 6
- 6-basic
- 9
- 9-basic
- 12
- 12-basic
- 18
- 18-basic
- 24
- 24-basic
- 36
- 36-basic
- 48
- 48-basic
- 54
- 54-basic
- 11
- 11-basic
rates-11ac-ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/1
- mcs9/1
- mcs0/2
- mcs1/2
- mcs2/2
- mcs3/2
- mcs4/2
- mcs5/2
- mcs6/2
- mcs7/2
- mcs8/2
- mcs9/2
- mcs10/1
- mcs11/1
- mcs10/2
- mcs11/2
rates-11ac-ss34:
- mcs0/3
- mcs1/3
- mcs2/3
- mcs3/3
- mcs4/3
- mcs5/3
- mcs6/3
- mcs7/3
- mcs8/3
- mcs9/3
- mcs0/4
- mcs1/4
- mcs2/4
- mcs3/4
- mcs4/4
- mcs5/4
- mcs6/4
- mcs7/4
- mcs8/4
- mcs9/4
- mcs10/3
- mcs11/3
- mcs10/4
- mcs11/4
rates-11bg:
- 1
- 1-basic
- 2
- 2-basic
- 5.5
- 5.5-basic
- 6
- 6-basic
- 9
- 9-basic
- 12
- 12-basic
- 18
- 18-basic
- 24
- 24-basic
- 36
- 36-basic
- 48
- 48-basic
- 54
- 54-basic
- 11
- 11-basic
rates-11n-ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/2
- mcs9/2
- mcs10/2
- mcs11/2
- mcs12/2
- mcs13/2
- mcs14/2
- mcs15/2
rates-11n-ss34:
- mcs16/3
- mcs17/3
- mcs18/3
- mcs19/3
- mcs20/3
- mcs21/3
- mcs22/3
- mcs23/3
- mcs24/4
- mcs25/4
- mcs26/4
- mcs27/4
- mcs28/4
- mcs29/4
- mcs30/4
- mcs31/4
sae-groups:
- 1
- 2
- 5
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 27
- 28
- 29
- 30
- 31
sae-password: <value of string>
schedule: <value of string>
security: <value in [None, WEP64, wep64, ...]>
security-exempt-list: <value of string>
security-obsolete-option: <value in [disable, enable]>
security-redirect-url: <value of string>
selected-usergroups: <value of string>
split-tunneling: <value in [disable, enable]>
ssid: <value of string>
tkip-counter-measure: <value in [disable, enable]>
usergroup: <value of string>
utm-profile: <value of string>
vdom: <value of string>
vlan-auto: <value in [disable, enable]>
vlan-pooling: <value in [wtp-group, round-robin, hash, ...]>
vlanid: <value of integer>
voice-enterprise: <value in [disable, enable]>
mu-mimo: <value in [disable, enable]>
_intf_device-access-list: <value of string>
external-web-format: <value in [auto-detect, no-query-string, partial-query-string]>
high-efficiency: <value in [disable, enable]>
primary-wag-profile: <value of string>
secondary-wag-profile: <value of string>
target-wake-time: <value in [disable, enable]>
tunnel-echo-interval: <value of integer>
tunnel-fallback-interval: <value of integer>
access-control-list: <value of string>
captive-portal-auth-timeout: <value of integer>
ipv6-rules:
- drop-icmp6ra
- drop-icmp6rs
- drop-llmnr6
- drop-icmp6mld2
- drop-dhcp6s
- drop-dhcp6c
- ndp-proxy
- drop-ns-dad
- drop-ns-nondad
sticky-client-remove: <value in [disable, enable]>
sticky-client-threshold-2g: <value of string>
sticky-client-threshold-5g: <value of string>
bss-color-partial: <value in [disable, enable]>
dhcp-option43-insertion: <value in [disable, enable]>
mpsk-profile: <value of string>
igmp-snooping: <value in [disable, enable]>
port-macauth: <value in [disable, radius, address-group]>
port-macauth-reauth-timeout: <value of integer>
port-macauth-timeout: <value of integer>
additional-akms:
- akm6
bstm-disassociation-imminent: <value in [disable, enable]>
bstm-load-balancing-disassoc-timer: <value of integer>
bstm-rssi-disassoc-timer: <value of integer>
dhcp-address-enforcement: <value in [disable, enable]>
gas-comeback-delay: <value of integer>
gas-fragmentation-limit: <value of integer>
mac-called-station-delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac-calling-station-delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac-case: <value in [uppercase, lowercase]>
mac-password-delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac-username-delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mbo: <value in [disable, enable]>
mbo-cell-data-conn-pref: <value in [excluded, prefer-not, prefer-use]>
