fortios_switch_controller_global – Configure FortiSwitch global settings in Fortinet’s FortiOS and FortiGate.¶
New in version 2.0.0.
Synopsis¶
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify switch_controller feature and global category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
FortiOS Version Compatibility¶
v6.0.0 |
v6.0.5 |
v6.0.11 |
v6.2.0 |
v6.2.3 |
v6.2.5 |
v6.2.7 |
v6.4.0 |
v6.4.1 |
v6.4.4 |
v7.0.0 |
v7.0.1 |
v7.0.2 |
v7.0.3 |
v7.0.4 |
v7.0.5 |
v7.0.6 |
v7.0.7 |
v7.0.8 |
v7.2.0 |
v7.2.1 |
v7.2.2 |
|
fortios_switch_controller_global | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters¶
- access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
- member_path - Member attribute path to operate on. type: str
- member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
- switch_controller_global - Configure FortiSwitch global settings. type: dict more...
- allow_multiple_interfaces - Enable/disable multiple FortiLink interfaces for redundant connections between a managed FortiSwitch and FortiGate. type: str choices: enable, disable more...
- bounce_quarantined_link - Enable/disable bouncing (administratively bring the link down, up) of a switch port where a quarantined device was seen last. Helps to re-initiate the DHCP process for a device. type: str choices: disable, enable more...
- custom_command - List of custom commands to be pushed to all FortiSwitches in the VDOM. type: list more...
- command_entry - List of FortiSwitch commands. type: str more...
- command_name - Name of custom command to push to all FortiSwitches in VDOM. Source switch-controller.custom-command.command-name. type: str more...
- default_virtual_switch_vlan - Default VLAN for ports when added to the virtual-switch. Source system.interface.name. type: str more...
- dhcp_server_access_list - Enable/disable DHCP snooping server access list. type: str choices: enable, disable more...
- disable_discovery - Prevent this FortiSwitch from discovering. type: list more...
- name - Managed device ID. type: str more...
- fips_enforce - Enable/disable enforcement of FIPS on managed FortiSwitch devices. type: str choices: disable, enable more...
- firmware_provision_on_authorization - Enable/disable automatic provisioning of latest firmware on authorization. type: str choices: enable, disable more...
- https_image_push - Enable/disable image push to FortiSwitch using HTTPS. type: str choices: enable, disable more...
- log_mac_limit_violations - Enable/disable logs for Learning Limit Violations. type: str choices: enable, disable more...
- mac_aging_interval - Time after which an inactive MAC is aged out (10 - 1000000 sec). type: int more...
- mac_event_logging - Enable/disable MAC address event logging. type: str choices: enable, disable more...
- mac_retention_period - Time in hours after which an inactive MAC is removed from client DB (0 = aged out based on mac-aging-interval). type: int more...
- mac_violation_timer - Set timeout for Learning Limit Violations (0 = disabled). type: int more...
- quarantine_mode - Quarantine mode. type: str choices: by-vlan, by-redirect more...
- sn_dns_resolution - Enable/disable DNS resolution of the FortiSwitch unit"s IP address by use of its serial number. type: str choices: enable, disable more...
- update_user_device - Control which sources update the device user list. type: list choices: mac-cache, lldp, dhcp-snooping, l2-db, l3-db more...
- vlan_all_mode - VLAN configuration mode, user-defined-vlans or all-possible-vlans. type: str choices: all, defined more...
- vlan_optimization - FortiLink VLAN optimization. type: str choices: enable, disable more...
Examples¶
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure FortiSwitch global settings.
fortios_switch_controller_global:
vdom: "{{ vdom }}"
switch_controller_global:
allow_multiple_interfaces: "enable"
bounce_quarantined_link: "disable"
custom_command:
-
command_entry: "<your_own_value>"
command_name: "<your_own_value> (source switch-controller.custom-command.command-name)"
default_virtual_switch_vlan: "<your_own_value> (source system.interface.name)"
dhcp_server_access_list: "enable"
disable_discovery:
-
name: "default_name_11"
fips_enforce: "disable"
firmware_provision_on_authorization: "enable"
https_image_push: "enable"
log_mac_limit_violations: "enable"
mac_aging_interval: "300"
mac_event_logging: "enable"
mac_retention_period: "24"
mac_violation_timer: "0"
quarantine_mode: "by-vlan"
sn_dns_resolution: "enable"
update_user_device: "mac-cache"
vlan_all_mode: "all"
vlan_optimization: "enable"
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortigate image returned: always type: str sample: 1547
- http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
- http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
- mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
- name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
- path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
- revision - Internal revision number returned: always type: str sample: 17.0.2.10658
- serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
- status - Indication of the operation's result returned: always type: str sample: success
- vdom - Virtual domain used returned: always type: str sample: root
- version - Version of the FortiGate returned: always type: str sample: v5.6.3