:source: fortios_system_virtual_wan_link.py :orphan: .. fortios_system_virtual_wan_link: fortios_system_virtual_wan_link -- Configure redundant internet connections using SD-WAN (formerly virtual WAN link) in Fortinet's FortiOS and FortiGate. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.0.0 .. contents:: :local: :depth: 1 Synopsis -------- - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and virtual_wan_link category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0 Requirements ------------ The below requirements are needed on the host that executes this module. - ansible>=2.16 Tips ---- Using member operation to add an element to an existing object. FortiOS Version Compatibility ----------------------------- Supported Version Ranges: v6.0.0 -> v6.2.7 Parameters ---------- .. raw:: html

access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
enable_log - Enable/Disable logging for task. type: bool required: false default: False
vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
member_path - Member attribute path to operate on. type: str
member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
system_virtual_wan_link - Configure redundant internet connections using SD-WAN (formerly virtual WAN link). type: dict more...

Supported Version Ranges

system_virtual_wan_link v6.0.0 -> v6.2.7

fail_alert_interfaces - Physical interfaces that will be alerted. type: list member_path: fail_alert_interfaces:name more...

Supported Version Ranges

fail_alert_interfaces v6.0.0 -> v6.2.7

name - Physical interface name. Source system.interface.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

fail_detect - Enable/disable SD-WAN Internet connection status checking (failure detection). type: str choices: enable, disable more...

Supported Version Ranges

fail_detect v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
health_check - SD-WAN status checking or health checking. Identify a server on the Internet and determine how SD-WAN verifies that the FortiGate can communicate with it. type: list member_path: health_check:name more...

Supported Version Ranges

health_check v6.0.0 -> v6.2.7

addr_mode - Address mode (IPv4 or IPv6). type: str choices: ipv4, ipv6 more...

Supported Version Ranges

addr_mode v6.0.0 -> v6.2.7

[ipv4] v6.0.0 -> v6.2.7
[ipv6] v6.0.0 -> v6.2.7
diffservcode - Differentiated services code point (DSCP) in the IP header of the probe packet. type: str more...

Supported Version Ranges

diffservcode v6.2.0 -> v6.2.0 v6.2.5 -> v6.2.7
failtime - Number of failures before server is considered lost (1 - 3600). type: int more...

Supported Version Ranges

failtime v6.0.0 -> v6.2.7
ha_priority - HA election priority (1 - 50). type: int more...

Supported Version Ranges

ha_priority v6.2.0 -> v6.2.7
http_agent - String in the http-agent field in the HTTP header. type: str more...

Supported Version Ranges

http_agent v6.0.0 -> v6.2.7
http_get - URL used to communicate with the server if the protocol if the protocol is HTTP. type: str more...

Supported Version Ranges

http_get v6.0.0 -> v6.2.7
http_match - Response string expected from the server if the protocol is HTTP. type: str more...

Supported Version Ranges

http_match v6.0.0 -> v6.2.7
interval - Status check interval in milliseconds, or the time between attempting to connect to the server (500 - 3600*1000 msec). type: int more...

Supported Version Ranges

interval v6.0.0 -> v6.2.7
members - Member sequence number list. type: list member_path: health_check:name/members:seq_num more...

Supported Version Ranges

members v6.0.0 -> v6.2.7

seq_num - Member sequence number. see Notes. Source system.virtual-wan-link.members.seq-num. type: int required: true more...

Supported Version Ranges

seq_num v6.0.0 -> v6.2.7

name - Status check or health check name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7
packet_size - Packet size of a twamp test session, type: int more...

Supported Version Ranges

packet_size v6.0.0 -> v6.2.7
password - Twamp controller password in authentication mode type: str more...

Supported Version Ranges

password v6.0.0 -> v6.2.7
port - Port number used to communicate with the server over the selected protocol. type: int more...

Supported Version Ranges

port v6.0.0 -> v6.2.7
probe_packets - Enable/disable transmission of probe packets. type: str choices: disable, enable more...

