fortios_voip_profile – Configure VoIP profiles in Fortinet’s FortiOS and FortiGate.

New in version 2.0.0.

Synopsis

• This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify voip feature and profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

• ansible>=2.15

Tips

Using member operation to add an element to an existing object.

FortiOS Version Compatibility

Supported Version Ranges: v6.0.0 -> 7.4.3

Parameters

• access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
• enable_log - Enable/Disable logging for task. type: bool required: false default: False
• vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
• member_path - Member attribute path to operate on. type: str
• member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
• state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
• voip_profile - Configure VoIP profiles. type: dict more...

  	Supported Version Ranges
  voip_profile	v6.0.0 -> 7.4.3

• comment - Comment. type: str more...

  	Supported Version Ranges
  comment	v6.0.0 -> 7.4.3

• feature_set - IPS or voipd (SIP-ALG) inspection feature set. type: str choices: ips, voipd, flow, proxy more...

  	Supported Version Ranges
  feature_set	v7.0.0 -> 7.4.3
  [ips]	v7.4.0 -> 7.4.3
  [voipd]	v7.4.0 -> 7.4.3
  [flow]	v7.0.0 -> v7.2.4
  [proxy]	v7.0.0 -> v7.2.4

• msrp - MSRP. type: dict more...

  	Supported Version Ranges
  msrp	v7.0.2 -> 7.4.3

• log_violations - Enable/disable logging of MSRP violations. type: str choices: disable, enable more...

  	Supported Version Ranges
  log_violations	v7.0.2 -> 7.4.3
  [disable]	v7.0.2 -> 7.4.3
  [enable]	v7.0.2 -> 7.4.3

• max_msg_size - Maximum allowable MSRP message size (1-65535). type: int more...

  	Supported Version Ranges
  max_msg_size	v7.0.2 -> 7.4.3

• max_msg_size_action - Action for violation of max-msg-size. type: str choices: pass, block, reset, monitor more...

  	Supported Version Ranges
  max_msg_size_action	v7.0.2 -> 7.4.3
  [pass]	v7.0.2 -> 7.4.3
  [block]	v7.0.2 -> 7.4.3
  [reset]	v7.0.2 -> 7.4.3
  [monitor]	v7.0.2 -> 7.4.3

• status - Enable/disable MSRP. type: str choices: disable, enable more...

  	Supported Version Ranges
  status	v7.0.2 -> 7.4.3
  [disable]	v7.0.2 -> 7.4.3
  [enable]	v7.0.2 -> 7.4.3

• name - Profile name. type: str required: true more...

  	Supported Version Ranges
  name	v6.0.0 -> 7.4.3

• sccp - SCCP. type: dict more...

  	Supported Version Ranges
  sccp	v6.0.0 -> 7.4.3

• block_mcast - Enable/disable block multicast RTP connections. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_mcast	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• log_call_summary - Enable/disable log summary of SCCP calls. type: str choices: disable, enable more...

  	Supported Version Ranges
  log_call_summary	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• log_violations - Enable/disable logging of SCCP violations. type: str choices: disable, enable more...

  	Supported Version Ranges
  log_violations	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• max_calls - Maximum calls per minute per SCCP client (max 65535). type: int more...

  	Supported Version Ranges
  max_calls	v6.0.0 -> 7.4.3

• status - Enable/disable SCCP. type: str choices: disable, enable more...

  	Supported Version Ranges
  status	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• verify_header - Enable/disable verify SCCP header content. type: str choices: disable, enable more...

  	Supported Version Ranges
  verify_header	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• sip - SIP. type: dict more...

