| source: | fortios_system_settings.py |
|---|---|
| orphan: |
.. versionadded:: 2.0.0
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and settings category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
The below requirements are needed on the host that executes this module.
- ansible>=2.9
Using member operation to add an element to an existing object.
v6.0.0 |
v6.0.5 |
v6.0.11 |
v6.2.0 |
v6.2.3 |
v6.2.5 |
v6.2.7 |
v6.4.0 |
v6.4.1 |
v6.4.4 |
v7.0.0 |
v7.0.1 |
v7.0.2 |
v7.0.3 |
v7.0.4 |
v7.0.5 |
v7.0.6 |
v7.0.7 |
v7.0.8 |
v7.0.12 |
v7.2.0 |
v7.2.1 |
v7.2.2 |
v7.2.4 |
v7.4.0 |
|
| fortios_system_settings | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
- access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
- member_path - Member attribute path to operate on. type: str
- member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
- system_settings - Configure VDOM settings. type: dict
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0system_settings yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - allow_linkdown_path - Enable/disable link down path. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0allow_linkdown_path yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - allow_subnet_overlap - Enable/disable allowing interface subnets to use overlapping IP addresses. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0allow_subnet_overlap yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - application_bandwidth_tracking - Enable/disable application bandwidth tracking. type: str choices: disable, enable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0application_bandwidth_tracking no no no no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - asymroute - Enable/disable IPv4 asymmetric routing. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0asymroute yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - asymroute_icmp - Enable/disable ICMP asymmetric routing. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0asymroute_icmp yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - asymroute6 - Enable/disable asymmetric IPv6 routing. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0asymroute6 yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - asymroute6_icmp - Enable/disable asymmetric ICMPv6 routing. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0asymroute6_icmp yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - auxiliary_session - Enable/disable auxiliary session. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0auxiliary_session no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - bfd - Enable/disable Bi-directional Forwarding Detection (BFD) on all interfaces. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0bfd yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - bfd_desired_min_tx - BFD desired minimal transmit interval (1 - 100000 ms). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0bfd_desired_min_tx yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - bfd_detect_mult - BFD detection multiplier (1 - 50). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0bfd_detect_mult yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - bfd_dont_enforce_src_port - Enable to not enforce verifying the source port of BFD Packets. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0bfd_dont_enforce_src_port yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - bfd_required_min_rx - BFD required minimal receive interval (1 - 100000 ms). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0bfd_required_min_rx yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - block_land_attack - Enable/disable blocking of land attacks. type: str choices: disable, enable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0block_land_attack yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - central_nat - Enable/disable central NAT. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0central_nat yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - comments - VDOM comments. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0comments yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - compliance_check - Enable/disable PCI DSS compliance checking. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11compliance_check yes yes yes [enable] yes yes yes [disable] yes yes yes - consolidated_firewall_mode - Consolidated firewall mode. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7consolidated_firewall_mode no no no yes yes yes yes [enable] n/a n/a n/a yes yes yes yes [disable] n/a n/a n/a yes yes yes yes - default_app_port_as_service - Enable/disable policy service enforcement based on application default ports. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0default_app_port_as_service no no no no no no no no no no no no no no no no no no no no yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes - default_policy_expiry_days - Default policy expiry in days (0 - 365 days). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0default_policy_expiry_days no no no no no no no no no no no no no no no no no no no no yes yes yes yes yes - default_voip_alg_mode - Configure how the FortiGate handles VoIP traffic when a policy that accepts the traffic doesn"t include a VoIP profile. type: str choices: proxy-based, kernel-helper-based
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0default_voip_alg_mode yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [proxy-based] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [kernel-helper-based] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - deny_tcp_with_icmp - Enable/disable denying TCP by sending an ICMP communication prohibited packet. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0deny_tcp_with_icmp yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - detect_unknown_esp - Enable/disable detection of unknown ESP packets . type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0detect_unknown_esp no no no no no no no no no no no no no no no no no no no no no no no yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes - device - Interface to use for management access for NAT mode. Source system.interface.name. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0device yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - dhcp_proxy - Enable/disable the DHCP Proxy. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0dhcp_proxy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - dhcp_proxy_interface - Specify outgoing interface to reach server. Source system.interface.name. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0dhcp_proxy_interface no no no yes no yes yes yes no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - dhcp_proxy_interface_select_method - Specify how to select outgoing interface to reach server. type: str choices: auto, sdwan, specify
