:source: fortios_switch_controller_managed_switch.py :orphan: .. fortios_switch_controller_managed_switch: fortios_switch_controller_managed_switch -- Configure FortiSwitch devices that are managed by this FortiGate in Fortinet's FortiOS and FortiGate. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.0.0 .. contents:: :local: :depth: 1 Synopsis -------- - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify switch_controller feature and managed_switch category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0 Requirements ------------ The below requirements are needed on the host that executes this module. - ansible>=2.16 Tips ---- Using member operation to add an element to an existing object. FortiOS Version Compatibility ----------------------------- Supported Version Ranges: v6.0.0 -> v7.6.6 Parameters ---------- .. raw:: html

access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
enable_log - Enable/Disable logging for task. type: bool required: false default: False
vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
member_path - Member attribute path to operate on. type: str
member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
switch_controller_managed_switch - Configure FortiSwitch devices that are managed by this FortiGate. type: dict more...

Supported Version Ranges

switch_controller_managed_switch v6.0.0 -> 7.6.6

settings_802_1X - Configuration method to edit FortiSwitch 802.1X global settings. type: dict more...

Supported Version Ranges

settings_802_1X v6.0.0 -> 7.6.6

link_down_auth - Authentication state to set if a link is down. type: str choices: set-unauth, no-action more...

Supported Version Ranges

link_down_auth v6.0.0 -> 7.6.6

[set-unauth] v6.0.0 -> 7.6.6
[no-action] v6.0.0 -> 7.6.6
local_override - Enable to override global 802.1X settings on individual FortiSwitches. type: str choices: enable, disable more...

Supported Version Ranges

local_override v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
mab_reauth - Enable or disable MAB reauthentication settings. type: str choices: disable, enable more...

Supported Version Ranges

mab_reauth v7.2.0 -> 7.6.6

[disable] v7.2.0 -> 7.6.6
[enable] v7.2.0 -> 7.6.6

mac_called_station_delimiter - MAC called station delimiter . type: str choices: colon, hyphen, none, single-hyphen more...

mac_calling_station_delimiter - MAC calling station delimiter . type: str choices: colon, hyphen, none, single-hyphen more...

mac_case - MAC case . type: str choices: lowercase, uppercase more...

Supported Version Ranges

mac_case v7.4.2 -> 7.6.6

[lowercase] v7.4.2 -> 7.6.6
[uppercase] v7.4.2 -> 7.6.6
mac_password_delimiter - MAC authentication password delimiter . type: str choices: colon, hyphen, none, single-hyphen more...

Supported Version Ranges

mac_password_delimiter v7.4.2 -> 7.6.6

[colon] v7.4.2 -> 7.6.6
[hyphen] v7.4.2 -> 7.6.6
[none] v7.4.2 -> 7.6.6
[single-hyphen] v7.4.2 -> 7.6.6
mac_username_delimiter - MAC authentication username delimiter . type: str choices: colon, hyphen, none, single-hyphen more...

Supported Version Ranges

mac_username_delimiter v7.4.2 -> 7.6.6

[colon] v7.4.2 -> 7.6.6
[hyphen] v7.4.2 -> 7.6.6
[none] v7.4.2 -> 7.6.6
[single-hyphen] v7.4.2 -> 7.6.6
max_reauth_attempt - Maximum number of authentication attempts (0 - 15). type: int more...

Supported Version Ranges

max_reauth_attempt v6.0.0 -> 7.6.6
reauth_period - Reauthentication time interval (1 - 1440 min). type: int more...

Supported Version Ranges

reauth_period v6.0.0 -> 7.6.6
tx_period - 802.1X Tx period (seconds). type: int more...

Supported Version Ranges

tx_period v6.4.0 -> 7.6.6

access_profile - FortiSwitch access profile. Source switch-controller.security-policy.local-access.name. type: str more...

Supported Version Ranges

access_profile v6.2.0 -> 7.6.6
custom_command - Configuration method to edit FortiSwitch commands to be pushed to this FortiSwitch device upon rebooting the FortiGate switch controller or the FortiSwitch. type: list member_path: custom_command:command_entry more...

Supported Version Ranges

custom_command v6.0.0 -> 7.6.6

command_entry - List of FortiSwitch commands. type: str required: true more...

Supported Version Ranges

command_entry v6.0.0 -> 7.6.6
command_name - Names of commands to be pushed to this FortiSwitch device, as configured under config switch-controller custom-command. Source switch-controller.custom-command.command-name. type: str more...

Supported Version Ranges

command_name v6.0.0 -> 7.6.6

delayed_restart_trigger - Delayed restart triggered for this FortiSwitch. type: int more...

Supported Version Ranges

delayed_restart_trigger v6.0.0 -> 7.6.6
description - Description. type: str more...

Supported Version Ranges

description v6.0.0 -> 7.6.6
dhcp_server_access_list - DHCP snooping server access list. type: str choices: global, enable, disable more...

Supported Version Ranges

dhcp_server_access_list v7.0.1 -> 7.6.6

[global] v7.0.1 -> 7.6.6
[enable] v7.0.1 -> 7.6.6
[disable] v7.0.1 -> 7.6.6
dhcp_snooping_static_client - Configure FortiSwitch DHCP snooping static clients. type: list member_path: dhcp_snooping_static_client:name more...

Supported Version Ranges

dhcp_snooping_static_client v7.2.4 -> 7.6.6

ip - Client static IP address. type: str more...

Supported Version Ranges

ip v7.2.4 -> 7.6.6
mac - Client MAC address. type: str more...

Supported Version Ranges

mac v7.2.4 -> 7.6.6
name - Client name. type: str required: true more...

Supported Version Ranges

name v7.2.4 -> 7.6.6
port - Interface name. type: str more...

Supported Version Ranges

port v7.2.4 -> 7.6.6
vlan - VLAN name. Source system.interface.name. type: str more...

Supported Version Ranges

vlan v7.2.4 -> 7.6.6

directly_connected - Directly connected FortiSwitch. type: int more...

Supported Version Ranges

directly_connected v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
dynamic_capability - List of features this FortiSwitch supports (not configurable) that is sent to the FortiGate device for subsequent configuration initiated by the FortiGate device. type: str more...

Supported Version Ranges

dynamic_capability v6.0.0 -> 7.6.6
dynamically_discovered - Dynamically discovered FortiSwitch. type: int more...

Supported Version Ranges

dynamically_discovered v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
firmware_provision - Enable/disable provisioning of firmware to FortiSwitches on join connection. type: str choices: enable, disable more...

Supported Version Ranges

firmware_provision v7.0.0 -> 7.6.6

[enable] v7.0.0 -> 7.6.6
[disable] v7.0.0 -> 7.6.6
firmware_provision_latest - Enable/disable one-time automatic provisioning of the latest firmware version. type: str choices: disable, once more...

Supported Version Ranges

firmware_provision_latest v7.0.4 -> 7.6.6

[disable] v7.0.4 -> 7.6.6
[once] v7.0.4 -> 7.6.6
firmware_provision_version - Firmware version to provision to this FortiSwitch on bootup (major.minor.build, i.e. 6.2.1234). type: str more...

Supported Version Ranges

firmware_provision_version v7.0.0 -> 7.6.6
flow_identity - Flow-tracking netflow ipfix switch identity in hex format(00000000-FFFFFFFF ). type: str more...

Supported Version Ranges

flow_identity v6.2.0 -> 7.6.6
fsw_wan1_admin - FortiSwitch WAN1 admin status; enable to authorize the FortiSwitch as a managed switch. type: str choices: discovered, disable, enable more...

Supported Version Ranges

fsw_wan1_admin v6.0.0 -> 7.6.6

[discovered] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
[enable] v6.0.0 -> 7.6.6
fsw_wan1_peer - FortiSwitch WAN1 peer port. Source system.interface.name. type: str more...

Supported Version Ranges

fsw_wan1_peer v6.0.0 -> 7.6.6
fsw_wan2_admin - FortiSwitch WAN2 admin status; enable to authorize the FortiSwitch as a managed switch. type: str choices: discovered, disable, enable more...

Supported Version Ranges

fsw_wan2_admin v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3

[discovered] v6.0.0 -> v6.0.11
[disable] v6.0.0 -> v6.0.11
[enable] v6.0.0 -> v6.0.11
fsw_wan2_peer - FortiSwitch WAN2 peer port. type: str more...

Supported Version Ranges

fsw_wan2_peer v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3
igmp_snooping - Configure FortiSwitch IGMP snooping global settings. type: dict more...

Supported Version Ranges

igmp_snooping v6.0.0 -> 7.6.6

aging_time - Maximum time to retain a multicast snooping entry for which no packets have been seen (15 - 3600 sec). type: int more...

Supported Version Ranges

aging_time v6.0.0 -> 7.6.6
flood_unknown_multicast - Enable/disable unknown multicast flooding. type: str choices: enable, disable more...

Supported Version Ranges

flood_unknown_multicast v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
local_override - Enable/disable overriding the global IGMP snooping configuration. type: str choices: enable, disable more...

Supported Version Ranges

local_override v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
vlans - Configure IGMP snooping VLAN. type: list member_path: igmp_snooping/vlans:vlan_name more...

Supported Version Ranges

vlans v7.0.2 -> 7.6.6

proxy - IGMP snooping proxy for the VLAN interface. type: str choices: disable, enable, global more...

Supported Version Ranges

proxy v7.0.2 -> 7.6.6

[disable] v7.0.2 -> 7.6.6
[enable] v7.0.2 -> 7.6.6
[global] v7.0.2 -> 7.6.6
querier - Enable/disable IGMP snooping querier for the VLAN interface. type: str choices: disable, enable more...

Supported Version Ranges

querier v7.0.2 -> 7.6.6

[disable] v7.0.2 -> 7.6.6
[enable] v7.0.2 -> 7.6.6
querier_addr - IGMP snooping querier address. type: str more...

Supported Version Ranges

querier_addr v7.0.2 -> 7.6.6
version - IGMP snooping querying version. type: int more...

Supported Version Ranges

version v7.0.2 -> 7.6.6
vlan_name - List of FortiSwitch VLANs. Source system.interface.name. type: str required: true more...

