source:	fortios_system_interface.py
orphan:

fortios_system_interface -- Configure interfaces in Fortinet's FortiOS and FortiGate.

.. versionadded:: 2.0.0

Synopsis
Requirements
Tips
FortiOS Version Compatibility
Parameters
Notes
Examples
Return Values
Status
Authors

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and interface category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

ansible>=2.14

Tips

Using member operation to add an element to an existing object.

FortiOS Version Compatibility

	Supported Version Ranges
fortios_system_interface	`v6.0.0 -> latest`

Parameters

access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
enable_log - Enable/Disable logging for task. type: bool required: false default: False
vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
member_path - Member attribute path to operate on. type: str
member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
system_interface - Configure interfaces. type: dict more...

Supported Version Ranges

system_interface v6.0.0 -> latest

ac_name - PPPoE server name. type: str more...

Supported Version Ranges

ac_name v6.0.0 -> latest
aggregate - Aggregate interface. type: str more...

Supported Version Ranges

aggregate v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
aggregate_type - Type of aggregation. type: str choices: physical, vxlan more...

Supported Version Ranges

aggregate_type v7.2.1 -> latest

[physical] v6.0.0 -> latest
[vxlan] v6.0.0 -> latest
algorithm - Frame distribution algorithm. type: str choices: L2, L3, L4, Source-MAC more...

Supported Version Ranges

algorithm v6.0.0 -> latest

[L2] v6.0.0 -> latest
[L3] v6.0.0 -> latest
[L4] v6.0.0 -> latest
[Source-MAC] v7.2.1 -> latest
alias - Alias will be displayed with the interface name to make it easier to distinguish. type: str more...

Supported Version Ranges

alias v6.0.0 -> latest

allowaccess - Permitted types of management access to this interface. type: list choices: ping, https, ssh, snmp, http, telnet, fgfm, radius-acct, probe-response, fabric, ftm, speed-test, capwap more...

	Supported Version Ranges
allowaccess	`v6.0.0 -> latest`
[ping]	`v6.0.0 -> latest`
[https]	`v6.0.0 -> latest`
[ssh]	`v6.0.0 -> latest`
[snmp]	`v6.0.0 -> latest`
[http]	`v6.0.0 -> latest`
[telnet]	`v6.0.0 -> latest`
[fgfm]	`v6.0.0 -> latest`
[radius-acct]	`v6.0.0 -> latest`
[probe-response]	`v6.0.0 -> latest`
[fabric]	`v6.2.0 -> latest`
[ftm]	`v6.0.0 -> latest`
[speed-test]	`v7.0.1 -> latest`
[capwap]	`v6.0.0 -> v6.0.11`

ap_discover - Enable/disable automatic registration of unknown FortiAP devices. type: str choices: enable, disable more...

Supported Version Ranges

ap_discover v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
arpforward - Enable/disable ARP forwarding. type: str choices: enable, disable more...

Supported Version Ranges

arpforward v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
auth_cert - HTTPS server certificate. Source vpn.certificate.local.name. type: str more...

Supported Version Ranges

auth_cert v7.0.4 -> latest
auth_portal_addr - Address of captive portal. type: str more...

Supported Version Ranges

auth_portal_addr v7.0.4 -> latest
auth_type - PPP authentication type to use. type: str choices: auto, pap, chap, mschapv1, mschapv2 more...

Supported Version Ranges

auth_type v6.0.0 -> latest

[auto] v6.0.0 -> latest
[pap] v6.0.0 -> latest
[chap] v6.0.0 -> latest
[mschapv1] v6.0.0 -> latest
[mschapv2] v6.0.0 -> latest
auto_auth_extension_device - Enable/disable automatic authorization of dedicated Fortinet extension device on this interface. type: str choices: enable, disable more...

Supported Version Ranges

auto_auth_extension_device v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
bandwidth_measure_time - Bandwidth measure time. type: int more...

Supported Version Ranges

bandwidth_measure_time v6.4.0 -> latest
bfd - Bidirectional Forwarding Detection (BFD) settings. type: str choices: global, enable, disable more...

Supported Version Ranges

bfd v6.0.0 -> latest

[global] v6.0.0 -> latest
[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
bfd_desired_min_tx - BFD desired minimal transmit interval. type: int more...

