fortios_wireless_controller_wtp – Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate in Fortinet’s FortiOS and FortiGate
New in version 2.8.
Synopsis
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify wireless_controller feature and wtp category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.5
Requirements
The below requirements are needed on the host that executes this module.
- fortiosapi>=0.9.8
Parameters
Parameter | Choices/Defaults | Comments | |||
---|---|---|---|---|---|
host string | FortiOS or FortiGate IP address. | ||||
https boolean |
| Indicates if the requests towards FortiGate must use HTTPS protocol. | |||
password string | Default: "" | FortiOS or FortiGate password. | |||
ssl_verify boolean added in 2.9 |
| Ensures FortiGate certificate must be verified by a proper CA. | |||
state string added in 2.9 |
| Indicates whether to create or remove the object. This attribute was present already in previous version in a deeper level. It has been moved out to this outer level. | |||
username string | FortiOS or FortiGate username. | ||||
vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. | |||
wireless_controller_wtp dictionary | Default: null | Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate. | |||
admin string |
| Configure how the FortiGate operating as a wireless controller discovers and manages this WTP, AP or FortiAP. | |||
allowaccess string |
| Control management access to the managed WTP, FortiAP, or AP. Separate entries with a space. | |||
bonjour_profile string | Bonjour profile name. Source wireless-controller.bonjour-profile.name. | ||||
coordinate_enable string |
| Enable/disable WTP coordinates (X,Y axis). | |||
coordinate_latitude string | WTP latitude coordinate. | ||||
coordinate_longitude string | WTP longitude coordinate. | ||||
coordinate_x string | X axis coordinate. | ||||
coordinate_y string | Y axis coordinate. | ||||
image_download string |
| Enable/disable WTP image download. | |||
index integer | Index (0 - 4294967295). | ||||
ip_fragment_preventing string |
| Method by which IP fragmentation is prevented for CAPWAP tunneled control and data packets . | |||
lan dictionary | WTP LAN port mapping. | ||||
port1_mode string |
| LAN port 1 mode. | |||
port1_ssid string | Bridge LAN port 1 to SSID. Source wireless-controller.vap.name. | ||||
port2_mode string |
| LAN port 2 mode. | |||
port2_ssid string | Bridge LAN port 2 to SSID. Source wireless-controller.vap.name. | ||||
port3_mode string |
| LAN port 3 mode. | |||
port3_ssid string | Bridge LAN port 3 to SSID. Source wireless-controller.vap.name. | ||||
port4_mode string |
| LAN port 4 mode. | |||
port4_ssid string | Bridge LAN port 4 to SSID. Source wireless-controller.vap.name. | ||||
port5_mode string |
| LAN port 5 mode. | |||
port5_ssid string | Bridge LAN port 5 to SSID. Source wireless-controller.vap.name. | ||||
port6_mode string |
| LAN port 6 mode. | |||
port6_ssid string | Bridge LAN port 6 to SSID. Source wireless-controller.vap.name. | ||||
port7_mode string |
| LAN port 7 mode. | |||
port7_ssid string | Bridge LAN port 7 to SSID. Source wireless-controller.vap.name. | ||||
port8_mode string |
| LAN port 8 mode. | |||
port8_ssid string | Bridge LAN port 8 to SSID. Source wireless-controller.vap.name. | ||||
port_mode string |
| LAN port mode. | |||
port_ssid string | Bridge LAN port to SSID. Source wireless-controller.vap.name. | ||||
led_state string |
| Enable to allow the FortiAPs LEDs to light. Disable to keep the LEDs off. You may want to keep the LEDs off so they are not distracting in low light areas etc. | |||
location string | Field for describing the physical location of the WTP, AP or FortiAP. | ||||
login_passwd string | Set the managed WTP, FortiAP, or AP's administrator password. | ||||
login_passwd_change string |
| Change or reset the administrator password of a managed WTP, FortiAP or AP (yes, default, or no). | |||
mesh_bridge_enable string |
| Enable/disable mesh Ethernet bridge when WTP is configured as a mesh branch/leaf AP. | |||
name string | WTP, AP or FortiAP configuration name. | ||||
override_allowaccess string |
| Enable to override the WTP profile management access configuration. | |||
override_ip_fragment string |
| Enable/disable overriding the WTP profile IP fragment prevention setting. | |||
override_lan string |
| Enable to override the WTP profile LAN port setting. | |||
override_led_state string |
| Enable to override the profile LED state setting for this FortiAP. You must enable this option to use the led-state command to turn off the FortiAP's LEDs. | |||