Supported Version Ranges

vlan_name v7.0.2 -> 7.6.6

ip_source_guard - IP source guard. type: list member_path: ip_source_guard:port more...

Supported Version Ranges

ip_source_guard v6.4.0 -> 7.6.6

binding_entry - IP and MAC address configuration. type: list member_path: ip_source_guard:port/binding_entry:entry_name more...

Supported Version Ranges

binding_entry v6.4.0 -> 7.6.6

entry_name - Configure binding pair. type: str required: true more...

Supported Version Ranges

entry_name v6.4.0 -> 7.6.6
ip - Source IP for this rule. type: str more...

Supported Version Ranges

ip v6.4.0 -> 7.6.6
mac - MAC address for this rule. type: str more...

Supported Version Ranges

mac v6.4.0 -> 7.6.6

description - Description. type: str more...

Supported Version Ranges

description v6.4.0 -> 7.6.6
port - Ingress interface to which source guard is bound. type: str required: true more...

Supported Version Ranges

port v6.4.0 -> 7.6.6

l3_discovered - Layer 3 management discovered. type: int more...

Supported Version Ranges

l3_discovered v6.4.0 -> v7.0.5 v7.2.0 -> v7.2.0
max_allowed_trunk_members - FortiSwitch maximum allowed trunk members. type: int more...

Supported Version Ranges

max_allowed_trunk_members v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3 v6.4.0 -> v6.4.0 v6.4.4 -> 7.6.6
mclag_igmp_snooping_aware - Enable/disable MCLAG IGMP-snooping awareness. type: str choices: enable, disable more...

Supported Version Ranges

mclag_igmp_snooping_aware v6.2.0 -> 7.6.6

[enable] v6.2.0 -> 7.6.6
[disable] v6.2.0 -> 7.6.6
mgmt_mode - FortiLink management mode. type: int more...

Supported Version Ranges

mgmt_mode v7.4.2 -> 7.6.6
mirror - Configuration method to edit FortiSwitch packet mirror. type: list member_path: mirror:name more...

Supported Version Ranges

mirror v6.0.0 -> 7.6.6

dst - Destination port. type: str more...

Supported Version Ranges

dst v6.0.0 -> 7.6.6
name - Mirror name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> 7.6.6
src_egress - Source egress interfaces. type: list member_path: mirror:name/src_egress:name more...

Supported Version Ranges

src_egress v6.0.0 -> 7.6.6

name - Interface name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> 7.6.6

src_ingress - Source ingress interfaces. type: list member_path: mirror:name/src_ingress:name more...

Supported Version Ranges

src_ingress v6.0.0 -> 7.6.6

name - Interface name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> 7.6.6

status - Active/inactive mirror configuration. type: str choices: active, inactive more...

Supported Version Ranges

status v6.0.0 -> 7.6.6

[active] v6.0.0 -> 7.6.6
[inactive] v6.0.0 -> 7.6.6
switching_packet - Enable/disable switching functionality when mirroring. type: str choices: enable, disable more...

Supported Version Ranges

switching_packet v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6

name - Managed-switch name. type: str more...

Supported Version Ranges

name v6.0.0 -> v7.2.4
override_snmp_community - Enable/disable overriding the global SNMP communities. type: str choices: enable, disable more...

Supported Version Ranges

override_snmp_community v6.2.0 -> 7.6.6

[enable] v6.2.0 -> 7.6.6
[disable] v6.2.0 -> 7.6.6
override_snmp_sysinfo - Enable/disable overriding the global SNMP system information. type: str choices: disable, enable more...

Supported Version Ranges

override_snmp_sysinfo v6.2.0 -> 7.6.6

[disable] v6.2.0 -> 7.6.6
[enable] v6.2.0 -> 7.6.6
override_snmp_trap_threshold - Enable/disable overriding the global SNMP trap threshold values. type: str choices: enable, disable more...

Supported Version Ranges

override_snmp_trap_threshold v6.2.0 -> 7.6.6

[enable] v6.2.0 -> 7.6.6
[disable] v6.2.0 -> 7.6.6
override_snmp_user - Enable/disable overriding the global SNMP users. type: str choices: enable, disable more...

Supported Version Ranges

override_snmp_user v6.2.0 -> 7.6.6

[enable] v6.2.0 -> 7.6.6
[disable] v6.2.0 -> 7.6.6
owner_vdom - VDOM which owner of port belongs to. type: str more...

Supported Version Ranges

owner_vdom v6.0.0 -> 7.6.6
poe_detection_type - PoE detection type for FortiSwitch. type: int more...

Supported Version Ranges

poe_detection_type v6.0.0 -> 7.6.6
poe_lldp_detection - Enable/disable PoE LLDP detection. type: str choices: enable, disable more...

Supported Version Ranges

poe_lldp_detection v6.2.0 -> v6.2.7

[enable] v6.2.0 -> v6.2.7
[disable] v6.2.0 -> v6.2.7
poe_pre_standard_detection - Enable/disable PoE pre-standard detection. type: str choices: enable, disable more...

Supported Version Ranges

poe_pre_standard_detection v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
ports - Managed-switch port list. type: list member_path: ports:port_name more...

Supported Version Ranges

ports v6.0.0 -> 7.6.6

access_mode - Access mode of the port. type: str choices: dynamic, nac, static, normal more...

Supported Version Ranges

access_mode v6.4.0 -> 7.6.6

[dynamic] v7.0.0 -> 7.6.6

[nac] v6.4.0 -> 7.6.6
[static] v7.0.0 -> 7.6.6

[normal] v6.4.0 -> v6.4.4
acl_group - ACL groups on this port. type: list member_path: ports:port_name/acl_group:name more...

Supported Version Ranges

acl_group v7.4.0 -> 7.6.6

name - ACL group name. Source switch-controller.acl.group.name. type: str required: true more...

Supported Version Ranges

name v7.4.0 -> 7.6.6

aggregator_mode - LACP member select mode. type: str choices: bandwidth, count more...

Supported Version Ranges

aggregator_mode v6.4.0 -> v6.4.0 v6.4.4 -> 7.6.6

[bandwidth] v6.4.0 -> v6.4.0
[count] v6.4.0 -> v6.4.0
allow_arp_monitor - Enable/Disable allow ARP monitor. type: str choices: disable, enable more...

Supported Version Ranges

allow_arp_monitor v7.4.4 -> 7.6.6

[disable] v7.4.4 -> 7.6.6
[enable] v7.4.4 -> 7.6.6
allowed_vlans - Configure switch port tagged VLANs. type: list member_path: ports:port_name/allowed_vlans:vlan_name more...

Supported Version Ranges

allowed_vlans v6.0.0 -> 7.6.6

vlan_name - VLAN name. Source system.interface.name. type: str required: true more...

Supported Version Ranges

vlan_name v6.0.0 -> 7.6.6

allowed_vlans_all - Enable/disable all defined vlans on this port. type: str choices: enable, disable more...

Supported Version Ranges

allowed_vlans_all v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
arp_inspection_trust - Trusted or untrusted dynamic ARP inspection. type: str choices: untrusted, trusted more...

Supported Version Ranges

arp_inspection_trust v6.0.0 -> 7.6.6

[untrusted] v6.0.0 -> 7.6.6
[trusted] v6.0.0 -> 7.6.6
bundle - Enable/disable Link Aggregation Group (LAG) bundling for non-FortiLink interfaces. type: str choices: enable, disable more...

Supported Version Ranges

bundle v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
description - Description for port. type: str more...

Supported Version Ranges

description v6.0.0 -> 7.6.6
dhcp_snoop_option82_override - Configure DHCP snooping option 82 override. type: list member_path: ports:port_name/dhcp_snoop_option82_override:vlan_name more...

Supported Version Ranges

dhcp_snoop_option82_override v7.4.0 -> 7.6.6

circuit_id - Circuit ID string. type: str more...

Supported Version Ranges

circuit_id v7.4.0 -> 7.6.6
remote_id - Remote ID string. type: str more...

Supported Version Ranges

remote_id v7.4.0 -> 7.6.6
vlan_name - DHCP snooping option 82 VLAN. Source system.interface.name. type: str required: true more...

Supported Version Ranges

vlan_name v7.4.0 -> 7.6.6

dhcp_snoop_option82_trust - Enable/disable allowance of DHCP with option-82 on untrusted interface. type: str choices: enable, disable more...

Supported Version Ranges

dhcp_snoop_option82_trust v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
dhcp_snooping - Trusted or untrusted DHCP-snooping interface. type: str choices: untrusted, trusted more...

Supported Version Ranges

dhcp_snooping v6.0.0 -> 7.6.6

[untrusted] v6.0.0 -> 7.6.6
[trusted] v6.0.0 -> 7.6.6
discard_mode - Configure discard mode for port. type: str choices: none, all-untagged, all-tagged more...

Supported Version Ranges

discard_mode v6.0.0 -> 7.6.6

[none] v6.0.0 -> 7.6.6
[all-untagged] v6.0.0 -> 7.6.6
[all-tagged] v6.0.0 -> 7.6.6
edge_port - Enable/disable this interface as an edge port, bridging connections between workstations and/or computers. type: str choices: enable, disable more...

Supported Version Ranges

edge_port v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
export_tags - Configure export tag(s) for FortiSwitch port when exported to a virtual port pool. type: list member_path: ports:port_name/export_tags:tag_name more...

Supported Version Ranges

export_tags v6.0.0 -> v7.0.1

tag_name - FortiSwitch port tag name when exported to a virtual port pool. Source switch-controller.switch-interface-tag.name. type: str required: true more...

Supported Version Ranges

tag_name v6.0.0 -> v7.0.1

export_to - Export managed-switch port to a tenant VDOM. Source system.vdom.name. type: str more...

Supported Version Ranges

export_to v6.0.0 -> 7.6.6
export_to_pool - Switch controller export port to pool-list. Source switch-controller.virtual-port-pool.name. type: str more...

Supported Version Ranges

export_to_pool v6.0.0 -> 7.6.6
export_to_pool_flag - Switch controller export port to pool-list. type: int more...