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0dhcp_proxy_interface_select_method no no no yes no yes yes yes no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [auto] n/a n/a n/a yes n/a yes yes yes n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [sdwan] n/a n/a n/a yes n/a yes yes yes n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [specify] n/a n/a n/a yes n/a yes yes yes n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - dhcp_server_ip - DHCP Server IPv4 address. type: list
- dhcp6_server_ip - DHCPv6 server IPv6 address. type: list
- discovered_device_timeout - Timeout for discovered devices (1 - 365 days). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0discovered_device_timeout yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - dyn_addr_session_check - Enable/disable dirty session check caused by dynamic address updates. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0dyn_addr_session_check no no no no no no no no no no no no no no no no no no no no no yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes - ecmp_max_paths - Maximum number of Equal Cost Multi-Path (ECMP) next-hops. Set to 1 to disable ECMP routing (1 - 255). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ecmp_max_paths yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - email_portal_check_dns - Enable/disable using DNS to validate email addresses collected by a captive portal. type: str choices: disable, enable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0email_portal_check_dns yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - ext_resource_session_check - Enable/disable dirty session check caused by external resource updates. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ext_resource_session_check no no no no no no no no no no no no no no no no no no no no no yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes - firewall_session_dirty - Select how to manage sessions affected by firewall policy configuration changes. type: str choices: check-all, check-new, check-policy-option
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0firewall_session_dirty yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [check-all] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [check-new] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [check-policy-option] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - fqdn_session_check - Enable/disable dirty session check caused by FQDN updates. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0fqdn_session_check no no no no no no no no no no no no no no no no no no no no no yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes - fw_session_hairpin - Enable/disable checking for a matching policy each time hairpin traffic goes through the FortiGate. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0fw_session_hairpin yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gateway - Transparent mode IPv4 default gateway IP address. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gateway yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gateway6 - Transparent mode IPv4 default gateway IP address. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gateway6 yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gtp_asym_fgsp - Enable/disable GTP asymmetric traffic handling on FGSP. type: str choices: disable, enable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4gtp_asym_fgsp no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes no yes yes yes yes [disable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes n/a yes yes yes yes [enable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes n/a yes yes yes yes - gtp_monitor_mode - Enable/disable GTP monitor mode (VDOM level). type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4gtp_monitor_mode no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes no yes yes yes yes [enable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes n/a yes yes yes yes [disable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes n/a yes yes yes yes - gui_advanced_policy - Enable/disable advanced policy configuration on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_advanced_policy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_advanced_wireless_features - Enable/disable advanced wireless features in GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_advanced_wireless_features no no no no no no no no no no no no no no no no no no no no no yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes - gui_allow_unnamed_policy - Enable/disable the requirement for policy naming on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_allow_unnamed_policy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_antivirus - Enable/disable AntiVirus on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_antivirus yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_ap_profile - Enable/disable FortiAP profiles on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_ap_profile yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_application_control - Enable/disable application control on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_application_control yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_default_policy_columns - Default columns to display for policy lists on GUI. type: list member_path: gui_default_policy_columns:name
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_default_policy_columns yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - name - Select column name. type: str required: true