Supported Version Ranges

probe_packets v6.2.0 -> v6.2.7

[disable] v6.2.0 -> v6.2.7
[enable] v6.2.0 -> v6.2.7
probe_timeout - Time to wait before a probe packet is considered lost (500 - 5000 msec). type: int more...

Supported Version Ranges

probe_timeout v6.2.0 -> v6.2.0 v6.2.5 -> v6.2.7

protocol - Protocol used to determine if the FortiGate can communicate with the server. type: str choices: ping, tcp-echo, udp-echo, http, twamp, ping6 more...

recoverytime - Number of successful responses received before server is considered recovered (1 - 3600). type: int more...

Supported Version Ranges

recoverytime v6.0.0 -> v6.2.7
security_mode - Twamp controller security mode. type: str choices: none, authentication more...

Supported Version Ranges

security_mode v6.0.0 -> v6.2.7

[none] v6.0.0 -> v6.2.7
[authentication] v6.0.0 -> v6.2.7
server - IP address or FQDN name of the server. type: str more...

Supported Version Ranges

server v6.0.0 -> v6.2.7
sla - Service level agreement (SLA). type: list member_path: health_check:name/sla:id more...

Supported Version Ranges

sla v6.0.0 -> v6.2.7

id - SLA ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> v6.2.7
jitter_threshold - Jitter for SLA to make decision in milliseconds. (0 - 10000000). type: int more...

Supported Version Ranges

jitter_threshold v6.0.0 -> v6.2.7
latency_threshold - Latency for SLA to make decision in milliseconds. (0 - 10000000). type: int more...

Supported Version Ranges

latency_threshold v6.0.0 -> v6.2.7
link_cost_factor - Criteria on which to base link selection. type: list choices: latency, jitter, packet-loss more...

Supported Version Ranges

link_cost_factor v6.0.0 -> v6.2.7

[latency] v6.0.0 -> v6.2.7
[jitter] v6.0.0 -> v6.2.7
[packet-loss] v6.0.0 -> v6.2.7
packetloss_threshold - Packet loss for SLA to make decision in percentage. (0 - 100). type: int more...

Supported Version Ranges

packetloss_threshold v6.0.0 -> v6.2.7

sla_fail_log_period - Time interval in seconds that SLA fail log messages will be generated (0 - 3600). type: int more...

Supported Version Ranges

sla_fail_log_period v6.2.0 -> v6.2.7
sla_pass_log_period - Time interval in seconds that SLA pass log messages will be generated (0 - 3600). type: int more...

Supported Version Ranges

sla_pass_log_period v6.2.0 -> v6.2.7
threshold_alert_jitter - Alert threshold for jitter (ms). type: int more...

Supported Version Ranges

threshold_alert_jitter v6.0.0 -> v6.2.7
threshold_alert_latency - Alert threshold for latency (ms). type: int more...

Supported Version Ranges

threshold_alert_latency v6.0.0 -> v6.2.7
threshold_alert_packetloss - Alert threshold for packet loss (percentage). type: int more...

Supported Version Ranges

threshold_alert_packetloss v6.0.0 -> v6.2.7
threshold_warning_jitter - Warning threshold for jitter (ms). type: int more...

Supported Version Ranges

threshold_warning_jitter v6.0.0 -> v6.2.7
threshold_warning_latency - Warning threshold for latency (ms). type: int more...

Supported Version Ranges

threshold_warning_latency v6.0.0 -> v6.2.7
threshold_warning_packetloss - Warning threshold for packet loss (percentage). type: int more...

Supported Version Ranges

threshold_warning_packetloss v6.0.0 -> v6.2.7
update_cascade_interface - Enable/disable update cascade interface. type: str choices: enable, disable more...

Supported Version Ranges

update_cascade_interface v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
update_static_route - Enable/disable updating the static route. type: str choices: enable, disable more...

Supported Version Ranges

update_static_route v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7

load_balance_mode - Algorithm or mode to use for load balancing Internet traffic to SD-WAN members. type: str choices: source-ip-based, weight-based, usage-based, source-dest-ip-based, measured-volume-based more...

members - FortiGate interfaces added to the virtual-wan-link. type: list member_path: members:seq_num more...