Supported Version Ranges

bfd_desired_min_tx v6.0.0 -> latest
bfd_detect_mult - BFD detection multiplier. type: int more...

Supported Version Ranges

bfd_detect_mult v6.0.0 -> latest
bfd_required_min_rx - BFD required minimal receive interval. type: int more...

Supported Version Ranges

bfd_required_min_rx v6.0.0 -> latest
broadcast_forticlient_discovery - Enable/disable broadcasting FortiClient discovery messages. type: str choices: enable, disable more...

Supported Version Ranges

broadcast_forticlient_discovery v6.0.0 -> v6.2.7

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
broadcast_forward - Enable/disable broadcast forwarding. type: str choices: enable, disable more...

Supported Version Ranges

broadcast_forward v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
captive_portal - Enable/disable captive portal. type: int more...

Supported Version Ranges

captive_portal v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3
cli_conn_status - CLI connection status. type: int more...

Supported Version Ranges

cli_conn_status v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
client_options - DHCP client options. type: list member_path: client_options:id more...

Supported Version Ranges

client_options v6.4.0 -> latest

code - DHCP client option code. type: int more...

Supported Version Ranges

code v6.4.0 -> latest
id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.4.0 -> latest
ip - DHCP option IPs. type: list
type - DHCP client option type. type: str choices: hex, string, ip, fqdn more...

Supported Version Ranges

type v6.4.0 -> latest

[hex] v6.0.0 -> latest
[string] v6.0.0 -> latest
[ip] v6.0.0 -> latest
[fqdn] v6.0.0 -> latest
value - DHCP client option value. type: str more...

Supported Version Ranges

value v6.4.0 -> latest

color - Color of icon on the GUI. type: int more...

Supported Version Ranges

color v6.0.0 -> latest
dedicated_to - Configure interface for single purpose. type: str choices: none, management more...

Supported Version Ranges

dedicated_to v6.0.0 -> latest

[none] v6.0.0 -> latest
[management] v6.0.0 -> latest

default_purdue_level - default purdue level of device detected on this interface. type: str choices: 1, 1.5, 2, 2.5, 3, 3.5, 4, 5, 5.5 more...

	Supported Version Ranges
default_purdue_level	`v7.4.0 -> latest`
[1]	`v6.0.0 -> latest`
[1.5]	`v6.0.0 -> latest`
[2]	`v6.0.0 -> latest`
[2.5]	`v6.0.0 -> latest`
[3]	`v6.0.0 -> latest`
[3.5]	`v6.0.0 -> latest`
[4]	`v6.0.0 -> latest`
[5]	`v6.0.0 -> latest`
[5.5]	`v6.0.0 -> latest`

defaultgw - Enable to get the gateway IP from the DHCP or PPPoE server. type: str choices: enable, disable more...

Supported Version Ranges

defaultgw v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
description - Description. type: str more...

Supported Version Ranges

description v6.0.0 -> latest
detected_peer_mtu - MTU of detected peer (0 - 4294967295). type: int more...

Supported Version Ranges

detected_peer_mtu v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
detectprotocol - Protocols used to detect the server. type: list choices: ping, tcp-echo, udp-echo more...

Supported Version Ranges

detectprotocol v6.0.0 -> latest

[ping] v6.0.0 -> latest
[tcp-echo] v6.0.0 -> latest
[udp-echo] v6.0.0 -> latest
detectserver - Gateway"s ping server for this IP. type: str more...

Supported Version Ranges

detectserver v6.0.0 -> latest
device_access_list - Device access list. type: str more...

Supported Version Ranges

device_access_list v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3
device_identification - Enable/disable passively gathering of device identity information about the devices on the network connected to this interface. type: str choices: enable, disable more...

Supported Version Ranges

device_identification v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
device_identification_active_scan - Enable/disable active gathering of device identity information about the devices on the network connected to this interface. type: str choices: enable, disable more...

Supported Version Ranges

device_identification_active_scan v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
device_netscan - Enable/disable inclusion of devices detected on this interface in network vulnerability scans. type: str choices: disable, enable more...

