fortinet.fortios.fortios_wireless_controller_wtp – Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate in Fortinet’s FortiOS and FortiGate.
Note
This plugin is part of the fortinet.fortios collection (version 2.1.2).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install fortinet.fortios
.
To use it in a playbook, specify: fortinet.fortios.fortios_wireless_controller_wtp
.
New in version 2.10: of fortinet.fortios
Synopsis
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify wireless_controller feature and wtp category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
Parameter | Choices/Defaults | Comments | |||
---|---|---|---|---|---|
access_token string | Token-based authentication. Generated from GUI of Fortigate. | ||||
enable_log boolean |
| Enable/Disable logging for task. | |||
state string / required |
| Indicates whether to create or remove the object. | |||
vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. | |||
wireless_controller_wtp dictionary | Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate. | ||||
admin string |
| Configure how the FortiGate operating as a wireless controller discovers and manages this WTP, AP or FortiAP. | |||
allowaccess list / elements=string |
| Control management access to the managed WTP, FortiAP, or AP. Separate entries with a space. | |||
apcfg_profile string | AP local configuration profile name. Source wireless-controller.apcfg-profile.name. | ||||
bonjour_profile string | Bonjour profile name. Source wireless-controller.bonjour-profile.name. | ||||
coordinate_enable string |
| Enable/disable WTP coordinates (X,Y axis). | |||
coordinate_latitude string | WTP latitude coordinate. | ||||
coordinate_longitude string | WTP longitude coordinate. | ||||
coordinate_x string | X axis coordinate. | ||||
coordinate_y string | Y axis coordinate. | ||||
firmware_provision string | Firmware version to provision to this FortiAP on bootup (major.minor.build, i.e. 6.2.1234). | ||||
image_download string |
| Enable/disable WTP image download. | |||
index integer | Index (0 - 4294967295). | ||||
ip_fragment_preventing list / elements=string |
| Method by which IP fragmentation is prevented for CAPWAP tunneled control and data packets . | |||
lan dictionary | WTP LAN port mapping. | ||||
port1_mode string |
| LAN port 1 mode. | |||
port1_ssid string | Bridge LAN port 1 to SSID. Source wireless-controller.vap.name. | ||||
port2_mode string |
| LAN port 2 mode. | |||
port2_ssid string | Bridge LAN port 2 to SSID. Source wireless-controller.vap.name. | ||||
port3_mode string |
| LAN port 3 mode. | |||
port3_ssid string | Bridge LAN port 3 to SSID. Source wireless-controller.vap.name. | ||||
port4_mode string |
| LAN port 4 mode. | |||
port4_ssid string | Bridge LAN port 4 to SSID. Source wireless-controller.vap.name. | ||||
port5_mode string |
| LAN port 5 mode. | |||
port5_ssid string | Bridge LAN port 5 to SSID. Source wireless-controller.vap.name. | ||||
port6_mode string |
| LAN port 6 mode. | |||
port6_ssid string | Bridge LAN port 6 to SSID. Source wireless-controller.vap.name. | ||||
port7_mode string |
| LAN port 7 mode. | |||
port7_ssid string | Bridge LAN port 7 to SSID. Source wireless-controller.vap.name. | ||||
port8_mode string |
| LAN port 8 mode. | |||
port8_ssid string | Bridge LAN port 8 to SSID. Source wireless-controller.vap.name. | ||||
port_esl_mode string |
| ESL port mode. | |||
port_esl_ssid string | Bridge ESL port to SSID. Source system.interface.name. | ||||
port_mode string |
| LAN port mode. | |||
port_ssid string | Bridge LAN port to SSID. Source wireless-controller.vap.name. | ||||
led_state string |
| Enable to allow the FortiAPs LEDs to light. Disable to keep the LEDs off. You may want to keep the LEDs off so they are not distracting in low light areas etc. | |||
location string | Field for describing the physical location of the WTP, AP or FortiAP. | ||||
login_passwd string | Set the managed WTP, FortiAP, or AP"s administrator password. | ||||
login_passwd_change string |
| Change or reset the administrator password of a managed WTP, FortiAP or AP (yes, default, or no). | |||
mesh_bridge_enable string |
| Enable/disable mesh Ethernet bridge when WTP is configured as a mesh branch/leaf AP. | |||
name string | WTP, AP or FortiAP configuration name. | ||||
override_allowaccess string |
| Enable to override the WTP profile management access configuration. | |||
override_ip_fragment string |
| Enable/disable overriding the WTP profile IP fragment prevention setting. | |||
override_lan string |
| Enable to override the WTP profile LAN port setting. | |||
override_led_state string |
| Enable to override the profile LED state setting for this FortiAP. You must enable this option to use the led-state command to turn off the FortiAP"s LEDs. | |||
override_login_passwd_change string |
| Enable to override the WTP profile login-password (administrator password) setting. | |||
override_split_tunnel string |