Supported Version Ranges

members v6.0.0 -> v6.2.7

comment - Comments. type: str more...

Supported Version Ranges

comment v6.0.0 -> v6.2.7
cost - Cost of this interface for services in SLA mode (0 - 4294967295). type: int more...

Supported Version Ranges

cost v6.2.0 -> v6.2.7
gateway - The default gateway for this interface. Usually the default gateway of the Internet service provider that this interface is connected to. type: str more...

Supported Version Ranges

gateway v6.0.0 -> v6.2.7
gateway6 - IPv6 gateway. type: str more...

Supported Version Ranges

gateway6 v6.0.0 -> v6.2.7
ingress_spillover_threshold - Ingress spillover threshold for this interface (0 - 16776000 kbit/s). When this traffic volume threshold is reached, new sessions spill over to other interfaces in the SD-WAN. type: int more...

Supported Version Ranges

ingress_spillover_threshold v6.0.0 -> v6.2.7
interface - Interface name. Source system.interface.name. type: str more...

Supported Version Ranges

interface v6.0.0 -> v6.2.7
priority - Priority of the interface (0 - 4294967295). Used for SD-WAN rules or priority rules. type: int more...

Supported Version Ranges

priority v6.0.0 -> v6.2.7
seq_num - Sequence number(1-255). see Notes. type: int required: true more...

Supported Version Ranges

seq_num v6.0.0 -> v6.2.7
source - Source IP address used in the health-check packet to the server. type: str more...

Supported Version Ranges

source v6.0.0 -> v6.2.7
source6 - Source IPv6 address used in the health-check packet to the server. type: str more...

Supported Version Ranges

source6 v6.0.0 -> v6.2.7
spillover_threshold - Egress spillover threshold for this interface (0 - 16776000 kbit/s). When this traffic volume threshold is reached, new sessions spill over to other interfaces in the SD-WAN. type: int more...

Supported Version Ranges

spillover_threshold v6.0.0 -> v6.2.7
status - Enable/disable this interface in the SD-WAN. type: str choices: disable, enable more...

Supported Version Ranges

status v6.0.0 -> v6.2.7

[disable] v6.0.0 -> v6.2.7
[enable] v6.0.0 -> v6.2.7
volume_ratio - Measured volume ratio (this value / sum of all values = percentage of link volume, 1 - 255). type: int more...

Supported Version Ranges

volume_ratio v6.0.0 -> v6.2.7
weight - Weight of this interface for weighted load balancing. (1 - 255) More traffic is directed to interfaces with higher weights. type: int more...

Supported Version Ranges

weight v6.0.0 -> v6.2.7

neighbor - Create SD-WAN neighbor from BGP neighbor table to control route advertisements according to SLA status. type: list member_path: neighbor:ip more...

Supported Version Ranges

neighbor v6.2.0 -> v6.2.7

health_check - SD-WAN health-check name. Source system.virtual-wan-link.health-check.name. type: str more...

Supported Version Ranges

health_check v6.2.0 -> v6.2.7
ip - IP address of neighbor. Source router.bgp.neighbor.ip. type: str required: true more...

Supported Version Ranges

ip v6.2.0 -> v6.2.7
member - Member sequence number. Source system.virtual-wan-link.members.seq-num. type: int more...

Supported Version Ranges

member v6.2.0 -> v6.2.7
role - Role of neighbor. type: str choices: standalone, primary, secondary more...

Supported Version Ranges

role v6.2.0 -> v6.2.7

[standalone] v6.2.0 -> v6.2.7
[primary] v6.2.0 -> v6.2.7
[secondary] v6.2.0 -> v6.2.7
sla_id - SLA ID. type: int more...

Supported Version Ranges

sla_id v6.2.0 -> v6.2.7

neighbor_hold_boot_time - Waiting period in seconds when switching from the primary neighbor to the secondary neighbor from the neighbor start. (0 - 10000000). type: int more...