nac: <value in [disable, enable]>
nac-profile: <value of string>
neighbor-report-dual-band: <value in [disable, enable]>
eap-reauth: <value in [disable, enable]>
eap-reauth-intv: <value of integer>
eapol-key-retries: <value in [disable, enable]>
encrypt: <value in [TKIP, AES, TKIP-AES]>
external-fast-roaming: <value in [disable, enable]>
external-logout: <value of string>
external-web: <value of string>
fast-bss-transition: <value in [disable, enable]>
fast-roaming: <value in [disable, enable]>
ft-mobility-domain: <value of integer>
ft-over-ds: <value in [disable, enable]>
ft-r0-key-lifetime: <value of integer>
gtk-rekey: <value in [disable, enable]>
gtk-rekey-intv: <value of integer>
hotspot20-profile: <value of string>
intra-vap-privacy: <value in [disable, enable]>
ip: <value of string>
key: <value of string>
keyindex: <value of integer>
ldpc: <value in [disable, tx, rx, ...]>
local-authentication: <value in [disable, enable]>
local-bridging: <value in [disable, enable]>
local-lan: <value in [deny, allow]>
local-standalone: <value in [disable, enable]>
local-standalone-nat: <value in [disable, enable]>
mac-auth-bypass: <value in [disable, enable]>
mac-filter: <value in [disable, enable]>
mac-filter-list:
-
id: <value of integer>
mac: <value of string>
mac-filter-policy: <value in [deny, allow]>
mac-filter-policy-other: <value in [deny, allow]>
max-clients: <value of integer>
max-clients-ap: <value of integer>
me-disable-thresh: <value of integer>
mesh-backhaul: <value in [disable, enable]>
mpsk: <value in [disable, enable]>
mpsk-concurrent-clients: <value of integer>
mpsk-key:
-
comment: <value of string>
concurrent-clients: <value of string>
key-name: <value of string>
passphrase: <value of string>
mpsk-schedules: <value of string>
multicast-enhance: <value in [disable, enable]>
multicast-rate: <value in [0, 6000, 12000, ...]>
name: <value of string>
okc: <value in [disable, enable]>
passphrase: <value of string>
pmf: <value in [disable, enable, optional]>
pmf-assoc-comeback-timeout: <value of integer>
pmf-sa-query-retry-timeout: <value of integer>
portal-message-override-group: <value of string>
portal-type: <value in [auth, auth+disclaimer, disclaimer, ...]>
probe-resp-suppression: <value in [disable, enable]>
probe-resp-threshold: <value of string>
ptk-rekey: <value in [disable, enable]>
ptk-rekey-intv: <value of integer>
qos-profile: <value of string>
quarantine: <value in [disable, enable]>
radio-2g-threshold: <value of string>
radio-5g-threshold: <value of string>
radio-sensitivity: <value in [disable, enable]>
radius-mac-auth: <value in [disable, enable]>
radius-mac-auth-server: <value of string>
radius-mac-auth-usergroups: <value of string>
radius-server: <value of string>
rates-11a:
- 1
- 1-basic
- 2
- 2-basic
- 5.5
- 5.5-basic
- 6
- 6-basic
- 9
- 9-basic
- 12
- 12-basic
- 18
- 18-basic
- 24
- 24-basic
- 36
- 36-basic
- 48
- 48-basic
- 54
- 54-basic
- 11
- 11-basic
rates-11ac-ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/1
- mcs9/1
- mcs0/2
- mcs1/2
- mcs2/2
- mcs3/2
- mcs4/2
- mcs5/2
- mcs6/2
- mcs7/2
- mcs8/2
- mcs9/2
- mcs10/1
- mcs11/1
- mcs10/2
- mcs11/2
rates-11ac-ss34:
- mcs0/3
- mcs1/3
- mcs2/3
- mcs3/3
- mcs4/3
- mcs5/3
- mcs6/3
- mcs7/3
- mcs8/3
- mcs9/3
- mcs0/4
- mcs1/4
- mcs2/4
- mcs3/4
- mcs4/4
- mcs5/4
- mcs6/4
- mcs7/4
- mcs8/4
- mcs9/4
- mcs10/3
- mcs11/3
- mcs10/4
- mcs11/4
rates-11bg:
- 1
- 1-basic
- 2
- 2-basic
- 5.5
- 5.5-basic
- 6
- 6-basic
- 9
- 9-basic
- 12
- 12-basic
- 18
- 18-basic
- 24
- 24-basic
- 36
- 36-basic
- 48
- 48-basic
- 54
- 54-basic
- 11
- 11-basic
rates-11n-ss12:
- mcs0/1
- mcs1/1
- mcs2/1
- mcs3/1
- mcs4/1
- mcs5/1
- mcs6/1
- mcs7/1
- mcs8/2
- mcs9/2
- mcs10/2
- mcs11/2
- mcs12/2
- mcs13/2
- mcs14/2
- mcs15/2
rates-11n-ss34:
- mcs16/3