Supported Version Ranges

export_to_pool_flag v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3
fallback_port - LACP fallback port. type: str more...

Supported Version Ranges

fallback_port v7.4.4 -> 7.6.6
fec_capable - FEC capable. type: int more...

Supported Version Ranges

fec_capable v7.0.0 -> 7.6.6
fec_state - State of forward error correction. type: str choices: disabled, cl74, cl91, detect-by-module more...

Supported Version Ranges

fec_state v7.0.0 -> 7.6.6

[disabled] v7.0.0 -> 7.6.6
[cl74] v7.0.0 -> 7.6.6
[cl91] v7.0.0 -> 7.6.6
[detect-by-module] v7.4.2 -> 7.6.6
fgt_peer_device_name - FGT peer device name. type: str more...

Supported Version Ranges

fgt_peer_device_name v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
fgt_peer_port_name - FGT peer port name. type: str more...

Supported Version Ranges

fgt_peer_port_name v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
fiber_port - Fiber-port. type: int more...

Supported Version Ranges

fiber_port v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
flags - Port properties flags. type: int more...

Supported Version Ranges

flags v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
flap_duration - Period over which flap events are calculated (seconds). type: int more...

Supported Version Ranges

flap_duration v7.2.0 -> 7.6.6
flap_rate - Number of stage change events needed within flap-duration. type: int more...

Supported Version Ranges

flap_rate v7.2.0 -> 7.6.6
flap_timeout - Flap guard disabling protection (min). type: int more...

Supported Version Ranges

flap_timeout v7.2.0 -> 7.6.6
flapguard - Enable/disable flap guard. type: str choices: enable, disable more...

Supported Version Ranges

flapguard v7.2.0 -> 7.6.6

[enable] v7.2.0 -> 7.6.6
[disable] v7.2.0 -> 7.6.6
flow_control - Flow control direction. type: str choices: disable, tx, rx, both more...

Supported Version Ranges

flow_control v6.4.4 -> 7.6.6

[disable] v6.4.4 -> 7.6.6
[tx] v6.4.4 -> 7.6.6
[rx] v6.4.4 -> 7.6.6
[both] v6.4.4 -> 7.6.6
fortilink_port - FortiLink uplink port. type: int more...

Supported Version Ranges

fortilink_port v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
fortiswitch_acls - ACLs on this port. type: list member_path: ports:port_name/fortiswitch_acls:id more...

Supported Version Ranges

fortiswitch_acls v7.4.0 -> 7.6.6

id - ACL ID. see Notes. type: int required: true more...

Supported Version Ranges

id v7.4.0 -> 7.6.6

igmp_snooping - Set IGMP snooping mode for the physical port interface. type: str choices: enable, disable more...

Supported Version Ranges

igmp_snooping v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
igmp_snooping_flood_reports - Enable/disable flooding of IGMP reports to this interface when igmp-snooping enabled. type: str choices: enable, disable more...

Supported Version Ranges

igmp_snooping_flood_reports v7.2.1 -> 7.6.6

[enable] v7.2.1 -> 7.6.6
[disable] v7.2.1 -> 7.6.6
igmps_flood_reports - Enable/disable flooding of IGMP reports to this interface when igmp-snooping enabled. type: str choices: enable, disable more...

Supported Version Ranges

igmps_flood_reports v6.0.0 -> v7.2.0

[enable] v6.0.0 -> v7.2.0
[disable] v6.0.0 -> v7.2.0
igmps_flood_traffic - Enable/disable flooding of IGMP snooping traffic to this interface. type: str choices: enable, disable more...

Supported Version Ranges

igmps_flood_traffic v6.0.0 -> v7.2.0

[enable] v6.0.0 -> v7.2.0
[disable] v6.0.0 -> v7.2.0
interface_tags - Tag(s) associated with the interface for various features including virtual port pool, dynamic port policy. type: list member_path: ports:port_name/interface_tags:tag_name more...

Supported Version Ranges

interface_tags v7.0.2 -> 7.6.6

tag_name - FortiSwitch port tag name when exported to a virtual port pool or matched to dynamic port policy. Source switch-controller.switch-interface-tag.name. type: str required: true more...

Supported Version Ranges

tag_name v7.0.2 -> 7.6.6

ip_source_guard - Enable/disable IP source guard. type: str choices: disable, enable more...

Supported Version Ranges

ip_source_guard v6.4.0 -> 7.6.6

[disable] v6.4.0 -> 7.6.6
[enable] v6.4.0 -> 7.6.6
isl_local_trunk_name - ISL local trunk name. type: str more...

Supported Version Ranges

isl_local_trunk_name v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
isl_peer_device_name - ISL peer device name. type: str more...

Supported Version Ranges

isl_peer_device_name v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
isl_peer_port_name - ISL peer port name. type: str more...

Supported Version Ranges

isl_peer_port_name v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
lacp_speed - End Link Aggregation Control Protocol (LACP) messages every 30 seconds (slow) or every second (fast). type: str choices: slow, fast more...

Supported Version Ranges

lacp_speed v6.0.0 -> 7.6.6

[slow] v6.0.0 -> 7.6.6
[fast] v6.0.0 -> 7.6.6
learning_limit - Limit the number of dynamic MAC addresses on this Port (1 - 128, 0 = no limit, default). type: int more...

Supported Version Ranges

learning_limit v6.0.0 -> 7.6.6
lldp_profile - LLDP port TLV profile. Source switch-controller.lldp-profile.name. type: str more...

Supported Version Ranges

lldp_profile v6.0.0 -> 7.6.6
lldp_status - LLDP transmit and receive status. type: str choices: disable, rx-only, tx-only, tx-rx more...

Supported Version Ranges

lldp_status v6.0.0 -> 7.6.6

[disable] v6.0.0 -> 7.6.6
[rx-only] v6.0.0 -> 7.6.6
[tx-only] v6.0.0 -> 7.6.6
[tx-rx] v6.0.0 -> 7.6.6
log_mac_event - Enable/disable logging for dynamic MAC address events. type: str choices: disable, enable more...

Supported Version Ranges

log_mac_event v7.6.0 -> 7.6.6

[disable] v7.6.0 -> 7.6.6
[enable] v7.6.0 -> 7.6.6
loop_guard - Enable/disable loop-guard on this interface, an STP optimization used to prevent network loops. type: str choices: enabled, disabled more...

Supported Version Ranges

loop_guard v6.0.0 -> 7.6.6

[enabled] v6.0.0 -> 7.6.6
[disabled] v6.0.0 -> 7.6.6
loop_guard_timeout - Loop-guard timeout (0 - 120 min). type: int more...

Supported Version Ranges

loop_guard_timeout v6.0.0 -> 7.6.6
mac_addr - Port/Trunk MAC. type: str more...

Supported Version Ranges

mac_addr v6.2.0 -> 7.6.6
matched_dpp_intf_tags - Matched interface tags in the dynamic port policy. type: str more...

Supported Version Ranges

matched_dpp_intf_tags v7.0.0 -> 7.6.6
matched_dpp_policy - Matched child policy in the dynamic port policy. type: str more...

Supported Version Ranges

matched_dpp_policy v7.0.0 -> 7.6.6
max_bundle - Maximum size of LAG bundle (1 - 24). type: int more...

Supported Version Ranges

max_bundle v6.0.0 -> 7.6.6
mcast_snooping_flood_traffic - Enable/disable flooding of IGMP snooping traffic to this interface. type: str choices: enable, disable more...

Supported Version Ranges

mcast_snooping_flood_traffic v7.2.1 -> 7.6.6

[enable] v7.2.1 -> 7.6.6
[disable] v7.2.1 -> 7.6.6
mclag - Enable/disable multi-chassis link aggregation (MCLAG). type: str choices: enable, disable more...

Supported Version Ranges

mclag v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
mclag_icl_port - MCLAG-ICL port. type: int more...

Supported Version Ranges

mclag_icl_port v6.4.0 -> v7.0.5 v7.2.0 -> v7.2.0
media_type - Media type. type: str more...

Supported Version Ranges

media_type v6.4.4 -> v7.0.5 v7.2.0 -> v7.2.0
member_withdrawal_behavior - Port behavior after it withdraws because of loss of control packets. type: str choices: forward, block more...

Supported Version Ranges

member_withdrawal_behavior v6.0.0 -> 7.6.6

[forward] v6.0.0 -> 7.6.6
[block] v6.0.0 -> 7.6.6
members - Aggregated LAG bundle interfaces. type: list member_path: ports:port_name/members:member_name more...

Supported Version Ranges

members v6.0.0 -> 7.6.6

member_name - Interface name from available options. type: str required: true more...

Supported Version Ranges

member_name v6.0.0 -> 7.6.6

min_bundle - Minimum size of LAG bundle (1 - 24). type: int more...

Supported Version Ranges

min_bundle v6.0.0 -> 7.6.6
mode - LACP mode: ignore and do not send control messages, or negotiate 802.3ad aggregation passively or actively. type: str choices: static, lacp-passive, lacp-active more...

Supported Version Ranges

mode v6.0.0 -> 7.6.6

[static] v6.0.0 -> 7.6.6
[lacp-passive] v6.0.0 -> 7.6.6
[lacp-active] v6.0.0 -> 7.6.6
p2p_port - General peer to peer tunnel port. type: int more...

Supported Version Ranges

p2p_port v6.4.0 -> v7.0.5 v7.2.0 -> v7.2.0
packet_sample_rate - Packet sampling rate (0 - 99999 p/sec). type: int more...

Supported Version Ranges

packet_sample_rate v6.2.0 -> 7.6.6
packet_sampler - Enable/disable packet sampling on this interface. type: str choices: enabled, disabled more...

Supported Version Ranges

packet_sampler v6.2.0 -> 7.6.6

[enabled] v6.2.0 -> 7.6.6
[disabled] v6.2.0 -> 7.6.6
pause_meter - Configure ingress pause metering rate, in kbps . type: int more...

Supported Version Ranges

pause_meter v6.4.4 -> 7.6.6
pause_meter_resume - Resume threshold for resuming traffic on ingress port. type: str choices: 75%, 50%, 25% more...