Supported Version Ranges

neighbor_hold_boot_time v6.2.0 -> v6.2.7
neighbor_hold_down - Enable/disable hold switching from the secondary neighbor to the primary neighbor. type: str choices: enable, disable more...

Supported Version Ranges

neighbor_hold_down v6.2.0 -> v6.2.7

[enable] v6.2.0 -> v6.2.7
[disable] v6.2.0 -> v6.2.7
neighbor_hold_down_time - Waiting period in seconds when switching from the secondary neighbor to the primary neighbor when hold-down is disabled. (0 - 10000000). type: int more...

Supported Version Ranges

neighbor_hold_down_time v6.2.0 -> v6.2.7
service - Create SD-WAN rules (also called services) to control how sessions are distributed to interfaces in the SD-WAN. type: list member_path: service:id more...

Supported Version Ranges

service v6.0.0 -> v6.2.7

addr_mode - Address mode (IPv4 or IPv6). type: str choices: ipv4, ipv6 more...

Supported Version Ranges

addr_mode v6.0.0 -> v6.2.7

[ipv4] v6.0.0 -> v6.2.7
[ipv6] v6.0.0 -> v6.2.7
bandwidth_weight - Coefficient of reciprocal of available bidirectional bandwidth in the formula of custom-profile-1. type: int more...

Supported Version Ranges

bandwidth_weight v6.0.0 -> v6.2.7
default - Enable/disable use of SD-WAN as default service. type: str choices: enable, disable more...

Supported Version Ranges

default v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
dscp_forward - Enable/disable forward traffic DSCP tag. type: str choices: enable, disable more...

Supported Version Ranges

dscp_forward v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
dscp_forward_tag - Forward traffic DSCP tag. type: str more...

Supported Version Ranges

dscp_forward_tag v6.0.0 -> v6.2.7
dscp_reverse - Enable/disable reverse traffic DSCP tag. type: str choices: enable, disable more...

Supported Version Ranges

dscp_reverse v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
dscp_reverse_tag - Reverse traffic DSCP tag. type: str more...

Supported Version Ranges

dscp_reverse_tag v6.0.0 -> v6.2.7
dst - Destination address name. type: list member_path: service:id/dst:name more...

Supported Version Ranges

dst v6.0.0 -> v6.2.7

name - Address or address group name. Source firewall.address.name firewall.addrgrp.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

dst_negate - Enable/disable negation of destination address match. type: str choices: enable, disable more...

Supported Version Ranges

dst_negate v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
dst6 - Destination address6 name. type: list member_path: service:id/dst6:name more...

Supported Version Ranges

dst6 v6.0.0 -> v6.2.7

name - Address6 or address6 group name. Source firewall.address6.name firewall.addrgrp6.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

end_port - End destination port number. type: int more...

Supported Version Ranges

end_port v6.0.0 -> v6.2.7
gateway - Enable/disable SD-WAN service gateway. type: str choices: enable, disable more...

Supported Version Ranges

gateway v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
groups - User groups. type: list member_path: service:id/groups:name more...

Supported Version Ranges

groups v6.0.0 -> v6.2.7

name - Group name. Source user.group.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

health_check - Health check. Source system.virtual-wan-link.health-check.name. type: str more...

Supported Version Ranges

health_check v6.0.0 -> v6.2.7
hold_down_time - Waiting period in seconds when switching from the back-up member to the primary member (0 - 10000000). type: int more...

Supported Version Ranges

hold_down_time v6.0.0 -> v6.2.7
id - Priority rule ID (1 - 4000). see Notes. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> v6.2.7
input_device - Source interface name. type: list member_path: service:id/input_device:name more...

Supported Version Ranges

input_device v6.0.0 -> v6.2.7

name - Interface name. Source system.interface.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

input_device_negate - Enable/disable negation of input device match. type: str choices: enable, disable more...

Supported Version Ranges

input_device_negate v6.2.0 -> v6.2.7

[enable] v6.2.0 -> v6.2.7
[disable] v6.2.0 -> v6.2.7
internet_service - Enable/disable use of Internet service for application-based load balancing. type: str choices: enable, disable more...