- mcs17/3
- mcs18/3
- mcs19/3
- mcs20/3
- mcs21/3
- mcs22/3
- mcs23/3
- mcs24/4
- mcs25/4
- mcs26/4
- mcs27/4
- mcs28/4
- mcs29/4
- mcs30/4
- mcs31/4
schedule: <value of string>
security: <value in [None, WEP64, wep64, ...]>
security-exempt-list: <value of string>
security-obsolete-option: <value in [disable, enable]>
security-redirect-url: <value of string>
selected-usergroups: <value of string>
split-tunneling: <value in [disable, enable]>
ssid: <value of string>
tkip-counter-measure: <value in [disable, enable]>
usergroup: <value of string>
utm-profile: <value of string>
vdom: <value of string>
vlan-auto: <value in [disable, enable]>
vlan-pool:
-
_wtp-group: <value of string>
id: <value of integer>
wtp-group: <value of string>
vlan-pooling: <value in [wtp-group, round-robin, hash, ...]>
vlanid: <value of integer>
voice-enterprise: <value in [disable, enable]>
address-group: <value of string>
atf-weight: <value of integer>
mu-mimo: <value in [disable, enable]>
owe-groups:
- 19
- 20
- 21
owe-transition: <value in [disable, enable]>
owe-transition-ssid: <value of string>
sae-groups:
- 1
- 2
- 5
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 27
- 28
- 29
- 30
- 31
sae-password: <value of string>
_intf_device-access-list: <value of string>
external-web-format: <value in [auto-detect, no-query-string, partial-query-string]>
high-efficiency: <value in [disable, enable]>
primary-wag-profile: <value of string>
secondary-wag-profile: <value of string>
target-wake-time: <value in [disable, enable]>
tunnel-echo-interval: <value of integer>
tunnel-fallback-interval: <value of integer>
access-control-list: <value of string>
captive-portal-auth-timeout: <value of integer>
ipv6-rules:
- drop-icmp6ra
- drop-icmp6rs
- drop-llmnr6
- drop-icmp6mld2
- drop-dhcp6s
- drop-dhcp6c
- ndp-proxy
- drop-ns-dad
- drop-ns-nondad
sticky-client-remove: <value in [disable, enable]>
sticky-client-threshold-2g: <value of string>
sticky-client-threshold-5g: <value of string>
bss-color-partial: <value in [disable, enable]>
dhcp-option43-insertion: <value in [disable, enable]>
mpsk-profile: <value of string>
igmp-snooping: <value in [disable, enable]>
port-macauth: <value in [disable, radius, address-group]>
port-macauth-reauth-timeout: <value of integer>
port-macauth-timeout: <value of integer>
portal-message-overrides:
auth-disclaimer-page: <value of string>
auth-login-failed-page: <value of string>
auth-login-page: <value of string>
auth-reject-page: <value of string>
additional-akms:
- akm6
bstm-disassociation-imminent: <value in [disable, enable]>
bstm-load-balancing-disassoc-timer: <value of integer>
bstm-rssi-disassoc-timer: <value of integer>
dhcp-address-enforcement: <value in [disable, enable]>
gas-comeback-delay: <value of integer>
gas-fragmentation-limit: <value of integer>
mac-called-station-delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac-calling-station-delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac-case: <value in [uppercase, lowercase]>
mac-password-delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mac-username-delimiter: <value in [hyphen, single-hyphen, colon, ...]>
mbo: <value in [disable, enable]>
mbo-cell-data-conn-pref: <value in [excluded, prefer-not, prefer-use]>
nac: <value in [disable, enable]>
nac-profile: <value of string>
neighbor-report-dual-band: <value in [disable, enable]>
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| request_url
string
|
always |
The full url requested
Sample:
/sys/login/user
|
| response_code
integer
|
always |
The status of api request
|
| response_message
string
|
always |
The descriptive message of the api response
Sample:
OK.
|
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortimanager/fmgr_vap_module.html