Supported Version Ranges

device_netscan v6.0.0 -> v6.0.11

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
device_user_identification - Enable/disable passive gathering of user identity information about users on this interface. type: str choices: enable, disable more...

Supported Version Ranges

device_user_identification v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
devindex - Device Index. type: int more...

Supported Version Ranges

devindex v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
dhcp_broadcast_flag - Enable/disable setting of the broadcast flag in messages sent by the DHCP client . type: str choices: disable, enable more...

Supported Version Ranges

dhcp_broadcast_flag v7.4.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
dhcp_classless_route_addition - Enable/disable addition of classless static routes retrieved from DHCP server. type: str choices: enable, disable more...

Supported Version Ranges

dhcp_classless_route_addition v7.0.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dhcp_client_identifier - DHCP client identifier. type: str more...

Supported Version Ranges

dhcp_client_identifier v6.0.0 -> latest
dhcp_relay_agent_option - Enable/disable DHCP relay agent option. type: str choices: enable, disable more...

Supported Version Ranges

dhcp_relay_agent_option v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dhcp_relay_circuit_id - DHCP relay circuit ID. type: str more...

Supported Version Ranges

dhcp_relay_circuit_id v7.4.1 -> latest
dhcp_relay_interface - Specify outgoing interface to reach server. Source system.interface.name. type: str more...

Supported Version Ranges

dhcp_relay_interface v6.2.0 -> v6.2.0 v6.2.5 -> v6.4.0 v6.4.4 -> latest
dhcp_relay_interface_select_method - Specify how to select outgoing interface to reach server. type: str choices: auto, sdwan, specify more...

Supported Version Ranges

dhcp_relay_interface_select_method v6.2.0 -> v6.2.0 v6.2.5 -> v6.4.0 v6.4.4 -> latest

[auto] v6.0.0 -> latest
[sdwan] v6.0.0 -> latest
[specify] v6.0.0 -> latest
dhcp_relay_ip - DHCP relay IP address. type: list
dhcp_relay_link_selection - DHCP relay link selection. type: str more...

Supported Version Ranges

dhcp_relay_link_selection v7.0.4 -> latest
dhcp_relay_request_all_server - Enable/disable sending of DHCP requests to all servers. type: str choices: disable, enable more...

Supported Version Ranges

dhcp_relay_request_all_server v7.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
dhcp_relay_service - Enable/disable allowing this interface to act as a DHCP relay. type: str choices: disable, enable more...

Supported Version Ranges

dhcp_relay_service v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
dhcp_relay_source_ip - IP address used by the DHCP relay as its source IP. type: str more...

Supported Version Ranges

dhcp_relay_source_ip v7.4.1 -> latest
dhcp_relay_type - DHCP relay type (regular or IPsec). type: str choices: regular, ipsec more...

Supported Version Ranges

dhcp_relay_type v6.0.0 -> latest

[regular] v6.0.0 -> latest
[ipsec] v6.0.0 -> latest
dhcp_renew_time - DHCP renew time in seconds (300-604800), 0 means use the renew time provided by the server. type: int more...

Supported Version Ranges

dhcp_renew_time v6.0.0 -> latest
dhcp_smart_relay - Enable/disable DHCP smart relay. type: str choices: disable, enable more...

Supported Version Ranges

dhcp_smart_relay v7.4.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
dhcp_snooping_server_list - Configure DHCP server access list. type: list member_path: dhcp_snooping_server_list:name more...

Supported Version Ranges

dhcp_snooping_server_list v7.0.1 -> latest

name - DHCP server name. type: str required: true more...

Supported Version Ranges

name v7.0.1 -> latest
server_ip - IP address for DHCP server. type: str more...

Supported Version Ranges

server_ip v7.0.1 -> latest

disc_retry_timeout - Time in seconds to wait before retrying to start a PPPoE discovery, 0 means no timeout. type: int more...

Supported Version Ranges

disc_retry_timeout v6.0.0 -> latest
disconnect_threshold - Time in milliseconds to wait before sending a notification that this interface is down or disconnected. type: int more...

Supported Version Ranges

disconnect_threshold v6.0.0 -> v7.4.0
distance - Distance for routes learned through PPPoE or DHCP, lower distance indicates preferred route. type: int more...