Supported Version Ranges

internet_service v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
internet_service_app_ctrl - Application control based Internet Service ID list. type: list member_path: service:id/internet_service_app_ctrl:id more...

Supported Version Ranges

internet_service_app_ctrl v6.2.0 -> v6.2.7

id - Application control based Internet Service ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.2.0 -> v6.2.7

internet_service_app_ctrl_group - Application control based Internet Service group list. type: list member_path: service:id/internet_service_app_ctrl_group:name more...

Supported Version Ranges

internet_service_app_ctrl_group v6.2.0 -> v6.2.7

name - Application control based Internet Service group name. Source application.group.name. type: str required: true more...

Supported Version Ranges

name v6.2.0 -> v6.2.7

internet_service_ctrl - Control-based Internet Service ID list. type: list member_path: service:id/internet_service_ctrl:id more...

Supported Version Ranges

internet_service_ctrl v6.0.0 -> v6.0.11

id - Control-based Internet Service ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> v6.0.11

internet_service_ctrl_group - Control-based Internet Service group list. type: list member_path: service:id/internet_service_ctrl_group:name more...

Supported Version Ranges

internet_service_ctrl_group v6.0.0 -> v6.0.11

name - Control-based Internet Service group name. Source application.group.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.0.11

internet_service_custom - Custom Internet service name list. type: list member_path: service:id/internet_service_custom:name more...

Supported Version Ranges

internet_service_custom v6.0.0 -> v6.2.7

name - Custom Internet service name. Source firewall.internet-service-custom.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

internet_service_custom_group - Custom Internet Service group list. type: list member_path: service:id/internet_service_custom_group:name more...

Supported Version Ranges

internet_service_custom_group v6.0.0 -> v6.2.7

name - Custom Internet Service group name. Source firewall.internet-service-custom-group.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

internet_service_group - Internet Service group list. type: list member_path: service:id/internet_service_group:name more...

Supported Version Ranges

internet_service_group v6.0.0 -> v6.2.7

name - Internet Service group name. Source firewall.internet-service-group.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

internet_service_id - Internet service ID list. type: list member_path: service:id/internet_service_id:id more...

Supported Version Ranges

internet_service_id v6.0.0 -> v6.2.7

id - Internet service ID. see Notes. Source firewall.internet-service.id. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> v6.2.7

jitter_weight - Coefficient of jitter in the formula of custom-profile-1. type: int more...

Supported Version Ranges

jitter_weight v6.0.0 -> v6.2.7
latency_weight - Coefficient of latency in the formula of custom-profile-1. type: int more...

Supported Version Ranges

latency_weight v6.0.0 -> v6.2.7

link_cost_factor - Link cost factor. type: str choices: latency, jitter, packet-loss, inbandwidth, outbandwidth, bibandwidth, custom-profile-1 more...

link_cost_threshold - Percentage threshold change of link cost values that will result in policy route regeneration (0 - 10000000). type: int more...

Supported Version Ranges

link_cost_threshold v6.0.0 -> v6.2.7
member - Member sequence number. Source system.virtual-wan-link.members.seq-num. type: int more...

Supported Version Ranges

member v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3

mode - Control how the priority rule sets the priority of interfaces in the SD-WAN. type: str choices: auto, manual, priority, sla, load-balance more...

name - Priority rule name. type: str more...

Supported Version Ranges

name v6.0.0 -> v6.2.7
packet_loss_weight - Coefficient of packet-loss in the formula of custom-profile-1. type: int more...

Supported Version Ranges

packet_loss_weight v6.0.0 -> v6.2.7
priority_members - Member sequence number list. type: list member_path: service:id/priority_members:seq_num more...

Supported Version Ranges

priority_members v6.0.0 -> v6.2.7

seq_num - Member sequence number. see Notes. Source system.virtual-wan-link.members.seq-num. type: int required: true more...

Supported Version Ranges

seq_num v6.0.0 -> v6.2.7

protocol - Protocol number. type: int more...