Supported Version Ranges

pause_meter_resume v6.4.4 -> 7.6.6

[75%] v6.4.4 -> 7.6.6
[50%] v6.4.4 -> 7.6.6
[25%] v6.4.4 -> 7.6.6
pd_capable - Powered device capable. type: int more...

Supported Version Ranges

pd_capable v7.6.0 -> 7.6.6
poe_capable - PoE capable. type: int more...

Supported Version Ranges

poe_capable v6.0.0 -> 7.6.6
poe_max_power - PoE maximum power. type: str more...

Supported Version Ranges

poe_max_power v7.0.1 -> v7.0.5 v7.2.0 -> v7.2.0
poe_mode_bt_cabable - PoE mode IEEE 802.3BT capable. type: int more...

Supported Version Ranges

poe_mode_bt_cabable v7.2.4 -> 7.6.6
poe_port_mode - Configure PoE port mode. type: str choices: ieee802-3af, ieee802-3at, ieee802-3bt more...

Supported Version Ranges

poe_port_mode v7.2.4 -> 7.6.6

[ieee802-3af] v7.2.4 -> 7.6.6
[ieee802-3at] v7.2.4 -> 7.6.6
[ieee802-3bt] v7.2.4 -> 7.6.6
poe_port_power - Configure PoE port power. type: str choices: normal, perpetual, perpetual-fast more...

Supported Version Ranges

poe_port_power v7.2.4 -> 7.6.6

[normal] v7.2.4 -> 7.6.6
[perpetual] v7.2.4 -> 7.6.6
[perpetual-fast] v7.2.4 -> 7.6.6

poe_port_priority - Configure PoE port priority. type: str choices: critical-priority, high-priority, low-priority, medium-priority more...

poe_pre_standard_detection - Enable/disable PoE pre-standard detection. type: str choices: enable, disable more...

Supported Version Ranges

poe_pre_standard_detection v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
poe_standard - PoE standard supported. type: str more...

Supported Version Ranges

poe_standard v7.0.1 -> v7.0.5 v7.2.0 -> v7.2.0
poe_status - Enable/disable PoE status. type: str choices: enable, disable more...

Supported Version Ranges

poe_status v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
port_name - Switch port name. type: str required: true more...

Supported Version Ranges

port_name v6.0.0 -> 7.6.6
port_number - Port number. type: int more...

Supported Version Ranges

port_number v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
port_owner - Switch port name. type: str more...

Supported Version Ranges

port_owner v6.0.0 -> 7.6.6
port_policy - Switch controller dynamic port policy from available options. Source switch-controller.dynamic-port-policy.name. type: str more...

Supported Version Ranges

port_policy v7.0.0 -> 7.6.6
port_prefix_type - Port prefix type. type: int more...

Supported Version Ranges

port_prefix_type v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
port_security_policy - Switch controller authentication policy to apply to this managed switch from available options. Source switch-controller .security-policy.802-1X.name. type: str more...

Supported Version Ranges

port_security_policy v6.0.0 -> 7.6.6

port_selection_criteria - Algorithm for aggregate port selection. type: str choices: src-mac, dst-mac, src-dst-mac, src-ip, dst-ip, src-dst-ip more...

ptp_policy - PTP policy configuration. Source switch-controller.ptp.interface-policy.name. type: str more...

Supported Version Ranges

ptp_policy v6.4.0 -> v6.4.0 v6.4.4 -> 7.6.6
ptp_status - Enable/disable PTP policy on this FortiSwitch port. type: str choices: disable, enable more...

Supported Version Ranges

ptp_status v7.4.1 -> 7.6.6

[disable] v7.4.1 -> 7.6.6
[enable] v7.4.1 -> 7.6.6
qnq - 802.1AD VLANs in the VDom. Source system.interface.name. type: str more...

Supported Version Ranges

qnq v7.6.0 -> 7.6.6
qos_policy - Switch controller QoS policy from available options. Source switch-controller.qos.qos-policy.name. type: str more...

Supported Version Ranges

qos_policy v6.0.0 -> 7.6.6
rpvst_port - Enable/disable inter-operability with rapid PVST on this interface. type: str choices: disabled, enabled more...

Supported Version Ranges

rpvst_port v6.4.0 -> v6.4.0 v6.4.4 -> 7.6.6

[disabled] v6.4.0 -> v6.4.0
[enabled] v6.4.0 -> v6.4.0
sample_direction - Packet sampling direction. type: str choices: tx, rx, both more...

Supported Version Ranges

sample_direction v6.0.0 -> 7.6.6

[tx] v6.0.0 -> 7.6.6
[rx] v6.0.0 -> 7.6.6
[both] v6.0.0 -> 7.6.6
sflow_counter_interval - sFlow sampling counter polling interval in seconds (0 - 255). type: int more...

Supported Version Ranges

sflow_counter_interval v6.0.0 -> 7.6.6
sflow_sample_rate - sFlow sampler sample rate (0 - 99999 p/sec). type: int more...

Supported Version Ranges

sflow_sample_rate v6.0.0 -> v6.0.11
sflow_sampler - Enable/disable sFlow protocol on this interface. type: str choices: enabled, disabled more...

Supported Version Ranges

sflow_sampler v6.0.0 -> v6.0.11

[enabled] v6.0.0 -> v6.0.11
[disabled] v6.0.0 -> v6.0.11

speed - Switch port speed; default and available settings depend on hardware. type: str choices: 10half, 10full, 100half, 100full, 1000full, 10000full, auto, 1000auto, 1000full-fiber, 40000full, auto-module, 100FX-half, 100FX-full, 100000full, 2500auto, 2500full, 25000full, 50000full, 10000cr, 10000sr, 100000sr4, 100000cr4, 40000sr4, 40000cr4, 40000auto, 25000cr, 25000sr, 50000cr, 50000sr, 5000auto, sgmii-auto, 1000fiber, 10000, 40000, 25000cr4, 25000sr4, 5000full more...

speed_mask - Switch port speed mask. type: int more...

Supported Version Ranges

speed_mask v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3
stacking_port - Stacking port. type: int more...

Supported Version Ranges

stacking_port v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
status - Switch port admin status: up or down. type: str choices: up, down more...

Supported Version Ranges

status v6.0.0 -> 7.6.6

[up] v6.0.0 -> 7.6.6
[down] v6.0.0 -> 7.6.6
sticky_mac - Enable or disable sticky-mac on the interface. type: str choices: enable, disable more...

Supported Version Ranges

sticky_mac v6.2.0 -> 7.6.6

[enable] v6.2.0 -> 7.6.6
[disable] v6.2.0 -> 7.6.6
storm_control_policy - Switch controller storm control policy from available options. Source switch-controller.storm-control-policy.name. type: str more...

Supported Version Ranges

storm_control_policy v6.2.0 -> 7.6.6
stp_bpdu_guard - Enable/disable STP BPDU guard on this interface. type: str choices: enabled, disabled more...

Supported Version Ranges

stp_bpdu_guard v6.0.0 -> 7.6.6

[enabled] v6.0.0 -> 7.6.6
[disabled] v6.0.0 -> 7.6.6
stp_bpdu_guard_timeout - BPDU Guard disabling protection (0 - 120 min). type: int more...

Supported Version Ranges

stp_bpdu_guard_timeout v6.0.0 -> 7.6.6
stp_root_guard - Enable/disable STP root guard on this interface. type: str choices: enabled, disabled more...

Supported Version Ranges

stp_root_guard v6.0.0 -> 7.6.6

[enabled] v6.0.0 -> 7.6.6
[disabled] v6.0.0 -> 7.6.6
stp_state - Enable/disable Spanning Tree Protocol (STP) on this interface. type: str choices: enabled, disabled more...

Supported Version Ranges

stp_state v6.0.0 -> 7.6.6

[enabled] v6.0.0 -> 7.6.6
[disabled] v6.0.0 -> 7.6.6
switch_id - Switch id. type: str more...

Supported Version Ranges

switch_id v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
type - Interface type: physical or trunk port. type: str choices: physical, trunk more...

Supported Version Ranges

type v6.0.0 -> 7.6.6

[physical] v6.0.0 -> 7.6.6
[trunk] v6.0.0 -> 7.6.6
untagged_vlans - Configure switch port untagged VLANs. type: list member_path: ports:port_name/untagged_vlans:vlan_name more...

Supported Version Ranges

untagged_vlans v6.0.0 -> 7.6.6

vlan_name - VLAN name. Source system.interface.name. type: str required: true more...

Supported Version Ranges

vlan_name v6.0.0 -> 7.6.6

virtual_port - Virtualized switch port. type: int more...

Supported Version Ranges

virtual_port v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3
vlan - Assign switch ports to a VLAN. Source system.interface.name. type: str more...

Supported Version Ranges

vlan v6.0.0 -> 7.6.6

pre_provisioned - Pre-provisioned managed switch. type: int more...

Supported Version Ranges

pre_provisioned v6.0.0 -> 7.6.6
ptp_profile - PTP profile configuration. Source switch-controller.ptp.profile.name. type: str more...

Supported Version Ranges

ptp_profile v7.4.1 -> 7.6.6
ptp_status - Enable/disable PTP profile on this FortiSwitch. type: str choices: disable, enable more...

Supported Version Ranges

ptp_status v7.4.1 -> 7.6.6

[disable] v7.4.1 -> 7.6.6
[enable] v7.4.1 -> 7.6.6

purdue_level - Purdue Level of this FortiSwitch. type: str choices: 1, 1.5, 2, 2.5, 3, 3.5, 4, 5, 5.5 more...

qos_drop_policy - Set QoS drop-policy. type: str choices: taildrop, random-early-detection more...

Supported Version Ranges

qos_drop_policy v6.4.0 -> 7.6.6

[taildrop] v6.4.0 -> 7.6.6
[random-early-detection] v6.4.0 -> 7.6.6
qos_red_probability - Set QoS RED/WRED drop probability. type: int more...

Supported Version Ranges

qos_red_probability v6.4.0 -> 7.6.6
radius_nas_ip - NAS-IP address. type: str more...