  	Supported Version Ranges
  sip	v6.0.0 -> 7.4.3

• ack_rate - ACK request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  ack_rate	v6.0.0 -> 7.4.3

• ack_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  ack_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• block_ack - Enable/disable block ACK requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_ack	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_bye - Enable/disable block BYE requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_bye	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_cancel - Enable/disable block CANCEL requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_cancel	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_geo_red_options - Enable/disable block OPTIONS requests, but OPTIONS requests still notify for redundancy. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_geo_red_options	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_info - Enable/disable block INFO requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_info	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_invite - Enable/disable block INVITE requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_invite	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_long_lines - Enable/disable block requests with headers exceeding max-line-length. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_long_lines	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_message - Enable/disable block MESSAGE requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_message	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_notify - Enable/disable block NOTIFY requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_notify	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_options - Enable/disable block OPTIONS requests and no OPTIONS as notifying message for redundancy either. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_options	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_prack - Enable/disable block prack requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_prack	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_publish - Enable/disable block PUBLISH requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_publish	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_refer - Enable/disable block REFER requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_refer	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_register - Enable/disable block REGISTER requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_register	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_subscribe - Enable/disable block SUBSCRIBE requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_subscribe	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_unknown - Block unrecognized SIP requests (enabled by default). type: str choices: disable, enable more...

  	Supported Version Ranges
  block_unknown	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• block_update - Enable/disable block UPDATE requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  block_update	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• bye_rate - BYE request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  bye_rate	v6.0.0 -> 7.4.3

• bye_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  bye_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• call_id_regex - Validate PCRE regular expression for Call-Id header value. type: str more...

  	Supported Version Ranges
  call_id_regex	v7.4.0 -> 7.4.3

• call_keepalive - Continue tracking calls with no RTP for this many minutes. type: int more...

  	Supported Version Ranges
  call_keepalive	v6.0.0 -> 7.4.3

• cancel_rate - CANCEL request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  cancel_rate	v6.0.0 -> 7.4.3

• cancel_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  cancel_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• contact_fixup - Fixup contact anyway even if contact"s IP:port doesn"t match session"s IP:port. type: str choices: disable, enable more...

  	Supported Version Ranges
  contact_fixup	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• content_type_regex - Validate PCRE regular expression for Content-Type header value. type: str more...

  	Supported Version Ranges
  content_type_regex	v7.4.0 -> 7.4.3

• hnt_restrict_source_ip - Enable/disable restrict RTP source IP to be the same as SIP source IP when HNT is enabled. type: str choices: disable, enable more...

  	Supported Version Ranges
  hnt_restrict_source_ip	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• hosted_nat_traversal - Hosted NAT Traversal (HNT). type: str choices: disable, enable more...

  	Supported Version Ranges
  hosted_nat_traversal	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• info_rate - INFO request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  info_rate	v6.0.0 -> 7.4.3

• info_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  info_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• invite_rate - INVITE request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  invite_rate	v6.0.0 -> 7.4.3

• invite_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  invite_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• ips_rtp - Enable/disable allow IPS on RTP. type: str choices: disable, enable more...

  	Supported Version Ranges
  ips_rtp	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• log_call_summary - Enable/disable logging of SIP call summary. type: str choices: disable, enable more...

  	Supported Version Ranges
  log_call_summary	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• log_violations - Enable/disable logging of SIP violations. type: str choices: disable, enable more...

  	Supported Version Ranges
  log_violations	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• malformed_header_allow - Action for malformed Allow header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_allow	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_call_id - Action for malformed Call-ID header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_call_id	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_contact - Action for malformed Contact header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_contact	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_content_length - Action for malformed Content-Length header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_content_length	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_content_type - Action for malformed Content-Type header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_content_type	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_cseq - Action for malformed CSeq header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_cseq	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_expires - Action for malformed Expires header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_expires	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_from - Action for malformed From header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_from	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_max_forwards - Action for malformed Max-Forwards header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_max_forwards	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_no_proxy_require - Action for malformed SIP messages without Proxy-Require header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_no_proxy_require	v7.0.0 -> 7.4.3
  [discard]	v7.0.0 -> 7.4.3
  [pass]	v7.0.0 -> 7.4.3
  [respond]	v7.0.0 -> 7.4.3