| Enable/disable overriding the WTP profile split tunneling setting. | |||
override_wan_port_mode string |
| Enable/disable overriding the wan-port-mode in the WTP profile. | |||
radio_1 dictionary | Configuration options for radio 1. | ||||
auto_power_high integer | Automatic transmission power high limit in decibels (dB) of the measured power referenced to one milliwatt (mW), or dBm (10 - 17 dBm). | ||||
auto_power_level string |
| Enable/disable automatic power-level adjustment to prevent co-channel interference . | |||
auto_power_low integer | Automatic transmission power low limit in dBm (the actual range of transmit power depends on the AP platform type). | ||||
auto_power_target string | The target of automatic transmit power adjustment in dBm. (-95 to -20). | ||||
band string |
| WiFi band that Radio 1 operates on. | |||
channel list / elements=string | Selected list of wireless radio channels. | ||||
chan string / required | Channel number. | ||||
drma_manual_mode string |
| Radio mode to be used for DRMA manual mode . | |||
override_analysis string |
| Enable to override the WTP profile spectrum analysis configuration. | |||
override_band string |
| Enable to override the WTP profile band setting. | |||
override_channel string |
| Enable to override WTP profile channel settings. | |||
override_txpower string |
| Enable to override the WTP profile power level configuration. | |||
override_vaps string |
| Enable to override WTP profile Virtual Access Point (VAP) settings. | |||
power_level integer | Radio power level as a percentage of the maximum transmit power (0 - 100). | ||||
power_mode string |
| Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities. | |||
power_value integer | Radio EIRP power in dBm (1 - 33). | ||||
radio_id integer | radio-id | ||||
spectrum_analysis string |
| Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. | |||
vap_all string |
| Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) . | |||
vaps list / elements=string | Manually selected list of Virtual Access Points (VAPs). | ||||
name string / required | Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name wireless-controller.vap.name. | ||||
radio_2 dictionary | Configuration options for radio 2. | ||||
auto_power_high integer | Automatic transmission power high limit in decibels (dB) of the measured power referenced to one milliwatt (mW), or dBm (10 - 17 dBm). | ||||
auto_power_level string |
| Enable/disable automatic power-level adjustment to prevent co-channel interference . | |||
auto_power_low integer | Automatic transmission power low limit in dBm (the actual range of transmit power depends on the AP platform type). | ||||
auto_power_target string | The target of automatic transmit power adjustment in dBm. (-95 to -20). | ||||
band string |
| WiFi band that Radio 1 operates on. | |||
channel list / elements=string | Selected list of wireless radio channels. | ||||
chan string / required | Channel number. | ||||
drma_manual_mode string |
| Radio mode to be used for DRMA manual mode . | |||
override_analysis string |
| Enable to override the WTP profile spectrum analysis configuration. | |||
override_band string |
| Enable to override the WTP profile band setting. | |||
override_channel string |
| Enable to override WTP profile channel settings. | |||
override_txpower string |
| Enable to override the WTP profile power level configuration. | |||
override_vaps string |
| Enable to override WTP profile Virtual Access Point (VAP) settings. | |||
power_level integer | Radio power level as a percentage of the maximum transmit power (0 - 100). | ||||
power_mode string |
| Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities. | |||
power_value integer | Radio EIRP power in dBm (1 - 33). | ||||
radio_id integer | radio-id | ||||
spectrum_analysis string |
| Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. | |||
vap_all string |
| Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) . | |||
vaps list / elements=string | Manually selected list of Virtual Access Points (VAPs). | ||||
name string / required | Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name wireless-controller.vap.name. | ||||
radio_3 dictionary | Configuration options for radio 3. | ||||
auto_power_high integer | The upper bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). | ||||
auto_power_level string |
| Enable/disable automatic power-level adjustment to prevent co-channel interference . | |||
auto_power_low integer | The lower bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). | ||||
auto_power_target string | The target of automatic transmit power adjustment in dBm. (-95 to -20). | ||||
band string |
| WiFi band that Radio 3 operates on. | |||
channel list / elements=string | Selected list of wireless radio channels. | ||||
chan string / required | Channel number. | ||||
drma_manual_mode string |
| Radio mode to be used for DRMA manual mode . | |||
override_analysis string |
| Enable to override the WTP profile spectrum analysis configuration. | |||