Supported Version Ranges

distance v6.0.0 -> latest
dns_server_override - Enable/disable use DNS acquired by DHCP or PPPoE. type: str choices: enable, disable more...

Supported Version Ranges

dns_server_override v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dns_server_protocol - DNS transport protocols. type: list choices: cleartext, dot, doh more...

Supported Version Ranges

dns_server_protocol v7.0.4 -> latest

[cleartext] v6.0.0 -> latest
[dot] v6.0.0 -> latest
[doh] v6.0.0 -> latest
drop_fragment - Enable/disable drop fragment packets. type: str choices: enable, disable more...

Supported Version Ranges

drop_fragment v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
drop_overlapped_fragment - Enable/disable drop overlapped fragment packets. type: str choices: enable, disable more...

Supported Version Ranges

drop_overlapped_fragment v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
eap_ca_cert - EAP CA certificate name. Source certificate.ca.name. type: str more...

Supported Version Ranges

eap_ca_cert v7.2.0 -> latest
eap_identity - EAP identity. type: str more...

Supported Version Ranges

eap_identity v7.2.0 -> latest
eap_method - EAP method. type: str choices: tls, peap more...

Supported Version Ranges

eap_method v7.2.0 -> latest

[tls] v6.0.0 -> latest
[peap] v6.0.0 -> latest
eap_password - EAP password. type: str more...

Supported Version Ranges

eap_password v7.2.0 -> latest
eap_supplicant - Enable/disable EAP-Supplicant. type: str choices: enable, disable more...

Supported Version Ranges

eap_supplicant v7.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
eap_user_cert - EAP user certificate name. Source certificate.local.name. type: str more...

Supported Version Ranges

eap_user_cert v7.2.0 -> latest

egress_cos - Override outgoing CoS in user VLAN tag. type: str choices: disable, cos0, cos1, cos2, cos3, cos4, cos5, cos6, cos7 more...

	Supported Version Ranges
egress_cos	`v6.4.0 -> v6.4.0`	`v7.2.0 -> v7.2.0`	`v7.4.0 -> latest`
[disable]	`v6.0.0 -> latest`
[cos0]	`v6.0.0 -> latest`
[cos1]	`v6.0.0 -> latest`
[cos2]	`v6.0.0 -> latest`
[cos3]	`v6.0.0 -> latest`
[cos4]	`v6.0.0 -> latest`
[cos5]	`v6.0.0 -> latest`
[cos6]	`v6.0.0 -> latest`
[cos7]	`v6.0.0 -> latest`

egress_queues - Configure queues of NP port on egress path. type: dict more...

Supported Version Ranges

egress_queues v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest

cos0 - CoS profile name for CoS 0. Source system.isf-queue-profile.name. type: str more...

Supported Version Ranges

cos0 v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest
cos1 - CoS profile name for CoS 1. Source system.isf-queue-profile.name. type: str more...

Supported Version Ranges

cos1 v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest
cos2 - CoS profile name for CoS 2. Source system.isf-queue-profile.name. type: str more...

Supported Version Ranges

cos2 v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest
cos3 - CoS profile name for CoS 3. Source system.isf-queue-profile.name. type: str more...

Supported Version Ranges

cos3 v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest
cos4 - CoS profile name for CoS 4. Source system.isf-queue-profile.name. type: str more...

Supported Version Ranges

cos4 v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest
cos5 - CoS profile name for CoS 5. Source system.isf-queue-profile.name. type: str more...

Supported Version Ranges

cos5 v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest
cos6 - CoS profile name for CoS 6. Source system.isf-queue-profile.name. type: str more...

Supported Version Ranges

cos6 v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest
cos7 - CoS profile name for CoS 7. Source system.isf-queue-profile.name. type: str more...

Supported Version Ranges

cos7 v6.4.0 -> v6.4.0 v7.2.0 -> v7.2.0 v7.4.0 -> latest

egress_shaping_profile - Outgoing traffic shaping profile. Source firewall.shaping-profile.profile-name. type: str more...

Supported Version Ranges

egress_shaping_profile v6.0.0 -> latest
endpoint_compliance - Enable/disable endpoint compliance enforcement. type: str choices: enable, disable more...