Supported Version Ranges

protocol v6.0.0 -> v6.2.7
quality_link - Quality grade. type: int more...

Supported Version Ranges

quality_link v6.0.0 -> v6.2.7
role - Service role to work with neighbor. type: str choices: standalone, primary, secondary more...

Supported Version Ranges

role v6.2.0 -> v6.2.7

[standalone] v6.2.0 -> v6.2.7
[primary] v6.2.0 -> v6.2.7
[secondary] v6.2.0 -> v6.2.7
route_tag - IPv4 route map route-tag. type: int more...

Supported Version Ranges

route_tag v6.0.0 -> v6.2.7
sla - Service level agreement (SLA). type: list member_path: service:id/sla:health_check more...

Supported Version Ranges

sla v6.0.0 -> v6.2.7

health_check - Virtual WAN Link health-check. Source system.virtual-wan-link.health-check.name. type: str required: true more...

Supported Version Ranges

health_check v6.0.0 -> v6.2.7
id - SLA ID. type: int more...

Supported Version Ranges

id v6.0.0 -> v6.2.7

sla_compare_method - Method to compare SLA value for sla and load balance mode. type: str choices: order, number more...

Supported Version Ranges

sla_compare_method v6.2.0 -> v6.2.7

[order] v6.2.0 -> v6.2.7
[number] v6.2.0 -> v6.2.7
src - Source address name. type: list member_path: service:id/src:name more...

Supported Version Ranges

src v6.0.0 -> v6.2.7

name - Address or address group name. Source firewall.address.name firewall.addrgrp.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

src_negate - Enable/disable negation of source address match. type: str choices: enable, disable more...

Supported Version Ranges

src_negate v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
src6 - Source address6 name. type: list member_path: service:id/src6:name more...

Supported Version Ranges

src6 v6.0.0 -> v6.2.7

name - Address6 or address6 group name. Source firewall.address6.name firewall.addrgrp6.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

standalone_action - Enable/disable service when selected neighbor role is standalone while service role is not standalone. type: str choices: enable, disable more...

Supported Version Ranges

standalone_action v6.2.0 -> v6.2.7

[enable] v6.2.0 -> v6.2.7
[disable] v6.2.0 -> v6.2.7
start_port - Start destination port number. type: int more...

Supported Version Ranges

start_port v6.0.0 -> v6.2.7
status - Enable/disable SD-WAN service. type: str choices: enable, disable more...

Supported Version Ranges

status v6.0.0 -> v6.2.7

[enable] v6.0.0 -> v6.2.7
[disable] v6.0.0 -> v6.2.7
tos - Type of service bit pattern. type: str more...

Supported Version Ranges

tos v6.0.0 -> v6.2.7
tos_mask - Type of service evaluated bits. type: str more...

Supported Version Ranges

tos_mask v6.0.0 -> v6.2.7
users - User name. type: list member_path: service:id/users:name more...

Supported Version Ranges

users v6.0.0 -> v6.2.7

name - User name. Source user.local.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.2.7

status - Enable/disable SD-WAN. type: str choices: disable, enable more...

Supported Version Ranges

status v6.0.0 -> v6.2.7

[disable] v6.0.0 -> v6.2.7
[enable] v6.0.0 -> v6.2.7
zone - Configure SD-WAN zones. type: list member_path: zone:name more...

Supported Version Ranges

zone v6.2.0 -> v6.2.0 v6.2.5 -> v6.2.7

name - Zone name. type: str required: true more...