override_login_passwd_change string |
| Enable to override the WTP profile login-password (administrator password) setting. | |||
override_split_tunnel string |
| Enable/disable overriding the WTP profile split tunneling setting. | |||
override_wan_port_mode string |
| Enable/disable overriding the wan-port-mode in the WTP profile. | |||
radio_1 dictionary | Configuration options for radio 1. | ||||
auto_power_high integer | Automatic transmission power high limit in decibels (dB) of the measured power referenced to one milliwatt (mW), or dBm (10 - 17 dBm). | ||||
auto_power_level string |
| Enable/disable automatic power-level adjustment to prevent co-channel interference . | |||
auto_power_low integer | Automatic transmission power low limit in dBm (the actual range of transmit power depends on the AP platform type). | ||||
band string |
| WiFi band that Radio 1 operates on. | |||
channel list | Selected list of wireless radio channels. | ||||
chan string / required | Channel number. | ||||
override_analysis string |
| Enable to override the WTP profile spectrum analysis configuration. | |||
override_band string |
| Enable to override the WTP profile band setting. | |||
override_channel string |
| Enable to override WTP profile channel settings. | |||
override_txpower string |
| Enable to override the WTP profile power level configuration. | |||
override_vaps string |
| Enable to override WTP profile Virtual Access Point (VAP) settings. | |||
power_level integer | Radio power level as a percentage of the maximum transmit power (0 - 100). | ||||
radio_id integer | radio-id | ||||
spectrum_analysis string |
| Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. | |||
vap_all string |
| Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) . | |||
vaps list | Manually selected list of Virtual Access Points (VAPs). | ||||
name string / required | Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name wireless-controller.vap.name. | ||||
radio_2 dictionary | Configuration options for radio 2. | ||||
auto_power_high integer | Automatic transmission power high limit in decibels (dB) of the measured power referenced to one milliwatt (mW), or dBm (10 - 17 dBm). | ||||
auto_power_level string |
| Enable/disable automatic power-level adjustment to prevent co-channel interference . | |||
auto_power_low integer | Automatic transmission power low limit in dBm (the actual range of transmit power depends on the AP platform type). | ||||
band string |
| WiFi band that Radio 1 operates on. | |||
channel list | Selected list of wireless radio channels. | ||||
chan string / required | Channel number. | ||||
override_analysis string |
| Enable to override the WTP profile spectrum analysis configuration. | |||
override_band string |
| Enable to override the WTP profile band setting. | |||
override_channel string |
| Enable to override WTP profile channel settings. | |||
override_txpower string |
| Enable to override the WTP profile power level configuration. | |||
override_vaps string |
| Enable to override WTP profile Virtual Access Point (VAP) settings. | |||
power_level integer | Radio power level as a percentage of the maximum transmit power (0 - 100). | ||||
radio_id integer | radio-id | ||||
spectrum_analysis string |
| Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. | |||
vap_all string |
| Enable/disable the automatic inheritance of all Virtual Access Points (VAPs) . | |||
vaps list | Manually selected list of Virtual Access Points (VAPs). | ||||
name string / required | Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name wireless-controller.vap.name. | ||||
split_tunneling_acl list | Split tunneling ACL filter list. | ||||
dest_ip string | Destination IP and mask for the split-tunneling subnet. | ||||
id integer / required | ID. | ||||
split_tunneling_acl_local_ap_subnet string |
| Enable/disable automatically adding local subnetwork of FortiAP to split-tunneling ACL . | |||
split_tunneling_acl_path string |
| Split tunneling ACL path is local/tunnel. | |||
state string |
| Deprecated Starting with Ansible 2.9 we recommend using the top-level 'state' parameter. Indicates whether to create or remove the object. | |||
tun_mtu_downlink integer | Downlink tunnel MTU in octets. Set the value to either 0 (by default), 576, or 1500. | ||||
tun_mtu_uplink integer | Uplink tunnel maximum transmission unit (MTU) in octets (eight-bit bytes). Set the value to either 0 (by default), 576, or 1500. | ||||
wan_port_mode string |
| Enable/disable using the FortiAP WAN port as a LAN port. | |||