Supported Version Ranges

radius_nas_ip v7.4.2 -> 7.6.6
radius_nas_ip_override - Use locally defined NAS-IP. type: str choices: disable, enable more...

Supported Version Ranges

radius_nas_ip_override v7.4.2 -> 7.6.6

[disable] v7.4.2 -> 7.6.6
[enable] v7.4.2 -> 7.6.6
remote_log - Configure logging by FortiSwitch device to a remote syslog server. type: list member_path: remote_log:name more...

Supported Version Ranges

remote_log v6.2.0 -> 7.6.6

csv - Enable/disable comma-separated value (CSV) strings. type: str choices: enable, disable more...

Supported Version Ranges

csv v6.2.0 -> 7.6.6

[enable] v6.2.0 -> 7.6.6
[disable] v6.2.0 -> 7.6.6

facility - Facility to log to remote syslog server. type: str choices: kernel, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, authpriv, ftp, ntp, audit, alert, clock, local0, local1, local2, local3, local4, local5, local6, local7 more...

name - Remote log name. type: str required: true more...

Supported Version Ranges

name v6.2.0 -> 7.6.6
port - Remote syslog server listening port. type: int more...

Supported Version Ranges

port v6.2.0 -> 7.6.6
server - IPv4 address of the remote syslog server. type: str more...

Supported Version Ranges

server v6.2.0 -> 7.6.6

severity - Severity of logs to be transferred to remote log server. type: str choices: emergency, alert, critical, error, warning, notification, information, debug more...

status - Enable/disable logging by FortiSwitch device to a remote syslog server. type: str choices: enable, disable more...

Supported Version Ranges

status v6.2.0 -> 7.6.6

[enable] v6.2.0 -> 7.6.6
[disable] v6.2.0 -> 7.6.6

route_offload - Enable/disable route offload on this FortiSwitch. type: str choices: disable, enable more...

Supported Version Ranges

route_offload v7.4.1 -> 7.6.6

[disable] v7.4.1 -> 7.6.6
[enable] v7.4.1 -> 7.6.6
route_offload_mclag - Enable/disable route offload MCLAG on this FortiSwitch. type: str choices: disable, enable more...

Supported Version Ranges

route_offload_mclag v7.4.1 -> 7.6.6

[disable] v7.4.1 -> 7.6.6
[enable] v7.4.1 -> 7.6.6
route_offload_router - Configure route offload MCLAG IP address. type: list member_path: route_offload_router:vlan_name more...

Supported Version Ranges

route_offload_router v7.4.1 -> 7.6.6

router_ip - Router IP address. type: str more...

Supported Version Ranges

router_ip v7.4.1 -> 7.6.6
vlan_name - VLAN name. Source system.interface.name. type: str required: true more...

Supported Version Ranges

vlan_name v7.4.1 -> 7.6.6

router_static - Configure static routes. type: list member_path: router_static:id more...

Supported Version Ranges

router_static v7.6.4 -> 7.6.6

blackhole - Enable/disable blackhole on this route. type: str choices: disable, enable more...

Supported Version Ranges

blackhole v7.6.4 -> 7.6.6

[disable] v7.6.4 -> 7.6.6
[enable] v7.6.4 -> 7.6.6
comment - Comment. type: str more...

Supported Version Ranges

comment v7.6.4 -> 7.6.6
device - Gateway out interface. Source switch-controller.managed-switch.system-interface.name. type: str more...

Supported Version Ranges

device v7.6.4 -> 7.6.6
distance - Administrative distance for the route (1 - 255). type: int more...

Supported Version Ranges

distance v7.6.4 -> 7.6.6
dst - Destination ip and mask for this route. type: str more...

Supported Version Ranges

dst v7.6.4 -> 7.6.6
dynamic_gateway - Enable/disable dynamic gateway. type: str choices: disable, enable more...

Supported Version Ranges

dynamic_gateway v7.6.4 -> 7.6.6

[disable] v7.6.4 -> 7.6.6
[enable] v7.6.4 -> 7.6.6
gateway - Gateway ip for this route. type: str more...

Supported Version Ranges

gateway v7.6.4 -> 7.6.6
id - Entry sequence number. see Notes. type: int required: true more...

Supported Version Ranges

id v7.6.4 -> 7.6.6
status - Enable/disable route status. type: str choices: disable, enable more...

Supported Version Ranges

status v7.6.4 -> 7.6.6

[disable] v7.6.4 -> 7.6.6
[enable] v7.6.4 -> 7.6.6
switch_id - Switch ID. Source switch-controller.managed-switch.switch-id. type: str more...

Supported Version Ranges

switch_id v7.6.4 -> 7.6.6
vrf - VRF for this route. Source switch-controller.managed-switch.router-vrf.name. type: str more...

Supported Version Ranges

vrf v7.6.4 -> 7.6.6

router_vrf - Configure VRF. type: list member_path: router_vrf:name more...

Supported Version Ranges

router_vrf v7.6.4 -> 7.6.6

name - VRF entry name. type: str required: true more...

Supported Version Ranges

name v7.6.4 -> 7.6.6
switch_id - Switch ID. Source switch-controller.managed-switch.switch-id. type: str more...

Supported Version Ranges

switch_id v7.6.4 -> 7.6.6
vrfid - VRF ID. type: int more...

Supported Version Ranges

vrfid v7.6.4 -> 7.6.6

sn - Managed-switch serial number. type: str more...

Supported Version Ranges

sn v7.4.0 -> 7.6.6
snmp_community - Configuration method to edit Simple Network Management Protocol (SNMP) communities. type: list member_path: snmp_community:id more...

Supported Version Ranges

snmp_community v6.2.0 -> 7.6.6

events - SNMP notifications (traps) to send. type: list choices: cpu-high, mem-low, log-full, intf-ip, ent-conf-change, l2mac more...

hosts - Configure IPv4 SNMP managers (hosts). type: list member_path: snmp_community:id/hosts:id more...

Supported Version Ranges

hosts v6.2.0 -> 7.6.6

id - Host entry ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.2.0 -> 7.6.6
ip - IPv4 address of the SNMP manager (host). type: str more...

Supported Version Ranges

ip v6.2.0 -> 7.6.6

id - SNMP community ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.2.0 -> 7.6.6
name - SNMP community name. type: str more...

Supported Version Ranges

name v6.2.0 -> 7.6.6
query_v1_port - SNMP v1 query port . type: int more...

Supported Version Ranges

query_v1_port v6.2.0 -> 7.6.6
query_v1_status - Enable/disable SNMP v1 queries. type: str choices: disable, enable more...

Supported Version Ranges

query_v1_status v6.2.0 -> 7.6.6

[disable] v6.2.0 -> 7.6.6
[enable] v6.2.0 -> 7.6.6
query_v2c_port - SNMP v2c query port . type: int more...

Supported Version Ranges

query_v2c_port v6.2.0 -> 7.6.6
query_v2c_status - Enable/disable SNMP v2c queries. type: str choices: disable, enable more...

Supported Version Ranges

query_v2c_status v6.2.0 -> 7.6.6

[disable] v6.2.0 -> 7.6.6
[enable] v6.2.0 -> 7.6.6
status - Enable/disable this SNMP community. type: str choices: disable, enable more...

Supported Version Ranges

status v6.2.0 -> 7.6.6

[disable] v6.2.0 -> 7.6.6
[enable] v6.2.0 -> 7.6.6
trap_v1_lport - SNMP v2c trap local port . type: int more...

Supported Version Ranges

trap_v1_lport v6.2.0 -> 7.6.6
trap_v1_rport - SNMP v2c trap remote port . type: int more...

Supported Version Ranges

trap_v1_rport v6.2.0 -> 7.6.6
trap_v1_status - Enable/disable SNMP v1 traps. type: str choices: disable, enable more...

Supported Version Ranges

trap_v1_status v6.2.0 -> 7.6.6

[disable] v6.2.0 -> 7.6.6
[enable] v6.2.0 -> 7.6.6
trap_v2c_lport - SNMP v2c trap local port . type: int more...

Supported Version Ranges

trap_v2c_lport v6.2.0 -> 7.6.6
trap_v2c_rport - SNMP v2c trap remote port . type: int more...

Supported Version Ranges

trap_v2c_rport v6.2.0 -> 7.6.6
trap_v2c_status - Enable/disable SNMP v2c traps. type: str choices: disable, enable more...

Supported Version Ranges

trap_v2c_status v6.2.0 -> 7.6.6

[disable] v6.2.0 -> 7.6.6
[enable] v6.2.0 -> 7.6.6

snmp_sysinfo - Configuration method to edit Simple Network Management Protocol (SNMP) system info. type: dict more...

Supported Version Ranges

snmp_sysinfo v6.2.0 -> 7.6.6

contact_info - Contact information. type: str more...

Supported Version Ranges

contact_info v6.2.0 -> 7.6.6
description - System description. type: str more...

Supported Version Ranges

description v6.2.0 -> 7.6.6
engine_id - Local SNMP engine ID string (max 24 char). type: str more...

Supported Version Ranges

engine_id v6.2.0 -> 7.6.6
location - System location. type: str more...

Supported Version Ranges

location v6.2.0 -> 7.6.6
status - Enable/disable SNMP. type: str choices: disable, enable more...

Supported Version Ranges

status v6.2.0 -> 7.6.6

[disable] v6.2.0 -> 7.6.6
[enable] v6.2.0 -> 7.6.6

snmp_trap_threshold - Configuration method to edit Simple Network Management Protocol (SNMP) trap threshold values. type: dict more...

Supported Version Ranges

snmp_trap_threshold v6.2.0 -> 7.6.6

trap_high_cpu_threshold - CPU usage when trap is sent. type: int more...

Supported Version Ranges

trap_high_cpu_threshold v6.2.0 -> 7.6.6
trap_log_full_threshold - Log disk usage when trap is sent. type: int more...

Supported Version Ranges

trap_log_full_threshold v6.2.0 -> 7.6.6
trap_low_memory_threshold - Memory usage when trap is sent. type: int more...