override_band string |
| Enable to override the WTP profile band setting. | |||
override_channel string |
| Enable to override WTP profile channel settings. | |||
override_txpower string |
| Enable to override the WTP profile power level configuration. | |||
override_vaps string |
| Enable to override WTP profile Virtual Access Point (VAP) settings. | |||
power_level integer | Radio power level as a percentage of the maximum transmit power (0 - 100). | ||||
power_mode string |
| Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities. | |||
power_value integer | Radio EIRP power in dBm (1 - 33). | ||||
radio_id integer | radio-id | ||||
spectrum_analysis string |
| Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. | |||
vap_all string |
| Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) . | |||
vaps list / elements=string | Manually selected list of Virtual Access Points (VAPs). | ||||
name string / required | Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name system.interface.name. | ||||
radio_4 dictionary | Configuration options for radio 4. | ||||
auto_power_high integer | The upper bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). | ||||
auto_power_level string |
| Enable/disable automatic power-level adjustment to prevent co-channel interference . | |||
auto_power_low integer | The lower bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). | ||||
auto_power_target string | The target of automatic transmit power adjustment in dBm. (-95 to -20). | ||||
band string |
| WiFi band that Radio 4 operates on. | |||
channel list / elements=string | Selected list of wireless radio channels. | ||||
chan string / required | Channel number. | ||||
drma_manual_mode string |
| Radio mode to be used for DRMA manual mode . | |||
override_analysis string |
| Enable to override the WTP profile spectrum analysis configuration. | |||
override_band string |
| Enable to override the WTP profile band setting. | |||
override_channel string |
| Enable to override WTP profile channel settings. | |||
override_txpower string |
| Enable to override the WTP profile power level configuration. | |||
override_vaps string |
| Enable to override WTP profile Virtual Access Point (VAP) settings. | |||
power_level integer | Radio power level as a percentage of the maximum transmit power (0 - 100). | ||||
power_mode string |
| Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities. | |||
power_value integer | Radio EIRP power in dBm (1 - 33). | ||||
spectrum_analysis string |
| Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. | |||
vap_all string |
| Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) . | |||
vaps list / elements=string | Manually selected list of Virtual Access Points (VAPs). | ||||
name string / required | Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name system.interface.name. | ||||
region string | Region name WTP is associated with. Source wireless-controller.region.name. | ||||
region_x string | Relative horizontal region coordinate (between 0 and 1). | ||||
region_y string | Relative vertical region coordinate (between 0 and 1). | ||||
split_tunneling_acl list / elements=string | Split tunneling ACL filter list. | ||||
dest_ip string | Destination IP and mask for the split-tunneling subnet. | ||||
id integer / required | ID. | ||||
split_tunneling_acl_local_ap_subnet string |
| Enable/disable automatically adding local subnetwork of FortiAP to split-tunneling ACL . | |||
split_tunneling_acl_path string |
| Split tunneling ACL path is local/tunnel. | |||
tun_mtu_downlink integer | Downlink tunnel MTU in octets. Set the value to either 0 (by default), 576, or 1500. | ||||
tun_mtu_uplink integer | Uplink tunnel maximum transmission unit (MTU) in octets (eight-bit bytes). Set the value to either 0 (by default), 576, or 1500. | ||||
uuid string | Universally Unique Identifier (UUID; automatically assigned but can be manually reset). | ||||
wan_port_mode string |
| Enable/disable using the FortiAP WAN port as a LAN port. | |||
wtp_id string | WTP ID. | ||||
wtp_mode string |
| WTP, AP, or FortiAP operating mode; normal (by default) or remote. A tunnel mode SSID can be assigned to an AP in normal mode but not remote mode, while a local-bridge mode SSID can be assigned to an AP in either normal mode or remote mode. | |||
wtp_profile string | WTP profile name to apply to this WTP, AP or FortiAP. Source wireless-controller.wtp-profile.name. |
Notes
Note
- Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks
Examples