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0name yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_dhcp_advanced - Enable/disable advanced DHCP options on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_dhcp_advanced yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_dlp - Enable/disable DLP on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11gui_dlp yes yes yes [enable] yes yes yes [disable] yes yes yes - gui_dlp_profile - Enable/disable Data Leak Prevention on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_dlp_profile no no no no no no no no no no no no no no no no no no no no no no no yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes - gui_dns_database - Enable/disable DNS database settings on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_dns_database yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_dnsfilter - Enable/disable DNS Filtering on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_dnsfilter yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_domain_ip_reputation - Enable/disable Domain and IP Reputation on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1gui_domain_ip_reputation yes yes yes yes yes yes yes no yes [enable] yes yes yes yes yes yes yes n/a yes [disable] yes yes yes yes yes yes yes n/a yes - gui_dos_policy - Enable/disable DoS policies on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_dos_policy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_dynamic_device_os_id - Enable/disable Create dynamic addresses to manage known devices. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_dynamic_device_os_id no no no no no no no no no no no no no no no no no no no no no no no no yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes - gui_dynamic_profile_display - Enable/disable RADIUS Single Sign On (RSSO) on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1gui_dynamic_profile_display yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes - gui_dynamic_routing - Enable/disable dynamic routing on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_dynamic_routing yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_email_collection - Enable/disable email collection on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_email_collection yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_endpoint_control - Enable/disable endpoint control on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4gui_endpoint_control yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_endpoint_control_advanced - Enable/disable advanced endpoint control options on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4gui_endpoint_control_advanced yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_enforce_change_summary - Enforce change summaries for select tables in the GUI. type: str choices: disable, require, optional
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_enforce_change_summary no no no no no no no no no no no no no no no no no no no no yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes [require] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes [optional] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes - gui_explicit_proxy - Enable/disable the explicit proxy on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_explicit_proxy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_file_filter - Enable/disable File-filter on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_file_filter no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_fortiap_split_tunneling - Enable/disable FortiAP split tunneling on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_fortiap_split_tunneling yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_fortiextender_controller - Enable/disable FortiExtender on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_fortiextender_controller yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_icap - Enable/disable ICAP on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_icap yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_implicit_policy - Enable/disable implicit firewall policies on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_implicit_policy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_ips - Enable/disable IPS on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_ips yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_load_balance - Enable/disable server load balancing on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_load_balance yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_local_in_policy - Enable/disable Local-In policies on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_local_in_policy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_local_reports - Enable/disable local reports on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2gui_local_reports yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_multicast_policy - Enable/disable multicast firewall policies on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_multicast_policy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_multiple_interface_policy - Enable/disable adding multiple interfaces to a policy on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_multiple_interface_policy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_multiple_utm_profiles - Enable/disable multiple UTM profiles on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1gui_multiple_utm_profiles yes yes yes yes yes yes yes no yes [enable] yes yes yes yes yes yes yes n/a yes [disable] yes yes yes yes yes yes yes n/a yes - gui_nat46_64 - Enable/disable NAT46 and NAT64 settings on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0gui_nat46_64 yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes - gui_object_colors - Enable/disable object colors on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_object_colors yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_ot - Enable/disable Operational technology features on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_ot no no no no no no no no no no no no no no no no no no no no yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes - gui_per_policy_disclaimer - Enable/disable policy disclaimer on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7gui_per_policy_disclaimer no no no yes yes yes yes [enable] n/a n/a n/a yes yes yes yes [disable] n/a n/a n/a yes yes yes yes - gui_policy_based_ipsec - Enable/disable policy-based IPsec VPN on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_policy_based_ipsec yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_policy_disclaimer - Enable/disable policy disclaimer on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_policy_disclaimer no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_policy_learning - Enable/disable firewall policy learning mode on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11gui_policy_learning yes yes yes [enable] yes yes yes [disable] yes yes yes - gui_proxy_inspection - Enable/disable the proxy features on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_proxy_inspection no no no no no no no no no no no no no no no no no no no no no no no yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes - gui_replacement_message_groups - Enable/disable replacement message groups on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4gui_replacement_message_groups yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes - gui_route_tag_address_creation - Enable/disable