Supported Version Ranges

trap_low_memory_threshold v6.2.0 -> 7.6.6

snmp_user - Configuration method to edit Simple Network Management Protocol (SNMP) users. type: list member_path: snmp_user:name more...

Supported Version Ranges

snmp_user v6.2.0 -> 7.6.6

auth_proto - Authentication protocol. type: str choices: md5, sha1, sha224, sha256, sha384, sha512, sha more...

auth_pwd - Password for authentication protocol. type: str more...

Supported Version Ranges

auth_pwd v6.2.0 -> 7.6.6
name - SNMP user name. type: str required: true more...

Supported Version Ranges

name v6.2.0 -> 7.6.6

priv_proto - Privacy (encryption) protocol. type: str choices: aes128, aes192, aes192c, aes256, aes256c, des, aes more...

priv_pwd - Password for privacy (encryption) protocol. type: str more...

Supported Version Ranges

priv_pwd v6.2.0 -> 7.6.6
queries - Enable/disable SNMP queries for this user. type: str choices: disable, enable more...

Supported Version Ranges

queries v6.2.0 -> 7.6.6

[disable] v6.2.0 -> 7.6.6
[enable] v6.2.0 -> 7.6.6
query_port - SNMPv3 query port . type: int more...

Supported Version Ranges

query_port v6.2.0 -> 7.6.6
security_level - Security level for message authentication and encryption. type: str choices: no-auth-no-priv, auth-no-priv, auth-priv more...

Supported Version Ranges

security_level v6.2.0 -> 7.6.6

[no-auth-no-priv] v6.2.0 -> 7.6.6
[auth-no-priv] v6.2.0 -> 7.6.6
[auth-priv] v6.2.0 -> 7.6.6

staged_image_version - Staged image version for FortiSwitch. type: str more...

Supported Version Ranges

staged_image_version v6.0.0 -> 7.6.6
static_mac - Configuration method to edit FortiSwitch Static and Sticky MAC. type: list member_path: static_mac:id more...

Supported Version Ranges

static_mac v6.2.0 -> 7.6.6

description - Description. type: str more...

Supported Version Ranges

description v6.2.0 -> 7.6.6
id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.2.0 -> 7.6.6
interface - Interface name. type: str more...

Supported Version Ranges

interface v6.2.0 -> 7.6.6
mac - MAC address. type: str more...

Supported Version Ranges

mac v6.2.0 -> 7.6.6
type - Type. type: str choices: static, sticky more...

Supported Version Ranges

type v6.2.0 -> 7.6.6

[static] v6.2.0 -> 7.6.6
[sticky] v6.2.0 -> 7.6.6
vlan - Vlan. Source system.interface.name. type: str more...

Supported Version Ranges

vlan v6.2.0 -> 7.6.6

storm_control - Configuration method to edit FortiSwitch storm control for measuring traffic activity using data rates to prevent traffic disruption. type: dict more...

Supported Version Ranges

storm_control v6.0.0 -> 7.6.6

broadcast - Enable/disable storm control to drop broadcast traffic. type: str choices: enable, disable more...

Supported Version Ranges

broadcast v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
burst_size_level - Increase level to handle bursty traffic (0 - 4). type: int more...

Supported Version Ranges

burst_size_level v7.6.4 -> 7.6.6
local_override - Enable to override global FortiSwitch storm control settings for this FortiSwitch. type: str choices: enable, disable more...

Supported Version Ranges

local_override v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
rate - Rate in packets per second at which storm control drops excess traffic(0-10000000). type: int more...

Supported Version Ranges

rate v6.0.0 -> 7.6.6
unknown_multicast - Enable/disable storm control to drop unknown multicast traffic. type: str choices: enable, disable more...

Supported Version Ranges

unknown_multicast v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
unknown_unicast - Enable/disable storm control to drop unknown unicast traffic. type: str choices: enable, disable more...

Supported Version Ranges

unknown_unicast v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6

stp_instance - Configuration method to edit Spanning Tree Protocol (STP) instances. type: list member_path: stp_instance:id more...

Supported Version Ranges

stp_instance v6.2.0 -> 7.6.6

id - Instance ID. type: str required: true more...

Supported Version Ranges

id v6.2.0 -> 7.6.6

priority - Priority. type: str choices: 0, 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, 61440 more...

stp_settings - Configuration method to edit Spanning Tree Protocol (STP) settings used to prevent bridge loops. type: dict more...

Supported Version Ranges

stp_settings v6.0.0 -> 7.6.6

forward_time - Period of time a port is in listening and learning state (4 - 30 sec). type: int more...

Supported Version Ranges

forward_time v6.0.0 -> 7.6.6
hello_time - Period of time between successive STP frame Bridge Protocol Data Units (BPDUs) sent on a port (1 - 10 sec). type: int more...

Supported Version Ranges

hello_time v6.0.0 -> 7.6.6
local_override - Enable to configure local STP settings that override global STP settings. type: str choices: enable, disable more...

Supported Version Ranges

local_override v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6
max_age - Maximum time before a bridge port saves its configuration BPDU information (6 - 40 sec). type: int more...

Supported Version Ranges

max_age v6.0.0 -> 7.6.6
max_hops - Maximum number of hops between the root bridge and the furthest bridge (1- 40). type: int more...

Supported Version Ranges

max_hops v6.0.0 -> 7.6.6
name - Name of local STP settings configuration. type: str more...

Supported Version Ranges

name v6.0.0 -> 7.6.6
pending_timer - Pending time (1 - 15 sec). type: int more...

Supported Version Ranges

pending_timer v6.0.0 -> 7.6.6
revision - STP revision number (0 - 65535). type: int more...

Supported Version Ranges

revision v6.0.0 -> 7.6.6
status - Enable/disable STP. type: str choices: enable, disable more...

Supported Version Ranges

status v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3

[enable] v6.0.0 -> v6.0.11
[disable] v6.0.0 -> v6.0.11

switch_device_tag - User definable label/tag. type: str more...

Supported Version Ranges

switch_device_tag v6.0.0 -> 7.6.6
switch_dhcp_opt43_key - DHCP option43 key. type: str more...

Supported Version Ranges

switch_dhcp_opt43_key v6.4.0 -> 7.6.6
switch_id - Managed-switch name. type: str required: true more...

Supported Version Ranges

switch_id v6.0.0 -> 7.6.6
switch_log - Configuration method to edit FortiSwitch logging settings (logs are transferred to and inserted into the FortiGate event log). type: dict more...

Supported Version Ranges

switch_log v6.0.0 -> 7.6.6

local_override - Enable to configure local logging settings that override global logging settings. type: str choices: enable, disable more...

Supported Version Ranges

local_override v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6

severity - Severity of FortiSwitch logs that are added to the FortiGate event log. type: str choices: emergency, alert, critical, error, warning, notification, information, debug more...

status - Enable/disable adding FortiSwitch logs to the FortiGate event log. type: str choices: enable, disable more...

Supported Version Ranges

status v6.0.0 -> 7.6.6

[enable] v6.0.0 -> 7.6.6
[disable] v6.0.0 -> 7.6.6

switch_profile - FortiSwitch profile. Source switch-controller.switch-profile.name. type: str more...

Supported Version Ranges

switch_profile v6.0.0 -> 7.6.6
switch_stp_settings - Configure spanning tree protocol (STP). type: dict more...

Supported Version Ranges

switch_stp_settings v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3

status - Enable/disable STP. type: str choices: enable, disable more...

Supported Version Ranges

status v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3

[enable] v6.0.0 -> v6.0.11
[disable] v6.0.0 -> v6.0.11

system_dhcp_server - Configure DHCP servers. type: list member_path: system_dhcp_server:id more...

Supported Version Ranges

system_dhcp_server v7.6.4 -> 7.6.6

default_gateway - Default gateway IP address assigned by the DHCP server. type: str more...

Supported Version Ranges

default_gateway v7.6.4 -> 7.6.6
dns_server1 - DNS server 1. type: str more...

Supported Version Ranges

dns_server1 v7.6.4 -> 7.6.6
dns_server2 - DNS server 2. type: str more...

Supported Version Ranges

dns_server2 v7.6.4 -> 7.6.6
dns_server3 - DNS server 3. type: str more...

Supported Version Ranges

dns_server3 v7.6.4 -> 7.6.6
dns_service - Options for assigning DNS servers to DHCP clients. type: str choices: local, default, specify more...

Supported Version Ranges

dns_service v7.6.4 -> 7.6.6

[local] v7.6.4 -> 7.6.6
[default] v7.6.4 -> 7.6.6
[specify] v7.6.4 -> 7.6.6
id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v7.6.4 -> 7.6.6
interface - DHCP server can assign IP configurations to clients connected to this interface. Source switch-controller.managed-switch .system-interface.name. type: str more...

Supported Version Ranges

interface v7.6.4 -> 7.6.6
ip_range - DHCP IP range configuration. type: list member_path: system_dhcp_server:id/ip_range:id more...

Supported Version Ranges

ip_range v7.6.4 -> 7.6.6

end_ip - End of IP range. type: str more...

Supported Version Ranges

end_ip v7.6.4 -> 7.6.6
id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v7.6.4 -> 7.6.6
start_ip - Start of IP range. type: str more...

Supported Version Ranges

start_ip v7.6.4 -> 7.6.6

lease_time - Lease time in seconds, 0 means unlimited. type: int more...

Supported Version Ranges

lease_time v7.6.4 -> 7.6.6
netmask - Netmask assigned by the DHCP server. type: str more...

Supported Version Ranges

netmask v7.6.4 -> 7.6.6
ntp_server1 - NTP server 1. type: str more...

Supported Version Ranges

ntp_server1 v7.6.4 -> 7.6.6
ntp_server2 - NTP server 2. type: str more...

Supported Version Ranges

ntp_server2 v7.6.4 -> 7.6.6
ntp_server3 - NTP server 3. type: str more...

Supported Version Ranges

ntp_server3 v7.6.4 -> 7.6.6
ntp_service - Options for assigning Network Time Protocol (NTP) servers to DHCP clients. type: str choices: local, default, specify more...

