Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to create routes in a fortigate over an fortimanager #70

Open
patrickpreuss opened this issue Oct 14, 2023 · 4 comments
Open

How to create routes in a fortigate over an fortimanager #70

patrickpreuss opened this issue Oct 14, 2023 · 4 comments

Comments

@patrickpreuss
Copy link

Hello,

i to create some named routes over to fortimager on an fortigate.
it looks like that this is only possible while directly connecting to the fortigate.

Would be great to have more gateway settings accessible over the fortimanger.

Thanks for the help.

fortinet.fortimanager 2.2.0
fortinet.fortios 2.3.0
@dux-fortinet
Copy link

Hi @patrickpreuss,

What kind of route do you want to config?
It would be great if you could provide some images or example playbooks so we can give you a solution more precisely.
Currently, you can't config static routes in a FortiGate via FortiManager because FortiManager don't have this API.

Best regards

@patrickpreuss
Copy link
Author

patrickpreuss commented Oct 17, 2023
edited

Hi

i try to create an named route like:

config firewall address
    edit "DESTINATIONS"
        set allow-routing enable
        set subnet 10.0.0.0 255.0.0.0
    next
end
config router static
    edit 1
      set device wan1 
      set gateway 192.168.1.1
      set dstaddr DESTINATIONS
    next 
end

Creating the Address(es) is straight forward.

  - name: config for firewall_address
    fmgr_firewall_address:
      bypass_validation: False
      state: present
      adom: "{{ adom }}"
      firewall_address:
        allow-routing: enable
        name: "DESTINATIONS"
        subnet: "10.0.0.0/255.0.0.0"
        type: ipmask
        visibility: enable
        color: 17
    register: info

no i would like to have the possibility:
to create the static route on the gateway in the FortiManager

it looks like fortios_router_static is only avail for the direct communication with the gateway.

heaving the fortios_* functions available in the FortiManager would enable to do some more advanced provisioning tasks over the FortiManager.

BR
Patrick

@dux-fortinet
Copy link

dux-fortinet commented Oct 17, 2023
edited

Hi Patrick,

Thanks for your detailed explanation.

FortiManager Ansible Collection calls FortiManager APIs. Currently, FortiManager APIs don't support configuring static router (you could check API in FNDN document)

We will add fmgr_router_static module once the static router APIs are supported in FNDN document.

Best regards,
Xinwei

@jpforcioli
Copy link

Hi,

In the mean time you will have to use the fmgr_generic module with a url similar to /pm/config/device/{device}/vdom/{vdom}/router/static.

BR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@patrickpreuss @jpforcioli @dux-fortinet