meraki_mr_l3_firewall – Manage MR access point layer 3 firewalls in the Meraki cloud

New in version 2.7.

Synopsis
Parameters
Notes
Examples
Status

Synopsis

Allows for creation, management, and visibility into layer 3 firewalls implemented on Meraki MR access points.

Parameters

Parameter		Choices/Defaults	Comments
allow_lan_access boolean		Choices: no yes ←	Sets whether devices can talk to other devices on the same LAN.
auth_key string			Authentication key provided by the dashboard. Required if environmental variable `MERAKI_KEY` is not set.
host string		Default: "api.meraki.com"	Hostname for Meraki dashboard. Can be used to access regional Meraki environments, such as China.
net_id string			ID of network containing access points.
net_name string			Name of network containing access points.
number integer			Number of SSID to apply firewall rule to. aliases: ssid_number
org_id integer			ID of organization.
org_name string			Name of organization. aliases: organization
output_level string		Choices: debug normal ←	Set amount of debug output during module execution.
rules list			List of firewall rules.
	comment string		Optional comment describing the firewall rule.
	dest_cidr string		Comma-separated list of CIDR notation networks to match.
	dest_port string		Comma-seperated list of destination ports to match.
	policy string	Choices: allow deny	Specifies the action that should be taken when rule is hit.
	protocol string	Choices: any icmp tcp udp	Specifies protocol to match against.
ssid_name string			Name of SSID to apply firewall rule to. aliases: ssid
state string		Choices: present ← query	Create or modify an organization.
timeout integer		Default: 30	Time to timeout for HTTP requests.
use_https boolean		Choices: no yes ←	If `no`, it will use HTTP. Otherwise it will use HTTPS. Only useful for internal Meraki developers.
use_proxy boolean		Choices: no yes	If `no`, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
validate_certs boolean		Choices: no yes ←	Whether to validate HTTP certificates.

Notes

Note

More information about the Meraki API can be found at https://dashboard.meraki.com/api_docs.
Some of the options are likely only used for developers within Meraki.

Examples

- name: Create single firewall rule
  meraki_mr_l3_firewall:
    auth_key: abc123
    state: present
    org_name: YourOrg
    net_id: 12345
    number: 1
    rules:
      - comment: Integration test rule
        policy: allow
        protocol: tcp
        dest_port: 80
        dest_cidr: 192.0.2.0/24
    allow_lan_access: no
  delegate_to: localhost

- name: Enable local LAN access
  meraki_mr_l3_firewall:
    auth_key: abc123
    state: present
    org_name: YourOrg
    net_id: 123
    number: 1
    rules:
    allow_lan_access: yes
  delegate_to: localhost

- name: Query firewall rules
  meraki_mr_l3_firewall:
    auth_key: abc123
    state: query
    org_name: YourOrg
    net_name: YourNet
    number: 1
  delegate_to: localhost

Status

This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]

Authors

Kevin Breit (@kbreit)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/meraki_mr_l3_firewall_module.html