Supported Version Ranges

ntp_service v7.6.4 -> 7.6.6

[local] v7.6.4 -> 7.6.6
[default] v7.6.4 -> 7.6.6
[specify] v7.6.4 -> 7.6.6
options - DHCP options. type: list member_path: system_dhcp_server:id/options:id more...

Supported Version Ranges

options v7.6.4 -> 7.6.6

code - DHCP option code. type: int more...

Supported Version Ranges

code v7.6.4 -> 7.6.6
id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v7.6.4 -> 7.6.6
ip - DHCP option IPs. type: list
type - DHCP option type. type: str choices: hex, string, ip, fqdn more...

Supported Version Ranges

type v7.6.4 -> 7.6.6

[hex] v7.6.4 -> 7.6.6
[string] v7.6.4 -> 7.6.6
[ip] v7.6.4 -> 7.6.6
[fqdn] v7.6.4 -> 7.6.6
value - DHCP option value. type: str more...

Supported Version Ranges

value v7.6.4 -> 7.6.6

status - Enable/disable this DHCP configuration. type: str choices: disable, enable more...

Supported Version Ranges

status v7.6.4 -> 7.6.6

[disable] v7.6.4 -> 7.6.6
[enable] v7.6.4 -> 7.6.6
switch_id - Switch ID. Source switch-controller.managed-switch.switch-id. type: str more...

Supported Version Ranges

switch_id v7.6.4 -> 7.6.6

system_interface - Configure system interface on FortiSwitch. type: list member_path: system_interface:name more...

Supported Version Ranges

system_interface v7.6.4 -> 7.6.6

allowaccess - Permitted types of management access to this interface. type: list choices: ping, https, http, ssh, snmp, telnet, radius-acct more...

interface - Interface name. Source switch-controller.managed-switch.ports.port-name. type: str more...

Supported Version Ranges

interface v7.6.4 -> 7.6.6
ip - IP and mask for this interface. type: str more...

Supported Version Ranges

ip v7.6.4 -> 7.6.6
mode - Interface addressing mode. type: str choices: static, dhcp more...

Supported Version Ranges

mode v7.6.4 -> 7.6.6

[static] v7.6.4 -> 7.6.6
[dhcp] v7.6.4 -> 7.6.6
name - Interface name. type: str required: true more...

Supported Version Ranges

name v7.6.4 -> 7.6.6
status - Enable/disable interface status. type: str choices: disable, enable more...

Supported Version Ranges

status v7.6.4 -> 7.6.6

[disable] v7.6.4 -> 7.6.6
[enable] v7.6.4 -> 7.6.6
switch_id - Switch ID. Source switch-controller.managed-switch.switch-id. type: str more...

Supported Version Ranges

switch_id v7.6.4 -> 7.6.6
type - Interface type. type: str choices: vlan, physical more...

Supported Version Ranges

type v7.6.4 -> 7.6.6

[vlan] v7.6.4 -> 7.6.6
[physical] v7.6.4 -> 7.6.6
vlan - VLAN name. Source system.interface.name. type: str more...

Supported Version Ranges

vlan v7.6.4 -> 7.6.6
vrf - VRF for this route. Source switch-controller.managed-switch.router-vrf.name. type: str more...

Supported Version Ranges

vrf v7.6.4 -> 7.6.6

tdr_supported - TDR supported. type: str more...

Supported Version Ranges

tdr_supported v6.4.4 -> v7.0.5 v7.2.0 -> v7.2.0
type - Indication of switch type, physical or virtual. type: str choices: virtual, physical more...

Supported Version Ranges

type v6.0.0 -> 7.6.6

[virtual] v6.0.0 -> 7.6.6
[physical] v6.0.0 -> 7.6.6
version - FortiSwitch version. type: int more...

Supported Version Ranges

version v6.0.0 -> 7.6.6
vlan - Configure VLAN assignment priority. type: list member_path: vlan:vlan_name more...

Supported Version Ranges

vlan v7.4.2 -> 7.6.6

assignment_priority - 802.1x Radius (Tunnel-Private-Group-Id) VLANID assign-by-name priority. A smaller value has a higher priority. type: int more...

Supported Version Ranges

assignment_priority v7.4.2 -> 7.6.6
vlan_name - VLAN name. Source system.interface.name. type: str required: true more...

Supported Version Ranges

vlan_name v7.4.2 -> 7.6.6

Notes ----- .. note:: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks - The module supports check_mode. Examples -------- .. code-block:: yaml+jinja - name: Configure FortiSwitch devices that are managed by this FortiGate. fortinet.fortios.fortios_switch_controller_managed_switch: vdom: "{{ vdom }}" state: "present" access_token: "" switch_controller_managed_switch: settings_802_1X: link_down_auth: "set-unauth" local_override: "enable" mab_reauth: "disable" mac_called_station_delimiter: "colon" mac_calling_station_delimiter: "colon" mac_case: "lowercase" mac_password_delimiter: "colon" mac_username_delimiter: "colon" max_reauth_attempt: "3" reauth_period: "60" tx_period: "30" access_profile: " (source switch-controller.security-policy.local-access.name)" custom_command: - command_entry: "" command_name: " (source switch-controller.custom-command.command-name)" delayed_restart_trigger: "0" description: "" dhcp_server_access_list: "global" dhcp_snooping_static_client: - ip: "" mac: "" name: "default_name_25" port: "" vlan: " (source system.interface.name)" directly_connected: "0" dynamic_capability: "" dynamically_discovered: "0" firmware_provision: "enable" firmware_provision_latest: "disable" firmware_provision_version: "" flow_identity: "" fsw_wan1_admin: "discovered" fsw_wan1_peer: " (source system.interface.name)" fsw_wan2_admin: "discovered" fsw_wan2_peer: "" igmp_snooping: aging_time: "300" flood_unknown_multicast: "enable" local_override: "enable" vlans: - proxy: "disable" querier: "disable" querier_addr: "" version: "2" vlan_name: " (source system.interface.name)" ip_source_guard: - binding_entry: - entry_name: "" ip: "" mac: "" description: "" port: "" l3_discovered: "0" max_allowed_trunk_members: "0" mclag_igmp_snooping_aware: "enable" mgmt_mode: "0" mirror: - dst: "" name: "default_name_62" src_egress: - name: "default_name_64" src_ingress: - name: "default_name_66" status: "active" switching_packet: "enable" name: "default_name_69" override_snmp_community: "enable" override_snmp_sysinfo: "disable" override_snmp_trap_threshold: "enable" override_snmp_user: "enable" owner_vdom: "" poe_detection_type: "0" poe_lldp_detection: "enable" poe_pre_standard_detection: "enable" ports: - access_mode: "dynamic" acl_group: - name: "default_name_81 (source switch-controller.acl.group.name)" aggregator_mode: "bandwidth" allow_arp_monitor: "disable" allowed_vlans: - vlan_name: " (source system.interface.name)" allowed_vlans_all: "enable" arp_inspection_trust: "untrusted" bundle: "enable" description: "" dhcp_snoop_option82_override: - circuit_id: "" remote_id: "" vlan_name: " (source system.interface.name)" dhcp_snoop_option82_trust: "enable" dhcp_snooping: "untrusted" discard_mode: "none" edge_port: "enable" export_tags: - tag_name: " (source switch-controller.switch-interface-tag.name)" export_to: " (source system.vdom.name)" export_to_pool: " (source switch-controller.virtual-port-pool.name)" export_to_pool_flag: "0" fallback_port: "" fec_capable: "0" fec_state: "disabled" fgt_peer_device_name: "" fgt_peer_port_name: "" fiber_port: "0" flags: "0" flap_duration: "30" flap_rate: "5" flap_timeout: "0" flapguard: "enable" flow_control: "disable" fortilink_port: "0" fortiswitch_acls: - id: "117" igmp_snooping: "enable" igmp_snooping_flood_reports: "enable" igmps_flood_reports: "enable" igmps_flood_traffic: "enable" interface_tags: - tag_name: " (source switch-controller.switch-interface-tag.name)" ip_source_guard: "disable" isl_local_trunk_name: "" isl_peer_device_name: "" isl_peer_port_name: "" lacp_speed: "slow" learning_limit: "0" lldp_profile: " (source switch-controller.lldp-profile.name)" lldp_status: "disable" log_mac_event: "disable" loop_guard: "enabled" loop_guard_timeout: "45" mac_addr: "" matched_dpp_intf_tags: "" matched_dpp_policy: "" max_bundle: "24" mcast_snooping_flood_traffic: "enable" mclag: "enable" mclag_icl_port: "0" media_type: "" member_withdrawal_behavior: "forward" members: - member_name: "" min_bundle: "1" mode: "static" p2p_port: "0" packet_sample_rate: "512" packet_sampler: "enabled" pause_meter: "0" pause_meter_resume: "75%" pd_capable: "0" poe_capable: "0" poe_max_power: "" poe_mode_bt_cabable: "0" poe_port_mode: "ieee802-3af" poe_port_power: "normal" poe_port_priority: "critical-priority" poe_pre_standard_detection: "enable" poe_standard: "" poe_status: "enable" port_name: "" port_number: "0" port_owner: "" port_policy: " (source switch-controller.dynamic-port-policy.name)" port_prefix_type: "0" port_security_policy: " (source switch-controller.security-policy.802-1X.name)" port_selection_criteria: "src-mac" ptp_policy: " (source switch-controller.ptp.interface-policy.name)" ptp_status: "disable" qnq: " (source system.interface.name)" qos_policy: " (source switch-controller.qos.qos-policy.name)" rpvst_port: "disabled" sample_direction: "tx" sflow_counter_interval: "0" sflow_sample_rate: "49999" sflow_sampler: "enabled" speed: "10half" speed_mask: "2147483647" stacking_port: "0" status: "up" sticky_mac: "enable" storm_control_policy: " (source switch-controller.storm-control-policy.name)" stp_bpdu_guard: "enabled" stp_bpdu_guard_timeout: "5" stp_root_guard: "enabled" stp_state: "enabled" switch_id: "" type: "physical" untagged_vlans: - vlan_name: " (source system.interface.name)" virtual_port: "0" vlan: " (source system.interface.name)" pre_provisioned: "0" ptp_profile: " (source switch-controller.ptp.profile.name)" ptp_status: "disable" purdue_level: "1" qos_drop_policy: "taildrop" qos_red_probability: "12" radius_nas_ip: "" radius_nas_ip_override: "disable" remote_log: - csv: "enable" facility: "kernel" name: "default_name_206" port: "514" server: "192.168.100.40" severity: "emergency" status: "enable" route_offload: "disable" route_offload_mclag: "disable" route_offload_router: - router_ip: "" vlan_name: " (source system.interface.name)" router_static: - blackhole: "disable" comment: "Comment." device: " (source switch-controller.managed-switch.system-interface.name)" distance: "10" dst: "" dynamic_gateway: "disable" gateway: "" id: "224" status: "disable" switch_id: " (source switch-controller.managed-switch.switch-id)" vrf: " (source switch-controller.managed-switch.router-vrf.name)" router_vrf: - name: "default_name_229" switch_id: " (source switch-controller.managed-switch.switch-id)" vrfid: "0" sn: "" snmp_community: - events: "cpu-high" hosts: - id: "236" ip: "" id: "238" name: "default_name_239" query_v1_port: "161" query_v1_status: "disable" query_v2c_port: "161" query_v2c_status: "disable" status: "disable" trap_v1_lport: "162" trap_v1_rport: "162" trap_v1_status: "disable" trap_v2c_lport: "162" trap_v2c_rport: "162" trap_v2c_status: "disable" snmp_sysinfo: contact_info: "" description: "" engine_id: "" location: "" status: "disable" snmp_trap_threshold: trap_high_cpu_threshold: "80" trap_log_full_threshold: "90" trap_low_memory_threshold: "80" snmp_user: - auth_proto: "md5" auth_pwd: "" name: "default_name_264" priv_proto: "aes128" priv_pwd: "" queries: "disable" query_port: "161" security_level: "no-auth-no-priv" staged_image_version: "" static_mac: - description: "" id: "273" interface: "" mac: "" type: "static" vlan: " (source system.interface.name)" storm_control: broadcast: "enable" burst_size_level: "0" local_override: "enable" rate: "500" unknown_multicast: "enable" unknown_unicast: "enable" stp_instance: - id: "286" priority: "0" stp_settings: forward_time: "15" hello_time: "2" local_override: "enable" max_age: "20" max_hops: "20" name: "default_name_294" pending_timer: "4" revision: "0" status: "enable" switch_device_tag: "" switch_dhcp_opt43_key: "" switch_id: "" switch_log: local_override: "enable" severity: "emergency" status: "enable" switch_profile: " (source switch-controller.switch-profile.name)" switch_stp_settings: status: "enable" system_dhcp_server: - default_gateway: "" dns_server1: "" dns_server2: "" dns_server3: "" dns_service: "local" id: "314" interface: " (source switch-controller.managed-switch.system-interface.name)" ip_range: - end_ip: "" id: "318" start_ip: "" lease_time: "604800" netmask: "" ntp_server1: "" ntp_server2: "" ntp_server3: "" ntp_service: "local" options: - code: "0" id: "328" ip: "" type: "hex" value: "" status: "disable" switch_id: " (source switch-controller.managed-switch.switch-id)" system_interface: - allowaccess: "ping" interface: " (source switch-controller.managed-switch.ports.port-name)" ip: "" mode: "static" name: "default_name_339" status: "disable" switch_id: " (source switch-controller.managed-switch.switch-id)" type: "vlan" vlan: " (source system.interface.name)" vrf: " (source switch-controller.managed-switch.router-vrf.name)" tdr_supported: "" type: "virtual" version: "0" vlan: - assignment_priority: "128" vlan_name: " (source system.interface.name)" Return Values ------------- Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module: .. raw:: html