• malformed_header_no_require - Action for malformed SIP messages without Require header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_no_require	v7.0.0 -> 7.4.3
  [discard]	v7.0.0 -> 7.4.3
  [pass]	v7.0.0 -> 7.4.3
  [respond]	v7.0.0 -> 7.4.3

• malformed_header_p_asserted_identity - Action for malformed P-Asserted-Identity header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_p_asserted_identity	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_rack - Action for malformed RAck header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_rack	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_record_route - Action for malformed Record-Route header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_record_route	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_route - Action for malformed Route header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_route	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_rseq - Action for malformed RSeq header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_rseq	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_a - Action for malformed SDP a line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_a	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_b - Action for malformed SDP b line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_b	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_c - Action for malformed SDP c line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_c	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_i - Action for malformed SDP i line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_i	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_k - Action for malformed SDP k line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_k	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_m - Action for malformed SDP m line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_m	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_o - Action for malformed SDP o line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_o	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_r - Action for malformed SDP r line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_r	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_s - Action for malformed SDP s line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_s	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_t - Action for malformed SDP t line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_t	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_v - Action for malformed SDP v line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_v	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_sdp_z - Action for malformed SDP z line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_sdp_z	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_to - Action for malformed To header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_to	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_header_via - Action for malformed VIA header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_header_via	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• malformed_request_line - Action for malformed request line. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  malformed_request_line	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• max_body_length - Maximum SIP message body length (0 meaning no limit). type: int more...

  	Supported Version Ranges
  max_body_length	v6.0.0 -> 7.4.3

• max_dialogs - Maximum number of concurrent calls/dialogs (per policy). type: int more...

  	Supported Version Ranges
  max_dialogs	v6.0.0 -> 7.4.3

• max_idle_dialogs - Maximum number established but idle dialogs to retain (per policy). type: int more...

  	Supported Version Ranges
  max_idle_dialogs	v6.0.0 -> 7.4.3

• max_line_length - Maximum SIP header line length (78-4096). type: int more...

  	Supported Version Ranges
  max_line_length	v6.0.0 -> 7.4.3

• message_rate - MESSAGE request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  message_rate	v6.0.0 -> 7.4.3

• message_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  message_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• nat_port_range - RTP NAT port range. type: str more...

  	Supported Version Ranges
  nat_port_range	v6.2.0 -> 7.4.3

• nat_trace - Enable/disable preservation of original IP in SDP i line. type: str choices: disable, enable more...

  	Supported Version Ranges
  nat_trace	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• no_sdp_fixup - Enable/disable no SDP fix-up. type: str choices: disable, enable more...

  	Supported Version Ranges
  no_sdp_fixup	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• notify_rate - NOTIFY request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  notify_rate	v6.0.0 -> 7.4.3

• notify_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  notify_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• open_contact_pinhole - Enable/disable open pinhole for non-REGISTER Contact port. type: str choices: disable, enable more...

  	Supported Version Ranges
  open_contact_pinhole	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• open_record_route_pinhole - Enable/disable open pinhole for Record-Route port. type: str choices: disable, enable more...

  	Supported Version Ranges
  open_record_route_pinhole	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• open_register_pinhole - Enable/disable open pinhole for REGISTER Contact port. type: str choices: disable, enable more...

  	Supported Version Ranges
  open_register_pinhole	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• open_via_pinhole - Enable/disable open pinhole for Via port. type: str choices: disable, enable more...

  	Supported Version Ranges
  open_via_pinhole	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• options_rate - OPTIONS request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  options_rate	v6.0.0 -> 7.4.3

• options_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  options_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• prack_rate - PRACK request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  prack_rate	v6.0.0 -> 7.4.3

• prack_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  prack_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• preserve_override - Override i line to preserve original IPs . type: str choices: disable, enable more...

