Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configure system zone return error when try to attach to interface. #39

Closed
lvrfrc87 opened this issue Jul 21, 2020 · 3 comments
Closed

Configure system zone return error when try to attach to interface. #39

lvrfrc87 opened this issue Jul 21, 2020 · 3 comments

Comments

@lvrfrc87
Copy link

I am trying to configure a security zone and attach to an existing interface. I can create only the security zone successful. When I try to attach the security zone to and existing and available interface, I get Error in repo. From GUI I can successfully configure zone and attach to interface.

      - name: CONFIG | Configure security zone.
        fortios_system_zone:
          host: "{{ inventory_hostname }}"
          username: "{{ username }}"
          password: "{{ password }}"
          vdom:  "BLUE"
          state: "{{ state }}"
          ssl_verify: "{{ ssl_verify }}"
          system_zone:
            interface:
              - interface_name: "b_t666_vl1666"
            name: "z_blue_t666"

return:

TASK [CONFIG | Configure security zone.] ***************************************
fatal: [fw1a_prd_r3b15_ams7.nee.tmcs]: FAILED! => {
    "changed": false,
    "meta": {
        "build": 1637,
        "error": -5,
        "http_method": "POST",
        "http_status": 500,
        "name": "zone",
        "path": "system",
        "revision": "e47aa13fdc1bc94ad77fbbf3a6ed9bea",
        "revision_changed": false,
        "serial": "FGT31D3Z15800162",
        "status": "error",
        "vdom": "BLUE",
        "version": "v6.4.1"
    }
}

MSG:

Error in repo

Screenshot 2020-07-21 at 16 49 46
@lvrfrc87 lvrfrc87 changed the title Confiure system zone return error when try to attach to interface. Configure system zone return error when try to attach to interface. Jul 21, 2020
@JieX19
Copy link

JieX19 commented Jul 21, 2020

Hi @lvrfrc87,

I noticed you used the old ansible modules not Fortios Galaxy Collection. Could you try the following playbook with Fortios Galaxy Collection?

It works perfectly for my testbed of 6.0.0 and 6.2.3.

- hosts: fortigates
  connection: httpapi
  collections:
    - fortinet.fortios
  vars:
    ansible_httpapi_use_ssl: yes
    ansible_httpapi_validate_certs: no
    ansible_httpapi_port: 443
    vdom: "root"
  tasks:
  - name: Configure security zone
    fortios_system_zone:
      vdom: "{{ vdom }}"
      state: "present"
      system_zone:
        interface:
          - interface_name: "port1"
        name: "zone_test"

Please let me know if you have any questions.
Thanks,
Jie

@lvrfrc87
Copy link
Author

Even with collection, is not working. Is becoming very difficult to work with this module if the only error returned is Error in repo

---
- hosts: fws
  connection: httpapi
  collections:
    - fortinet.fortios

  vars:
    username: !vault |
      $ANSIBLE_VAULT;1.1;AES256
      31323332653735633132626163393139393535653832623161653266343137636264316339313263
      3934343661616435303265663536346164366130316134630a353863663232366265653634303666
      39643036386630383638616161663637613162343539353937356564643765353839663233656332
      6663373032326366380a666335386234623863663335623337663433653462383165396337356639
      6261
    password: !vault |
      $ANSIBLE_VAULT;1.1;AES256
      66326233326234313662393931323963666665326631653666643736636332643631316530323764
      3263656430643536346366333065613463303632626265310a333832326137636633663236336465
      30626339353938393662623132333963303961306433656466326634386263366231363261613332
      3265613362313633630a356563363363396361353430633862646362303033336636326239613564
      31363131663030386361633534663965373161663936353061366339396535633939
    vdom: 'root'
    ssl_verify: false
    state: 'present'

  tasks:
    - name: CONFIG | Configure security zone.
      fortios_system_zone:
        host: "{{ inventory_hostname }}"
        username: "{{ username }}"
        password: "{{ password }}"
        vdom:  "BLUE"
        state: "{{ state }}"
        ssl_verify: "{{ ssl_verify }}"
        system_zone:
          interface:
            - interface_name: "core_blue_transit_v1666"
          name: "z_blue_t666"

TASK [CONFIG | Configure security zone.] ***************************************
fatal: [fw1a_prd_r3b15_ams7.nee.tmcs]: FAILED! => {
    "changed": false,
    "meta": {
        "build": 1637,
        "error": -3,
        "http_method": "POST",
        "http_status": 500,
        "name": "zone",
        "path": "system",
        "revision": "529f43721407f274dd4f5b1fe9ab4589",
        "revision_changed": false,
        "serial": "FGT31D3Z15800162",
        "status": "error",
        "vdom": "BLUE",
        "version": "v6.4.1"
    }
}

MSG:

Error in repo

@lvrfrc87
Copy link
Author

I will raise this with Fortigate support. Thanks for your help anyway

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lvrfrc87 @JieX19