Supported Version Ranges

name v6.2.0 -> v6.2.0 v6.2.5 -> v6.2.7

Notes ----- .. note:: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks - The module supports check_mode. Examples -------- .. code-block:: yaml+jinja - name: Configure redundant internet connections using SD-WAN (formerly virtual WAN link). fortinet.fortios.fortios_system_virtual_wan_link: vdom: "{{ vdom }}" system_virtual_wan_link: fail_alert_interfaces: - name: "default_name_4 (source system.interface.name)" fail_detect: "enable" health_check: - addr_mode: "ipv4" diffservcode: "" failtime: "1800" ha_priority: "25" http_agent: "" http_get: "" http_match: "" interval: "1800000" members: - seq_num: "" name: "default_name_17" packet_size: "512" password: "" port: "32767" probe_packets: "disable" probe_timeout: "2500" protocol: "ping" recoverytime: "1800" security_mode: "none" server: "192.168.100.40" sla: - id: "28" jitter_threshold: "5000000" latency_threshold: "5000000" link_cost_factor: "latency" packetloss_threshold: "50" sla_fail_log_period: "1800" sla_pass_log_period: "1800" threshold_alert_jitter: "2147483647" threshold_alert_latency: "2147483647" threshold_alert_packetloss: "50" threshold_warning_jitter: "2147483647" threshold_warning_latency: "2147483647" threshold_warning_packetloss: "50" update_cascade_interface: "enable" update_static_route: "enable" load_balance_mode: "source-ip-based" members: - comment: "Comments." cost: "2147483647" gateway: "" gateway6: "" ingress_spillover_threshold: "8388000" interface: " (source system.interface.name)" priority: "2147483647" seq_num: "" source: "" source6: "" spillover_threshold: "8388000" status: "disable" volume_ratio: "127" weight: "127" neighbor: - health_check: " (source system.virtual-wan-link.health-check.name)" ip: " (source router.bgp.neighbor.ip)" member: "2147483647" role: "standalone" sla_id: "2147483647" neighbor_hold_boot_time: "5000000" neighbor_hold_down: "enable" neighbor_hold_down_time: "5000000" service: - addr_mode: "ipv4" bandwidth_weight: "5000000" default: "enable" dscp_forward: "enable" dscp_forward_tag: "" dscp_reverse: "enable" dscp_reverse_tag: "" dst: - name: "default_name_77 (source firewall.address.name firewall.addrgrp.name)" dst_negate: "enable" dst6: - name: "default_name_80 (source firewall.address6.name firewall.addrgrp6.name)" end_port: "32767" gateway: "enable" groups: - name: "default_name_84 (source user.group.name)" health_check: " (source system.virtual-wan-link.health-check.name)" hold_down_time: "5000000" id: "87" input_device: - name: "default_name_89 (source system.interface.name)" input_device_negate: "enable" internet_service: "enable" internet_service_app_ctrl: - id: "93" internet_service_app_ctrl_group: - name: "default_name_95 (source application.group.name)" internet_service_ctrl: - id: "97" internet_service_ctrl_group: - name: "default_name_99 (source application.group.name)" internet_service_custom: - name: "default_name_101 (source firewall.internet-service-custom.name)" internet_service_custom_group: - name: "default_name_103 (source firewall.internet-service-custom-group.name)" internet_service_group: - name: "default_name_105 (source firewall.internet-service-group.name)" internet_service_id: - id: "107 (source firewall.internet-service.id)" jitter_weight: "5000000" latency_weight: "5000000" link_cost_factor: "latency" link_cost_threshold: "5000000" member: "2147483647" mode: "auto" name: "default_name_114" packet_loss_weight: "5000000" priority_members: - seq_num: "" protocol: "127" quality_link: "127" role: "standalone" route_tag: "2147483647" sla: - health_check: " (source system.virtual-wan-link.health-check.name)" id: "124" sla_compare_method: "order" src: - name: "default_name_127 (source firewall.address.name firewall.addrgrp.name)" src_negate: "enable" src6: - name: "default_name_130 (source firewall.address6.name firewall.addrgrp6.name)" standalone_action: "enable" start_port: "32767" status: "enable" tos: "" tos_mask: "" users: - name: "default_name_137 (source user.local.name)" status: "disable" zone: - name: "default_name_140" Return Values ------------- Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module: .. raw:: html

build - Build number of the fortigate image returned: always type: str sample: 1547
http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
revision - Internal revision number returned: always type: str sample: 17.0.2.10658
serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
status - Indication of the operation's result returned: always type: str sample: success
vdom - Virtual domain used returned: always type: str sample: root
version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status ------ - This module is not guaranteed to have a backwards compatible interface. Authors ------- - Link Zheng (@chillancezen) - Jie Xue (@JieX19) - Hongbin Lu (@fgtdev-hblu) - Frank Shen (@frankshen01) - Miguel Angel Munoz (@mamunozgonzalez) - Nicolas Thomas (@thomnico) .. hint:: If you notice any issues in this documentation, you can create a pull request to improve it.