  	Supported Version Ranges
  preserve_override	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• provisional_invite_expiry_time - Expiry time (10-3600, in seconds) for provisional INVITE. type: int more...

  	Supported Version Ranges
  provisional_invite_expiry_time	v6.0.0 -> 7.4.3

• publish_rate - PUBLISH request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  publish_rate	v6.0.0 -> 7.4.3

• publish_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  publish_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• refer_rate - REFER request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  refer_rate	v6.0.0 -> 7.4.3

• refer_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  refer_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• register_contact_trace - Enable/disable trace original IP/port within the contact header of REGISTER requests. type: str choices: disable, enable more...

  	Supported Version Ranges
  register_contact_trace	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• register_rate - REGISTER request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  register_rate	v6.0.0 -> 7.4.3

• register_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  register_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• rfc2543_branch - Enable/disable support via branch compliant with RFC 2543. type: str choices: disable, enable more...

  	Supported Version Ranges
  rfc2543_branch	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• rtp - Enable/disable create pinholes for RTP traffic to traverse firewall. type: str choices: disable, enable more...

  	Supported Version Ranges
  rtp	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• ssl_algorithm - Relative strength of encryption algorithms accepted in negotiation. type: str choices: high, medium, low more...

  	Supported Version Ranges
  ssl_algorithm	v6.0.0 -> 7.4.3
  [high]	v6.0.0 -> 7.4.3
  [medium]	v6.0.0 -> 7.4.3
  [low]	v6.0.0 -> 7.4.3

• ssl_auth_client - Require a client certificate and authenticate it with the peer/peergrp. Source user.peer.name user.peergrp.name. type: str more...

  	Supported Version Ranges
  ssl_auth_client	v6.0.0 -> 7.4.3

• ssl_auth_server - Authenticate the server"s certificate with the peer/peergrp. Source user.peer.name user.peergrp.name. type: str more...

  	Supported Version Ranges
  ssl_auth_server	v6.0.0 -> 7.4.3

• ssl_client_certificate - Name of Certificate to offer to server if requested. Source vpn.certificate.local.name. type: str more...

  	Supported Version Ranges
  ssl_client_certificate	v6.0.0 -> 7.4.3

• ssl_client_renegotiation - Allow/block client renegotiation by server. type: str choices: allow, deny, secure more...

  	Supported Version Ranges
  ssl_client_renegotiation	v6.0.0 -> 7.4.3
  [allow]	v6.0.0 -> 7.4.3
  [deny]	v6.0.0 -> 7.4.3
  [secure]	v6.0.0 -> 7.4.3

• ssl_max_version - Highest SSL/TLS version to negotiate. type: str choices: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3 more...

  	Supported Version Ranges
  ssl_max_version	v6.0.0 -> 7.4.3
  [ssl-3.0]	v6.0.0 -> 7.4.3
  [tls-1.0]	v6.0.0 -> 7.4.3
  [tls-1.1]	v6.0.0 -> 7.4.3
  [tls-1.2]	v6.0.0 -> 7.4.3
  [tls-1.3]	v6.2.0 -> 7.4.3

• ssl_min_version - Lowest SSL/TLS version to negotiate. type: str choices: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3 more...

  	Supported Version Ranges
  ssl_min_version	v6.0.0 -> 7.4.3
  [ssl-3.0]	v6.0.0 -> 7.4.3
  [tls-1.0]	v6.0.0 -> 7.4.3
  [tls-1.1]	v6.0.0 -> 7.4.3
  [tls-1.2]	v6.0.0 -> 7.4.3
  [tls-1.3]	v6.2.0 -> 7.4.3

• ssl_mode - SSL/TLS mode for encryption & decryption of traffic. type: str choices: off, full more...

  	Supported Version Ranges
  ssl_mode	v6.0.0 -> 7.4.3
  [off]	v6.0.0 -> 7.4.3
  [full]	v6.0.0 -> 7.4.3

• ssl_pfs - SSL Perfect Forward Secrecy. type: str choices: require, deny, allow more...