route-tag addresses on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_route_tag_address_creation no no no no no no no no no no no no no no no no no no no no no no no no yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes - gui_security_profile_group - Enable/disable Security Profile Groups on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_security_profile_group no no no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_spamfilter - Enable/disable Antispam on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_spamfilter yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_sslvpn_personal_bookmarks - Enable/disable SSL-VPN personal bookmark management on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_sslvpn_personal_bookmarks yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_sslvpn_realms - Enable/disable SSL-VPN realms on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_sslvpn_realms yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_switch_controller - Enable/disable the switch controller on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_switch_controller yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_threat_weight - Enable/disable threat weight on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_threat_weight yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_traffic_shaping - Enable/disable traffic shaping on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_traffic_shaping yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_videofilter - Enable/disable Video filtering on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_videofilter no no no no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_voip_profile - Enable/disable VoIP profiles on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_voip_profile yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_vpn - Enable/disable VPN tunnels on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_vpn yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_waf_profile - Enable/disable Web Application Firewall on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_waf_profile yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_wan_load_balancing - Enable/disable SD-WAN on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_wan_load_balancing yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_wanopt_cache - Enable/disable WAN Optimization and Web Caching on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_wanopt_cache yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_webfilter - Enable/disable Web filtering on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_webfilter yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_webfilter_advanced - Enable/disable advanced web filtering on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_webfilter_advanced yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_wireless_controller - Enable/disable the wireless controller on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_wireless_controller yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - gui_ztna - Enable/disable Zero Trust Network Access features on the GUI. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0gui_ztna no no no no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - h323_direct_model - Enable/disable H323 direct model. type: str choices: disable, enable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0h323_direct_model no no no no no no no no no no no no no no yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes - http_external_dest - Offload HTTP traffic to FortiWeb or FortiCache. type: str choices: fortiweb, forticache
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0http_external_dest yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [fortiweb] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [forticache] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - ike_dn_format - Configure IKE ASN.1 Distinguished Name format conventions. type: str choices: with-space, no-space
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ike_dn_format yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [with-space] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [no-space] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - ike_policy_route - Enable/disable IKE Policy Based Routing (PBR). type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ike_policy_route no no no no no no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes - ike_port - UDP port for IKE/IPsec traffic . type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ike_port no no no no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - ike_quick_crash_detect - Enable/disable IKE quick crash detection (RFC 6290). type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ike_quick_crash_detect yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - ike_session_resume - Enable/disable IKEv2 session resumption (RFC 5723). type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ike_session_resume yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - implicit_allow_dns - Enable/disable implicitly allowing DNS traffic. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7implicit_allow_dns yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - inspection_mode - Inspection mode (proxy-based or flow-based). type: str choices: proxy, flow
more...
v6.0.0v6.0.5v6.0.11inspection_mode yes yes yes [proxy] yes yes yes [flow] yes yes yes - internet_service_database_cache - Enable/disable Internet Service database caching. type: str choices: disable, enable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0internet_service_database_cache no no no no no no no no no no no no no no no no no no no no no no no yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes - ip - IP address and netmask. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ip yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - ip6 - IPv6 address prefix for NAT mode. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ip6 yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - lan_extension_controller_addr - Controller IP address or FQDN to connect. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0lan_extension_controller_addr no no no no no no no no no no no no no no no no no no no no no yes yes yes yes - link_down_access - Enable/disable link down access traffic. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0link_down_access yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - lldp_reception - Enable/disable Link Layer Discovery Protocol (LLDP) reception for this VDOM or apply global settings to this VDOM. type: str choices: enable, disable, global