Supported Version Ranges

endpoint_compliance v6.0.0 -> v6.0.11

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
estimated_downstream_bandwidth - Estimated maximum downstream bandwidth (kbps). Used to estimate link utilization. type: int more...

Supported Version Ranges

estimated_downstream_bandwidth v6.0.0 -> latest
estimated_upstream_bandwidth - Estimated maximum upstream bandwidth (kbps). Used to estimate link utilization. type: int more...

Supported Version Ranges

estimated_upstream_bandwidth v6.0.0 -> latest
explicit_ftp_proxy - Enable/disable the explicit FTP proxy on this interface. type: str choices: enable, disable more...

Supported Version Ranges

explicit_ftp_proxy v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
explicit_web_proxy - Enable/disable the explicit web proxy on this interface. type: str choices: enable, disable more...

Supported Version Ranges

explicit_web_proxy v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
external - Enable/disable identifying the interface as an external interface (which usually means it"s connected to the Internet). type: str choices: enable, disable more...

Supported Version Ranges

external v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
fail_action_on_extender - Action on FortiExtender when interface fail. type: str choices: soft-restart, hard-restart, reboot more...

Supported Version Ranges

fail_action_on_extender v6.0.0 -> latest

[soft-restart] v6.0.0 -> latest
[hard-restart] v6.0.0 -> latest
[reboot] v6.0.0 -> latest
fail_alert_interfaces - Names of the FortiGate interfaces to which the link failure alert is sent. type: list member_path: fail_alert_interfaces:name more...

Supported Version Ranges

fail_alert_interfaces v6.0.0 -> latest

name - Names of the non-virtual interface. Source system.interface.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

fail_alert_method - Select link-failed-signal or link-down method to alert about a failed link. type: str choices: link-failed-signal, link-down more...

Supported Version Ranges

fail_alert_method v6.0.0 -> latest

[link-failed-signal] v6.0.0 -> latest
[link-down] v6.0.0 -> latest
fail_detect - Enable/disable fail detection features for this interface. type: str choices: enable, disable more...

Supported Version Ranges

fail_detect v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
fail_detect_option - Options for detecting that this interface has failed. type: list choices: detectserver, link-down more...

Supported Version Ranges

fail_detect_option v6.0.0 -> latest

[detectserver] v6.0.0 -> latest
[link-down] v6.0.0 -> latest
fortiheartbeat - Enable/disable FortiHeartBeat (FortiTelemetry on GUI). type: str choices: enable, disable more...

Supported Version Ranges

fortiheartbeat v6.0.0 -> v6.0.11

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
fortilink - Enable FortiLink to dedicate this interface to manage other Fortinet devices. type: str choices: enable, disable more...

Supported Version Ranges

fortilink v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
fortilink_backup_link - FortiLink split interface backup link. type: int more...

Supported Version Ranges

fortilink_backup_link v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
fortilink_neighbor_detect - Protocol for FortiGate neighbor discovery. type: str choices: lldp, fortilink more...

Supported Version Ranges

fortilink_neighbor_detect v6.2.0 -> latest

[lldp] v6.0.0 -> latest
[fortilink] v6.0.0 -> latest
fortilink_split_interface - Enable/disable FortiLink split interface to connect member link to different FortiSwitch in stack for uplink redundancy. type: str choices: enable, disable more...

Supported Version Ranges

fortilink_split_interface v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
fortilink_stacking - Enable/disable FortiLink switch-stacking on this interface. type: str choices: enable, disable more...

Supported Version Ranges

fortilink_stacking v6.0.0 -> v6.4.4

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
forward_domain - Transparent mode forward domain. type: int more...

Supported Version Ranges

forward_domain v6.0.0 -> latest
gi_gk - Enable/disable Gi Gatekeeper. type: str choices: enable, disable more...

Supported Version Ranges

gi_gk v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
gwdetect - Enable/disable detect gateway alive for first. type: str choices: enable, disable more...

Supported Version Ranges

gwdetect v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ha_priority - HA election priority for the PING server. type: int more...

Supported Version Ranges

ha_priority v6.0.0 -> latest
icmp_accept_redirect - Enable/disable ICMP accept redirect. type: str choices: enable, disable more...