	Supported Version Ranges
system_virtual_wan_link	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
fail_alert_interfaces	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
fail_detect	`v6.0.0 -> v6.2.7`
[enable]	`v6.0.0 -> v6.2.7`
[disable]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
addr_mode	`v6.0.0 -> v6.2.7`
[ipv4]	`v6.0.0 -> v6.2.7`
[ipv6]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
diffservcode	`v6.2.0 -> v6.2.0`	`v6.2.5 -> v6.2.7`

	Supported Version Ranges
probe_packets	`v6.2.0 -> v6.2.7`
[disable]	`v6.2.0 -> v6.2.7`
[enable]	`v6.2.0 -> v6.2.7`

	Supported Version Ranges
probe_timeout	`v6.2.0 -> v6.2.0`	`v6.2.5 -> v6.2.7`

	Supported Version Ranges
protocol	`v6.0.0 -> v6.2.7`
[ping]	`v6.0.0 -> v6.2.7`
[tcp-echo]	`v6.0.0 -> v6.2.7`
[udp-echo]	`v6.0.0 -> v6.2.7`
[http]	`v6.0.0 -> v6.2.7`
[twamp]	`v6.0.0 -> v6.2.7`
[ping6]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
security_mode	`v6.0.0 -> v6.2.7`
[none]	`v6.0.0 -> v6.2.7`
[authentication]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
link_cost_factor	`v6.0.0 -> v6.2.7`
[latency]	`v6.0.0 -> v6.2.7`
[jitter]	`v6.0.0 -> v6.2.7`
[packet-loss]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
packetloss_threshold	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
sla_fail_log_period	`v6.2.0 -> v6.2.7`

	Supported Version Ranges
sla_pass_log_period	`v6.2.0 -> v6.2.7`

	Supported Version Ranges
threshold_alert_jitter	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
threshold_alert_latency	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
threshold_alert_packetloss	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
threshold_warning_jitter	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
threshold_warning_latency	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
threshold_warning_packetloss	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
update_cascade_interface	`v6.0.0 -> v6.2.7`
[enable]	`v6.0.0 -> v6.2.7`
[disable]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
update_static_route	`v6.0.0 -> v6.2.7`
[enable]	`v6.0.0 -> v6.2.7`
[disable]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
load_balance_mode	`v6.0.0 -> v6.2.7`
[source-ip-based]	`v6.0.0 -> v6.2.7`
[weight-based]	`v6.0.0 -> v6.2.7`
[usage-based]	`v6.0.0 -> v6.2.7`
[source-dest-ip-based]	`v6.0.0 -> v6.2.7`
[measured-volume-based]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
ingress_spillover_threshold	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
spillover_threshold	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
status	`v6.0.0 -> v6.2.7`
[disable]	`v6.0.0 -> v6.2.7`
[enable]	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
role	`v6.2.0 -> v6.2.7`
[standalone]	`v6.2.0 -> v6.2.7`
[primary]	`v6.2.0 -> v6.2.7`
[secondary]	`v6.2.0 -> v6.2.7`

	Supported Version Ranges
neighbor_hold_boot_time	`v6.2.0 -> v6.2.7`

	Supported Version Ranges
neighbor_hold_down	`v6.2.0 -> v6.2.7`
[enable]	`v6.2.0 -> v6.2.7`
[disable]	`v6.2.0 -> v6.2.7`

	Supported Version Ranges
neighbor_hold_down_time	`v6.2.0 -> v6.2.7`

	Supported Version Ranges
default	`v6.0.0 -> v6.2.7`
[enable]	`v6.0.0 -> v6.2.7`
[disable]	`v6.0.0 -> v6.2.7`