  	Supported Version Ranges
  ssl_pfs	v6.0.0 -> 7.4.3
  [require]	v6.0.0 -> 7.4.3
  [deny]	v6.0.0 -> 7.4.3
  [allow]	v6.0.0 -> 7.4.3

• ssl_send_empty_frags - Send empty fragments to avoid attack on CBC IV (SSL 3.0 & TLS 1.0 only). type: str choices: enable, disable more...

  	Supported Version Ranges
  ssl_send_empty_frags	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3

• ssl_server_certificate - Name of Certificate return to the client in every SSL connection. Source vpn.certificate.local.name. type: str more...

  	Supported Version Ranges
  ssl_server_certificate	v6.0.0 -> 7.4.3

• status - Enable/disable SIP. type: str choices: disable, enable more...

  	Supported Version Ranges
  status	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• strict_register - Enable/disable only allow the registrar to connect. type: str choices: disable, enable more...

  	Supported Version Ranges
  strict_register	v6.0.0 -> 7.4.3
  [disable]	v6.0.0 -> 7.4.3
  [enable]	v6.0.0 -> 7.4.3

• subscribe_rate - SUBSCRIBE request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  subscribe_rate	v6.0.0 -> 7.4.3

• subscribe_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  subscribe_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

• unknown_header - Action for unknown SIP header. type: str choices: discard, pass, respond more...

  	Supported Version Ranges
  unknown_header	v6.0.0 -> 7.4.3
  [discard]	v6.0.0 -> 7.4.3
  [pass]	v6.0.0 -> 7.4.3
  [respond]	v6.0.0 -> 7.4.3

• update_rate - UPDATE request rate limit (per second, per policy). type: int more...

  	Supported Version Ranges
  update_rate	v6.0.0 -> 7.4.3

• update_rate_track - Track the packet protocol field. type: str choices: none, src-ip, dest-ip more...

  	Supported Version Ranges
  update_rate_track	v7.0.0 -> 7.4.3
  [none]	v7.0.0 -> 7.4.3
  [src-ip]	v7.0.0 -> 7.4.3
  [dest-ip]	v7.0.0 -> 7.4.3