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0lldp_reception no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [global] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - lldp_transmission - Enable/disable Link Layer Discovery Protocol (LLDP) transmission for this VDOM or apply global settings to this VDOM. type: str choices: enable, disable, global
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0lldp_transmission yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [global] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - location_id - Local location ID in the form of an IPv4 address. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0location_id no no no no no no no no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - mac_ttl - Duration of MAC addresses in Transparent mode (300 - 8640000 sec). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0mac_ttl yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - manageip - Transparent mode IPv4 management IP address and netmask. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0manageip yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - manageip6 - Transparent mode IPv6 management IP address and netmask. type: str
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0manageip6 yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - multicast_forward - Enable/disable multicast forwarding. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0multicast_forward yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - multicast_skip_policy - Enable/disable allowing multicast traffic through the FortiGate without a policy check. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0multicast_skip_policy yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - multicast_ttl_notchange - Enable/disable preventing the FortiGate from changing the TTL for forwarded multicast packets. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0multicast_ttl_notchange yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - nat46_force_ipv4_packet_forwarding - Enable/disable mandatory IPv4 packet forwarding in NAT46. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0nat46_force_ipv4_packet_forwarding no no no no no no no no no no no no no no no no no no yes yes no yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes n/a yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes n/a yes yes yes yes - nat46_generate_ipv6_fragment_header - Enable/disable NAT46 IPv6 fragment header generation. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0nat46_generate_ipv6_fragment_header no no no no no no no no no no no no no no no no yes yes yes yes no yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes n/a yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes n/a yes yes yes yes - nat64_force_ipv6_packet_forwarding - Enable/disable mandatory IPv6 packet forwarding in NAT64. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0nat64_force_ipv6_packet_forwarding no no no no no no no no no no no no no no no no no no yes yes no yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes n/a yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes n/a yes yes yes yes - ngfw_mode - Next Generation Firewall (NGFW) mode. type: str choices: profile-based, policy-based
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ngfw_mode yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [profile-based] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [policy-based] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - opmode - Firewall operation mode (NAT or Transparent). type: str choices: nat, transparent
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0opmode yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [nat] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [transparent] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - pfcp_monitor_mode - Enable/disable PFCP monitor mode (VDOM level). type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4pfcp_monitor_mode no no no no no no no no no no no yes yes yes yes yes yes yes yes no yes yes yes yes [enable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes n/a yes yes yes yes [disable] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes yes yes yes n/a yes yes yes yes - prp_trailer_action - Enable/disable action to take on PRP trailer. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0prp_trailer_action yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - sccp_port - TCP port the SCCP proxy monitors for SCCP traffic (0 - 65535). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0sccp_port yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - sctp_session_without_init - Enable/disable SCTP session creation without SCTP INIT. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0sctp_session_without_init no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - ses_denied_traffic - Enable/disable including denied session in the session table. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0ses_denied_traffic yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - sip_expectation - Enable/disable the SIP kernel session helper to create an expectation for port 5060. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0sip_expectation no no no yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] n/a n/a n/a yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - sip_helper - Enable/disable the SIP session helper to process SIP sessions unless SIP sessions are accepted by the SIP application layer gateway (ALG). type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11sip_helper yes yes yes [enable] yes yes yes [disable] yes yes yes - sip_nat_trace - Enable/disable recording the original SIP source IP address when NAT is used. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0sip_nat_trace yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - sip_ssl_port - TCP port the SIP proxy monitors for SIP SSL/TLS traffic (0 - 65535). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0sip_ssl_port yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - sip_tcp_port - TCP port the SIP proxy monitors for SIP traffic (0 - 65535). type: list
- sip_udp_port - UDP port the SIP proxy monitors for SIP traffic (0 - 65535). type: list
- snat_hairpin_traffic - Enable/disable source NAT (SNAT) for hairpin traffic. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0snat_hairpin_traffic yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - ssl_ssh_profile - Profile for SSL/SSH inspection. Source firewall.ssl-ssh-profile.name. type: str
more...