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate. fortios_wireless_controller_wtp: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" wireless_controller_wtp: admin: "discovered" allowaccess: "telnet" apcfg_profile: "<your_own_value> (source wireless-controller.apcfg-profile.name)" bonjour_profile: "<your_own_value> (source wireless-controller.bonjour-profile.name)" coordinate_enable: "enable" coordinate_latitude: "<your_own_value>" coordinate_longitude: "<your_own_value>" coordinate_x: "<your_own_value>" coordinate_y: "<your_own_value>" firmware_provision: "<your_own_value>" image_download: "enable" index: "14" ip_fragment_preventing: "tcp-mss-adjust" lan: port_esl_mode: "offline" port_esl_ssid: "<your_own_value> (source system.interface.name)" port_mode: "offline" port_ssid: "<your_own_value> (source wireless-controller.vap.name)" port1_mode: "offline" port1_ssid: "<your_own_value> (source wireless-controller.vap.name)" port2_mode: "offline" port2_ssid: "<your_own_value> (source wireless-controller.vap.name)" port3_mode: "offline" port3_ssid: "<your_own_value> (source wireless-controller.vap.name)" port4_mode: "offline" port4_ssid: "<your_own_value> (source wireless-controller.vap.name)" port5_mode: "offline" port5_ssid: "<your_own_value> (source wireless-controller.vap.name)" port6_mode: "offline" port6_ssid: "<your_own_value> (source wireless-controller.vap.name)" port7_mode: "offline" port7_ssid: "<your_own_value> (source wireless-controller.vap.name)" port8_mode: "offline" port8_ssid: "<your_own_value> (source wireless-controller.vap.name)" led_state: "enable" location: "<your_own_value>" login_passwd: "<your_own_value>" login_passwd_change: "yes" mesh_bridge_enable: "default" name: "default_name_42" override_allowaccess: "enable" override_ip_fragment: "enable" override_lan: "enable" override_led_state: "enable" override_login_passwd_change: "enable" override_split_tunnel: "enable" override_wan_port_mode: "enable" radio_1: auto_power_high: "51" auto_power_level: "enable" auto_power_low: "53" auto_power_target: "<your_own_value>" band: "802.11a" channel: - chan: "<your_own_value>" drma_manual_mode: "ap" override_analysis: "enable" override_band: "enable" override_channel: "enable" override_txpower: "enable" override_vaps: "enable" power_level: "64" power_mode: "dBm" power_value: "66" radio_id: "67" spectrum_analysis: "enable" vap_all: "enable" vaps: - name: "default_name_71 (source wireless-controller.vap-group.name wireless-controller.vap.name)" radio_2: auto_power_high: "73" auto_power_level: "enable" auto_power_low: "75" auto_power_target: "<your_own_value>" band: "802.11a" channel: - chan: "<your_own_value>" drma_manual_mode: "ap" override_analysis: "enable" override_band: "enable" override_channel: "enable" override_txpower: "enable" override_vaps: "enable" power_level: "86" power_mode: "dBm" power_value: "88" radio_id: "89" spectrum_analysis: "enable" vap_all: "enable" vaps: - name: "default_name_93 (source wireless-controller.vap-group.name wireless-controller.vap.name)" radio_3: auto_power_high: "95" auto_power_level: "enable" auto_power_low: "97" auto_power_target: "<your_own_value>" band: "802.11a" channel: - chan: "<your_own_value>" drma_manual_mode: "ap" override_analysis: "enable" override_band: "enable" override_channel: "enable" override_txpower: "enable" override_vaps: "enable" power_level: "108" power_mode: "dBm" power_value: "110" radio_id: "111" spectrum_analysis: "enable" vap_all: "enable" vaps: - name: "default_name_115 (source wireless-controller.vap-group.name system.interface.name)" radio_4: auto_power_high: "117" auto_power_level: "enable" auto_power_low: "119" auto_power_target: "<your_own_value>" band: "802.11a" channel: - chan: "<your_own_value>" drma_manual_mode: "ap" override_analysis: "enable" override_band: "enable" override_channel: "enable" override_txpower: "enable" override_vaps: "enable" power_level: "130" power_mode: "dBm" power_value: "132" spectrum_analysis: "enable" vap_all: "enable" vaps: - name: "default_name_136 (source wireless-controller.vap-group.name system.interface.name)" region: "<your_own_value> (source wireless-controller.region.name)" region_x: "<your_own_value>" region_y: "<your_own_value>" split_tunneling_acl: - dest_ip: "<your_own_value>" id: "142" split_tunneling_acl_local_ap_subnet: "enable" split_tunneling_acl_path: "tunnel" tun_mtu_downlink: "145" tun_mtu_uplink: "146" uuid: "<your_own_value>" wan_port_mode: "wan-lan" wtp_id: "<your_own_value>" wtp_mode: "normal" wtp_profile: "<your_own_value> (source wireless-controller.wtp-profile.name)"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build string | always | Build number of the fortigate image Sample: 1547 |
http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
name string | always | Name of the table used to fulfill the request Sample: urlfilter |
path string | always | Path of the table used to fulfill the request Sample: webfilter |
revision string | always | Internal revision number Sample: 17.0.2.10658 |
serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
status string | always | Indication of the operation's result Sample: success |
vdom string | always | Virtual domain used Sample: root |
version string | always | Version of the FortiGate Sample: v5.6.3 |
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Hongbin Lu (@fgtdev-hblu)
- Frank Shen (@frankshen01)
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_wireless_controller_wtp_module.html