:source: fmgr_vpn_ipsec_phase1.py :orphan: .. _fmgr_vpn_ipsec_phase1: fmgr_vpn_ipsec_phase1 -- Configure VPN remote gateway. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.12.0 .. warning:: Starting in version 3.0.0, all input arguments will be named using the underscore naming convention (snake_case). - Argument name before 3.0.0: ``var-name``, ``var name``, ``var.name`` - New argument name starting in 3.0.0: ``var_name`` FortiManager Ansible v2.4+ supports both previous argument name and new underscore name. You will receive deprecation warnings if you keep using the previous argument name. You can ignore the warning by setting deprecation_warnings=False in ansible.cfg. .. contents:: :local: :depth: 1 Synopsis -------- - This module is able to configure a FortiManager device. - Examples include all parameters and values need to be adjusted to data sources before usage. - Tested with FortiManager v7.x. Requirements ------------ The below requirements are needed on the host that executes this module. - ansible-core>=2.16.0 FortiManager Version Compatibility ---------------------------------- .. raw:: html

Supported Version Ranges: v7.6.4 -> latest

Parameters ---------- .. raw:: html Notes ----- .. note:: - Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work. - To create or update an object, use state: present directive. - To delete an object, use state: absent directive - Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded Examples -------- .. code-block:: yaml+jinja - name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi gather_facts: false tasks: - name: Configure VPN remote gateway. fortinet.fortimanager.fmgr_vpn_ipsec_phase1: # workspace_locking_adom: adom: state: present # vpn_ipsec_phase1: name: "your value" # Required variable, string # acct_verify: # add_gw_route: # add_route: # addke1: ["0", "1080", "1081", "1082", "1083", "1084", "1085", "1089", "1090", "1091", # "1092", "1093", "1094", "35", "36", "37"] # addke2: ["0", "1080", "1081", "1082", "1083", "1084", "1085", "1089", "1090", "1091", # "1092", "1093", "1094", "35", "36", "37"] # addke3: ["0", "1080", "1081", "1082", "1083", "1084", "1085", "1089", "1090", "1091", # "1092", "1093", "1094", "35", "36", "37"] # addke4: ["0", "1080", "1081", "1082", "1083", "1084", "1085", "1089", "1090", "1091", # "1092", "1093", "1094", "35", "36", "37"] # addke5: ["0", "1080", "1081", "1082", "1083", "1084", "1085", "1089", "1090", "1091", # "1092", "1093", "1094", "35", "36", "37"] # addke6: ["0", "1080", "1081", "1082", "1083", "1084", "1085", "1089", "1090", "1091", # "1092", "1093", "1094", "35", "36", "37"] # addke7: ["0", "1080", "1081", "1082", "1083", "1084", "1085", "1089", "1090", "1091", # "1092", "1093", "1094", "35", "36", "37"] # assign_ip: # assign_ip_from: # authmethod: # authmethod_remote: # authpasswd: # authusr: # authusrgrp: # auto_negotiate: # auto_transport_threshold: # azure_ad_autoconnect: # backup_gateway: # banner: # cert_id_validation: # cert_peer_username_strip: # cert_peer_username_validation: # cert_trust_store: # certificate: # childless_ike: # client_auto_negotiate: # client_keep_alive: # client_resume: # client_resume_interval: # comments: # dev_id: # dev_id_notification: # dhcp_ra_giaddr: # dhcp6_ra_linkaddr: # dhgrp: ["1", "2", "5", "14", "15", "16", "17", "18", "19", "20", "21", "27", "28", # "29", "30", "31", "32"] # digital_signature_auth: # distance: # dns_mode: # dns_suffix_search: # domain: # dpd: # dpd_retrycount: # dpd_retryinterval: # eap: # eap_cert_auth: # eap_exclude_peergrp: # eap_identity: # ems_sn_check: # enforce_unique_id: # esn: # exchange_fgt_device_id: # fec_base: # fec_codec: # fec_egress: # fec_health_check: # fec_ingress: # fec_mapping_profile: # fec_receive_timeout: # fec_redundant: # fec_send_timeout: # fgsp_sync: # fortinet_esp: # fragmentation: # fragmentation_mtu: # group_authentication: # group_authentication_secret: # ha_sync_esp_seqno: # idle_timeout: # idle_timeoutinterval: # ike_version: # inbound_dscp_copy: # include_local_lan: # interface: # internal_domain_list: # ip_delay_interval: # ipv4_dns_server1: # ipv4_dns_server2: # ipv4_dns_server3: # ipv4_end_ip: # ipv4_exclude_range: # - end_ip: # id: # start_ip: # ipv4_name: # ipv4_netmask: # ipv4_split_exclude: # ipv4_split_include: # ipv4_start_ip: # ipv4_wins_server1: # ipv4_wins_server2: # ipv6_auto_linklocal: # ipv6_dns_server1: # ipv6_dns_server2: # ipv6_dns_server3: # ipv6_end_ip: # ipv6_exclude_range: # - end_ip: # id: # start_ip: # ipv6_name: # ipv6_prefix: # ipv6_split_exclude: # ipv6_split_include: # ipv6_start_ip: # keepalive: # keylife: # kms: # link_cost: # local_gw: # localid: # localid_type: # loopback_asymroute: # mesh_selector_type: # mode: # mode_cfg: # mode_cfg_allow_client_selector: # nattraversal: # negotiate_timeout: # network_id: # network_overlay: # npu_offload: # peer: # peergrp: # peerid: # peertype: # ppk: # ppk_identity: # ppk_secret: # priority: # proposal: # psksecret: # psksecret_remote: # qkd: # qkd_hybrid: # qkd_profile: # reauth: # rekey: # remote_gw: # remote_gw_country: # remote_gw_end_ip: # remote_gw_match: # remote_gw_start_ip: # remote_gw_subnet: # remote_gw_ztna_tags: # remote_gw6_country: # remote_gw6_end_ip: # remote_gw6_match: # remote_gw6_start_ip: # remote_gw6_subnet: # remotegw_ddns: # rsa_signature_format: # rsa_signature_hash_override: # save_password: # send_cert_chain: # shared_idle_timeout: # signature_hash_alg: ["sha1", "sha2-256", "sha2-384", "sha2-512"] # split_include_service: # suite_b: # transit_gateway: # transport: # type: # unity_support: # usrgrp: # wizard_type: # xauthtype: # fallback_tcp_threshold: # forticlient_enforcement: Return Values ------------- Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module: .. raw:: html
  • meta - The result of the request.returned: always type: dict
    • request_url - The full url requested. returned: always type: str sample: /sys/login/user
    • response_code - The status of api request. returned: always type: int sample: 0
    • response_data - The data body of the api response. returned: optional type: list or dict
    • response_message - The descriptive message of the api response. returned: always type: str sample: OK
    • system_information - The information of the target system. returned: always type: dict
  • rc - The status the request. returned: always type: int sample: 0
  • version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status ------ - This module is not guaranteed to have a backwards compatible interface. Authors ------- - Xinwei Du (@dux-fortinet) - Xing Li (@lix-fortinet) - Jie Xue (@JieX19) - Link Zheng (@chillancezen) - Frank Shen (@fshen01) - Hongbin Lu (@fgtdev-hblu)