v6.0.0v6.0.5v6.0.11ssl_ssh_profile yes yes yes - status - Enable/disable this VDOM. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0status yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - strict_src_check - Enable/disable strict source verification. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0strict_src_check yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - tcp_session_without_syn - Enable/disable allowing TCP session without SYN flags. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0tcp_session_without_syn yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - utf8_spam_tagging - Enable/disable converting antispam tags to UTF-8 for better non-ASCII character support. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0utf8_spam_tagging yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - v4_ecmp_mode - IPv4 Equal-cost multi-path (ECMP) routing and load balancing mode. type: str choices: source-ip-based, weight-based, usage-based, source-dest-ip-based
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0v4_ecmp_mode yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [source-ip-based] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [weight-based] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [usage-based] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [source-dest-ip-based] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - vdom_type - Vdom type (traffic, lan-extension or admin). type: str choices: traffic, lan-extension, admin
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0vdom_type no no no no no no no no no no no no no no no no no no no no yes yes yes yes yes [traffic] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes [lan-extension] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a no yes yes yes yes [admin] n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a n/a yes yes yes yes yes - vpn_stats_log - Enable/disable periodic VPN log statistics for one or more types of VPN. Separate names with a space. type: list choices: ipsec, pptp, l2tp, ssl
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0vpn_stats_log yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [ipsec] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [pptp] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [l2tp] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [ssl] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - vpn_stats_period - Period to send VPN log statistics (0 or 60 - 86400 sec). type: int
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0vpn_stats_period yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes - wccp_cache_engine - Enable/disable WCCP cache engine. type: str choices: enable, disable
more...
v6.0.0v6.0.5v6.0.11v6.2.0v6.2.3v6.2.5v6.2.7v6.4.0v6.4.1v6.4.4v7.0.0v7.0.1v7.0.2v7.0.3v7.0.4v7.0.5v7.0.6v7.0.7v7.0.8v7.0.12v7.2.0v7.2.1v7.2.2v7.2.4v7.4.0wccp_cache_engine yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes
Note
- Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure VDOM settings.
fortios_system_settings:
vdom: "{{ vdom }}"
system_settings:
allow_linkdown_path: "enable"
allow_subnet_overlap: "enable"
application_bandwidth_tracking: "disable"
asymroute: "enable"
asymroute_icmp: "enable"
asymroute6: "enable"
asymroute6_icmp: "enable"
auxiliary_session: "enable"
bfd: "enable"
bfd_desired_min_tx: "250"
bfd_detect_mult: "3"
bfd_dont_enforce_src_port: "enable"
bfd_required_min_rx: "250"
block_land_attack: "disable"
central_nat: "enable"
comments: "<your_own_value>"
compliance_check: "enable"
consolidated_firewall_mode: "enable"
default_app_port_as_service: "enable"
default_policy_expiry_days: "30"
default_voip_alg_mode: "proxy-based"
deny_tcp_with_icmp: "enable"
detect_unknown_esp: "enable"
device: "<your_own_value> (source system.interface.name)"
dhcp_proxy: "enable"
dhcp_proxy_interface: "<your_own_value> (source system.interface.name)"
dhcp_proxy_interface_select_method: "auto"
dhcp_server_ip: "<your_own_value>"
dhcp6_server_ip: "<your_own_value>"
discovered_device_timeout: "28"
dyn_addr_session_check: "enable"
ecmp_max_paths: "255"
email_portal_check_dns: "disable"
ext_resource_session_check: "enable"
firewall_session_dirty: "check-all"
fqdn_session_check: "enable"
fw_session_hairpin: "enable"
gateway: "<your_own_value>"
gateway6: "<your_own_value>"
gtp_asym_fgsp: "disable"
gtp_monitor_mode: "enable"
gui_advanced_policy: "enable"