Notes

Note

• Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- name: Configure VoIP profiles.
  fortinet.fortios.fortios_voip_profile:
      vdom: "{{ vdom }}"
      state: "present"
      access_token: "<your_own_value>"
      voip_profile:
          comment: "Comment."
          feature_set: "ips"
          msrp:
              log_violations: "disable"
              max_msg_size: "0"
              max_msg_size_action: "pass"
              status: "disable"
          name: "default_name_10"
          sccp:
              block_mcast: "disable"
              log_call_summary: "disable"
              log_violations: "disable"
              max_calls: "0"
              status: "disable"
              verify_header: "disable"
          sip:
              ack_rate: "0"
              ack_rate_track: "none"
              block_ack: "disable"
              block_bye: "disable"
              block_cancel: "disable"
              block_geo_red_options: "disable"
              block_info: "disable"
              block_invite: "disable"
              block_long_lines: "disable"
              block_message: "disable"
              block_notify: "disable"
              block_options: "disable"
              block_prack: "disable"
              block_publish: "disable"
              block_refer: "disable"
              block_register: "disable"
              block_subscribe: "disable"
              block_unknown: "disable"
              block_update: "disable"
              bye_rate: "0"
              bye_rate_track: "none"
              call_id_regex: "<your_own_value>"
              call_keepalive: "0"
              cancel_rate: "0"
              cancel_rate_track: "none"
              contact_fixup: "disable"
              content_type_regex: "<your_own_value>"
              hnt_restrict_source_ip: "disable"
              hosted_nat_traversal: "disable"
              info_rate: "0"
              info_rate_track: "none"
              invite_rate: "0"
              invite_rate_track: "none"
              ips_rtp: "disable"
              log_call_summary: "disable"
              log_violations: "disable"
              malformed_header_allow: "discard"
              malformed_header_call_id: "discard"
              malformed_header_contact: "discard"
              malformed_header_content_length: "discard"
              malformed_header_content_type: "discard"
              malformed_header_cseq: "discard"
              malformed_header_expires: "discard"
              malformed_header_from: "discard"
              malformed_header_max_forwards: "discard"
              malformed_header_no_proxy_require: "discard"
              malformed_header_no_require: "discard"
              malformed_header_p_asserted_identity: "discard"
              malformed_header_rack: "discard"
              malformed_header_record_route: "discard"
              malformed_header_route: "discard"
              malformed_header_rseq: "discard"
              malformed_header_sdp_a: "discard"
              malformed_header_sdp_b: "discard"
              malformed_header_sdp_c: "discard"
              malformed_header_sdp_i: "discard"
              malformed_header_sdp_k: "discard"
              malformed_header_sdp_m: "discard"
              malformed_header_sdp_o: "discard"
              malformed_header_sdp_r: "discard"
              malformed_header_sdp_s: "discard"
              malformed_header_sdp_t: "discard"
              malformed_header_sdp_v: "discard"
              malformed_header_sdp_z: "discard"
              malformed_header_to: "discard"
              malformed_header_via: "discard"
              malformed_request_line: "discard"
              max_body_length: "0"
              max_dialogs: "0"
              max_idle_dialogs: "0"
              max_line_length: "998"
              message_rate: "0"
              message_rate_track: "none"
              nat_port_range: "<your_own_value>"
              nat_trace: "disable"
              no_sdp_fixup: "disable"
              notify_rate: "0"
              notify_rate_track: "none"
              open_contact_pinhole: "disable"
              open_record_route_pinhole: "disable"
              open_register_pinhole: "disable"
              open_via_pinhole: "disable"
              options_rate: "0"
              options_rate_track: "none"
              prack_rate: "0"
              prack_rate_track: "none"
              preserve_override: "disable"
              provisional_invite_expiry_time: "210"
              publish_rate: "0"
              publish_rate_track: "none"
              refer_rate: "0"
              refer_rate_track: "none"
              register_contact_trace: "disable"
              register_rate: "0"
              register_rate_track: "none"
              rfc2543_branch: "disable"
              rtp: "disable"
              ssl_algorithm: "high"
              ssl_auth_client: "<your_own_value> (source user.peer.name user.peergrp.name)"
              ssl_auth_server: "<your_own_value> (source user.peer.name user.peergrp.name)"
              ssl_client_certificate: "<your_own_value> (source vpn.certificate.local.name)"
              ssl_client_renegotiation: "allow"
              ssl_max_version: "ssl-3.0"
              ssl_min_version: "ssl-3.0"
              ssl_mode: "off"
              ssl_pfs: "require"
              ssl_send_empty_frags: "enable"
              ssl_server_certificate: "<your_own_value> (source vpn.certificate.local.name)"
              status: "disable"
              strict_register: "disable"
              subscribe_rate: "0"
              subscribe_rate_track: "none"
              unknown_header: "discard"
              update_rate: "0"
              update_rate_track: "none"

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

• build - Build number of the fortigate image returned: always type: str sample: 1547
• http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
• http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
• mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
• name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
• path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
• revision - Internal revision number returned: always type: str sample: 17.0.2.10658
• serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
• status - Indication of the operation's result returned: always type: str sample: success
• vdom - Virtual domain used returned: always type: str sample: root
• version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status

• This module is not guaranteed to have a backwards compatible interface.

Authors

• Link Zheng (@chillancezen)

• Jie Xue (@JieX19)

• Hongbin Lu (@fgtdev-hblu)

• Frank Shen (@frankshen01)

• Miguel Angel Munoz (@mamunozgonzalez)

• Nicolas Thomas (@thomnico)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.