wtp_id string | WTP ID. | ||||
wtp_mode string |
| WTP, AP, or FortiAP operating mode; normal (by default) or remote. A tunnel mode SSID can be assigned to an AP in normal mode but not remote mode, while a local-bridge mode SSID can be assigned to an AP in either normal mode or remote mode. | |||
wtp_profile string | WTP profile name to apply to this WTP, AP or FortiAP. Source wireless-controller.wtp-profile.name. |
Notes
Note
- Requires fortiosapi library developed by Fortinet
- Run as a local_action in your playbook
Examples
- hosts: localhost vars: host: "192.168.122.40" username: "admin" password: "" vdom: "root" ssl_verify: "False" tasks: - name: Configure Wireless Termination Points (WTPs), that is, FortiAPs or APs to be managed by FortiGate. fortios_wireless_controller_wtp: host: "{{ host }}" username: "{{ username }}" password: "{{ password }}" vdom: "{{ vdom }}" https: "False" state: "present" wireless_controller_wtp: admin: "discovered" allowaccess: "telnet" bonjour_profile: "<your_own_value> (source wireless-controller.bonjour-profile.name)" coordinate_enable: "enable" coordinate_latitude: "<your_own_value>" coordinate_longitude: "<your_own_value>" coordinate_x: "<your_own_value>" coordinate_y: "<your_own_value>" image_download: "enable" index: "12" ip_fragment_preventing: "tcp-mss-adjust" lan: port_mode: "offline" port_ssid: "<your_own_value> (source wireless-controller.vap.name)" port1_mode: "offline" port1_ssid: "<your_own_value> (source wireless-controller.vap.name)" port2_mode: "offline" port2_ssid: "<your_own_value> (source wireless-controller.vap.name)" port3_mode: "offline" port3_ssid: "<your_own_value> (source wireless-controller.vap.name)" port4_mode: "offline" port4_ssid: "<your_own_value> (source wireless-controller.vap.name)" port5_mode: "offline" port5_ssid: "<your_own_value> (source wireless-controller.vap.name)" port6_mode: "offline" port6_ssid: "<your_own_value> (source wireless-controller.vap.name)" port7_mode: "offline" port7_ssid: "<your_own_value> (source wireless-controller.vap.name)" port8_mode: "offline" port8_ssid: "<your_own_value> (source wireless-controller.vap.name)" led_state: "enable" location: "<your_own_value>" login_passwd: "<your_own_value>" login_passwd_change: "yes" mesh_bridge_enable: "default" name: "default_name_38" override_allowaccess: "enable" override_ip_fragment: "enable" override_lan: "enable" override_led_state: "enable" override_login_passwd_change: "enable" override_split_tunnel: "enable" override_wan_port_mode: "enable" radio_1: auto_power_high: "47" auto_power_level: "enable" auto_power_low: "49" band: "802.11a" channel: - chan: "<your_own_value>" override_analysis: "enable" override_band: "enable" override_channel: "enable" override_txpower: "enable" override_vaps: "enable" power_level: "58" radio_id: "59" spectrum_analysis: "enable" vap_all: "enable" vaps: - name: "default_name_63 (source wireless-controller.vap-group.name wireless-controller.vap.name)" radio_2: auto_power_high: "65" auto_power_level: "enable" auto_power_low: "67" band: "802.11a" channel: - chan: "<your_own_value>" override_analysis: "enable" override_band: "enable" override_channel: "enable" override_txpower: "enable" override_vaps: "enable" power_level: "76" radio_id: "77" spectrum_analysis: "enable" vap_all: "enable" vaps: - name: "default_name_81 (source wireless-controller.vap-group.name wireless-controller.vap.name)" split_tunneling_acl: - dest_ip: "<your_own_value>" id: "84" split_tunneling_acl_local_ap_subnet: "enable" split_tunneling_acl_path: "tunnel" tun_mtu_downlink: "87" tun_mtu_uplink: "88" wan_port_mode: "wan-lan" wtp_id: "<your_own_value>" wtp_mode: "normal" wtp_profile: "<your_own_value> (source wireless-controller.wtp-profile.name)"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build string | always | Build number of the fortigate image Sample: 1547 |
http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
name string | always | Name of the table used to fulfill the request Sample: urlfilter |
path string | always | Path of the table used to fulfill the request Sample: webfilter |
revision string | always | Internal revision number Sample: 17.0.2.10658 |
serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
status string | always | Indication of the operation's result Sample: success |
vdom string | always | Virtual domain used Sample: root |
version string | always | Version of the FortiGate Sample: v5.6.3 |
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/fortios_wireless_controller_wtp_module.html