gui_advanced_wireless_features: "enable"
gui_allow_unnamed_policy: "enable"
gui_antivirus: "enable"
gui_ap_profile: "enable"
gui_application_control: "enable"
gui_default_policy_columns:
-
name: "default_name_51"
gui_dhcp_advanced: "enable"
gui_dlp: "enable"
gui_dlp_profile: "enable"
gui_dns_database: "enable"
gui_dnsfilter: "enable"
gui_domain_ip_reputation: "enable"
gui_dos_policy: "enable"
gui_dynamic_device_os_id: "enable"
gui_dynamic_profile_display: "enable"
gui_dynamic_routing: "enable"
gui_email_collection: "enable"
gui_endpoint_control: "enable"
gui_endpoint_control_advanced: "enable"
gui_enforce_change_summary: "disable"
gui_explicit_proxy: "enable"
gui_file_filter: "enable"
gui_fortiap_split_tunneling: "enable"
gui_fortiextender_controller: "enable"
gui_icap: "enable"
gui_implicit_policy: "enable"
gui_ips: "enable"
gui_load_balance: "enable"
gui_local_in_policy: "enable"
gui_local_reports: "enable"
gui_multicast_policy: "enable"
gui_multiple_interface_policy: "enable"
gui_multiple_utm_profiles: "enable"
gui_nat46_64: "enable"
gui_object_colors: "enable"
gui_ot: "enable"
gui_per_policy_disclaimer: "enable"
gui_policy_based_ipsec: "enable"
gui_policy_disclaimer: "enable"
gui_policy_learning: "enable"
gui_proxy_inspection: "enable"
gui_replacement_message_groups: "enable"
gui_route_tag_address_creation: "enable"
gui_security_profile_group: "enable"
gui_spamfilter: "enable"
gui_sslvpn_personal_bookmarks: "enable"
gui_sslvpn_realms: "enable"
gui_switch_controller: "enable"
gui_threat_weight: "enable"
gui_traffic_shaping: "enable"
gui_videofilter: "enable"
gui_voip_profile: "enable"
gui_vpn: "enable"
gui_waf_profile: "enable"
gui_wan_load_balancing: "enable"
gui_wanopt_cache: "enable"
gui_webfilter: "enable"
gui_webfilter_advanced: "enable"
gui_wireless_controller: "enable"
gui_ztna: "enable"
h323_direct_model: "disable"
http_external_dest: "fortiweb"
ike_dn_format: "with-space"
ike_policy_route: "enable"
ike_port: "500"
ike_quick_crash_detect: "enable"
ike_session_resume: "enable"
implicit_allow_dns: "enable"
inspection_mode: "proxy"
internet_service_database_cache: "disable"
ip: "<your_own_value>"
ip6: "<your_own_value>"
lan_extension_controller_addr: "<your_own_value>"
link_down_access: "enable"
lldp_reception: "enable"
lldp_transmission: "enable"
location_id: "<your_own_value>"
mac_ttl: "300"
manageip: "<your_own_value>"
manageip6: "<your_own_value>"
multicast_forward: "enable"
multicast_skip_policy: "enable"
multicast_ttl_notchange: "enable"
nat46_force_ipv4_packet_forwarding: "enable"
nat46_generate_ipv6_fragment_header: "enable"
nat64_force_ipv6_packet_forwarding: "enable"
ngfw_mode: "profile-based"
opmode: "nat"
pfcp_monitor_mode: "enable"
prp_trailer_action: "enable"
sccp_port: "2000"
sctp_session_without_init: "enable"
ses_denied_traffic: "enable"
sip_expectation: "enable"
sip_helper: "enable"
sip_nat_trace: "enable"
sip_ssl_port: "5061"
sip_tcp_port: "<your_own_value>"
sip_udp_port: "<your_own_value>"
snat_hairpin_traffic: "enable"
ssl_ssh_profile: "<your_own_value> (source firewall.ssl-ssh-profile.name)"
status: "enable"
strict_src_check: "enable"
tcp_session_without_syn: "enable"
utf8_spam_tagging: "enable"
v4_ecmp_mode: "source-ip-based"
vdom_type: "traffic"
vpn_stats_log: "ipsec"
vpn_stats_period: "600"
wccp_cache_engine: "enable"
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortigate image returned: always type: str sample: 1547
- http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
- http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
- mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
- name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
- path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
- revision - Internal revision number returned: always type: str sample: 17.0.2.10658
- serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
- status - Indication of the operation's result returned: always type: str sample: success
- vdom - Virtual domain used returned: always type: str sample: root
- version - Version of the FortiGate returned: always type: str sample: v5.6.3
- This module is not guaranteed to have a backwards compatible interface.
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Hongbin Lu (@fgtdev-hblu)
- Frank Shen (@frankshen01)
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
Hint
If you notice any issues in this documentation, you can create a pull request to improve it.