build - Build number of the fortigate image returned: always type: str sample: 1547
http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
revision - Internal revision number returned: always type: str sample: 17.0.2.10658
serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
status - Indication of the operation's result returned: always type: str sample: success
vdom - Virtual domain used returned: always type: str sample: root
version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status ------ - This module is not guaranteed to have a backwards compatible interface. Authors ------- - Link Zheng (@chillancezen) - Jie Xue (@JieX19) - Hongbin Lu (@fgtdev-hblu) - Frank Shen (@frankshen01) - Miguel Angel Munoz (@mamunozgonzalez) - Nicolas Thomas (@thomnico) .. hint:: If you notice any issues in this documentation, you can create a pull request to improve it.

	Supported Version Ranges
switch_controller_managed_switch	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
link_down_auth	`v6.0.0 -> 7.6.6`
[set-unauth]	`v6.0.0 -> 7.6.6`
[no-action]	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
local_override	`v6.0.0 -> 7.6.6`
[enable]	`v6.0.0 -> 7.6.6`
[disable]	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
mab_reauth	`v7.2.0 -> 7.6.6`
[disable]	`v7.2.0 -> 7.6.6`
[enable]	`v7.2.0 -> 7.6.6`

	Supported Version Ranges
mac_called_station_delimiter	`v7.4.2 -> 7.6.6`
[colon]	`v7.4.2 -> 7.6.6`
[hyphen]	`v7.4.2 -> 7.6.6`
[none]	`v7.4.2 -> 7.6.6`
[single-hyphen]	`v7.4.2 -> 7.6.6`

	Supported Version Ranges
mac_calling_station_delimiter	`v7.4.2 -> 7.6.6`
[colon]	`v7.4.2 -> 7.6.6`
[hyphen]	`v7.4.2 -> 7.6.6`
[none]	`v7.4.2 -> 7.6.6`
[single-hyphen]	`v7.4.2 -> 7.6.6`

	Supported Version Ranges
mac_case	`v7.4.2 -> 7.6.6`
[lowercase]	`v7.4.2 -> 7.6.6`
[uppercase]	`v7.4.2 -> 7.6.6`

	Supported Version Ranges
mac_password_delimiter	`v7.4.2 -> 7.6.6`
[colon]	`v7.4.2 -> 7.6.6`
[hyphen]	`v7.4.2 -> 7.6.6`
[none]	`v7.4.2 -> 7.6.6`
[single-hyphen]	`v7.4.2 -> 7.6.6`

	Supported Version Ranges
mac_username_delimiter	`v7.4.2 -> 7.6.6`
[colon]	`v7.4.2 -> 7.6.6`
[hyphen]	`v7.4.2 -> 7.6.6`
[none]	`v7.4.2 -> 7.6.6`
[single-hyphen]	`v7.4.2 -> 7.6.6`

	Supported Version Ranges
delayed_restart_trigger	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
fsw_wan2_peer	`v6.0.0 -> v6.0.11`	`v6.2.3 -> v6.2.3`

	Supported Version Ranges
dhcp_server_access_list	`v7.0.1 -> 7.6.6`
[global]	`v7.0.1 -> 7.6.6`
[enable]	`v7.0.1 -> 7.6.6`
[disable]	`v7.0.1 -> 7.6.6`

	Supported Version Ranges
dhcp_snooping_static_client	`v7.2.4 -> 7.6.6`

	Supported Version Ranges
directly_connected	`v6.0.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
dynamically_discovered	`v6.0.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
firmware_provision	`v7.0.0 -> 7.6.6`
[enable]	`v7.0.0 -> 7.6.6`
[disable]	`v7.0.0 -> 7.6.6`

	Supported Version Ranges
firmware_provision_latest	`v7.0.4 -> 7.6.6`
[disable]	`v7.0.4 -> 7.6.6`
[once]	`v7.0.4 -> 7.6.6`

	Supported Version Ranges
firmware_provision_version	`v7.0.0 -> 7.6.6`

	Supported Version Ranges
fsw_wan1_admin	`v6.0.0 -> 7.6.6`
[discovered]	`v6.0.0 -> 7.6.6`
[disable]	`v6.0.0 -> 7.6.6`
[enable]	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
fsw_wan2_admin	`v6.0.0 -> v6.0.11`	`v6.2.3 -> v6.2.3`
[discovered]	`v6.0.0 -> v6.0.11`
[disable]	`v6.0.0 -> v6.0.11`
[enable]	`v6.0.0 -> v6.0.11`

	Supported Version Ranges
flood_unknown_multicast	`v6.0.0 -> 7.6.6`
[enable]	`v6.0.0 -> 7.6.6`
[disable]	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
proxy	`v7.0.2 -> 7.6.6`
[disable]	`v7.0.2 -> 7.6.6`
[enable]	`v7.0.2 -> 7.6.6`
[global]	`v7.0.2 -> 7.6.6`

	Supported Version Ranges
querier	`v7.0.2 -> 7.6.6`
[disable]	`v7.0.2 -> 7.6.6`
[enable]	`v7.0.2 -> 7.6.6`

	Supported Version Ranges
l3_discovered	`v6.4.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
max_allowed_trunk_members	`v6.0.0 -> v6.0.11`	`v6.2.3 -> v6.2.3`	`v6.4.0 -> v6.4.0`	`v6.4.4 -> 7.6.6`

	Supported Version Ranges
mclag_igmp_snooping_aware	`v6.2.0 -> 7.6.6`
[enable]	`v6.2.0 -> 7.6.6`
[disable]	`v6.2.0 -> 7.6.6`

	Supported Version Ranges
status	`v6.0.0 -> 7.6.6`
[active]	`v6.0.0 -> 7.6.6`
[inactive]	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
switching_packet	`v6.0.0 -> 7.6.6`
[enable]	`v6.0.0 -> 7.6.6`
[disable]	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
override_snmp_community	`v6.2.0 -> 7.6.6`
[enable]	`v6.2.0 -> 7.6.6`
[disable]	`v6.2.0 -> 7.6.6`

	Supported Version Ranges
override_snmp_sysinfo	`v6.2.0 -> 7.6.6`
[disable]	`v6.2.0 -> 7.6.6`
[enable]	`v6.2.0 -> 7.6.6`

	Supported Version Ranges
override_snmp_trap_threshold	`v6.2.0 -> 7.6.6`
[enable]	`v6.2.0 -> 7.6.6`
[disable]	`v6.2.0 -> 7.6.6`