Supported Version Ranges

icmp_accept_redirect v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
icmp_send_redirect - Enable/disable sending of ICMP redirects. type: str choices: enable, disable more...

Supported Version Ranges

icmp_send_redirect v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ident_accept - Enable/disable authentication for this interface. type: str choices: enable, disable more...

Supported Version Ranges

ident_accept v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
idle_timeout - PPPoE auto disconnect after idle timeout seconds, 0 means no timeout. type: int more...

Supported Version Ranges

idle_timeout v6.0.0 -> latest
ike_saml_server - Configure IKE authentication SAML server. Source user.saml.name. type: str more...

Supported Version Ranges

ike_saml_server v7.2.0 -> latest
inbandwidth - Bandwidth limit for incoming traffic (0 - 80000000 kbps), 0 means unlimited. type: int more...

Supported Version Ranges

inbandwidth v6.0.0 -> latest

ingress_cos - Override incoming CoS in user VLAN tag on VLAN interface or assign a priority VLAN tag on physical interface. type: str choices: disable, cos0, cos1, cos2, cos3, cos4, cos5, cos6, cos7 more...

	Supported Version Ranges
ingress_cos	`v6.4.0 -> v6.4.0`	`v7.2.0 -> v7.2.0`	`v7.4.0 -> latest`
[disable]	`v6.0.0 -> latest`
[cos0]	`v6.0.0 -> latest`
[cos1]	`v6.0.0 -> latest`
[cos2]	`v6.0.0 -> latest`
[cos3]	`v6.0.0 -> latest`
[cos4]	`v6.0.0 -> latest`
[cos5]	`v6.0.0 -> latest`
[cos6]	`v6.0.0 -> latest`
[cos7]	`v6.0.0 -> latest`

ingress_shaping_profile - Incoming traffic shaping profile. Source firewall.shaping-profile.profile-name. type: str more...

Supported Version Ranges

ingress_shaping_profile v6.2.0 -> latest
ingress_spillover_threshold - Ingress Spillover threshold (0 - 16776000 kbps), 0 means unlimited. type: int more...

Supported Version Ranges

ingress_spillover_threshold v6.0.0 -> latest
interface - Interface name. Source system.interface.name. type: str more...

Supported Version Ranges

interface v6.0.0 -> latest
internal - Implicitly created. type: int more...

Supported Version Ranges

internal v6.0.0 -> latest
ip - Interface IPv4 address and subnet mask, syntax: X.X.X.X/24. type: str more...

Supported Version Ranges

ip v6.0.0 -> latest
ip_managed_by_fortiipam - Enable/disable automatic IP address assignment of this interface by FortiIPAM. type: str choices: inherit-global, enable, disable more...

Supported Version Ranges

ip_managed_by_fortiipam v6.4.0 -> latest

[inherit-global] v7.4.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ipmac - Enable/disable IP/MAC binding. type: str choices: enable, disable more...

Supported Version Ranges

ipmac v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ips_sniffer_mode - Enable/disable the use of this interface as a one-armed sniffer. type: str choices: enable, disable more...

Supported Version Ranges

ips_sniffer_mode v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ipunnumbered - Unnumbered IP used for PPPoE interfaces for which no unique local address is provided. type: str more...

Supported Version Ranges

ipunnumbered v6.0.0 -> latest
ipv6 - IPv6 of interface. type: dict more...

Supported Version Ranges

ipv6 v6.0.0 -> latest

autoconf - Enable/disable address auto config. type: str choices: enable, disable more...

Supported Version Ranges

autoconf v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
cli_conn6_status - CLI IPv6 connection status. type: int more...

Supported Version Ranges

cli_conn6_status v7.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
dhcp6_client_options - DHCPv6 client options. type: list choices: rapid, iapd, iana more...

Supported Version Ranges

dhcp6_client_options v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0

[rapid] v6.0.0 -> latest
[iapd] v6.0.0 -> latest
[iana] v6.0.0 -> latest
dhcp6_iapd_list - DHCPv6 IA-PD list. type: list member_path: ipv6/dhcp6_iapd_list:iaid more...

Supported Version Ranges

dhcp6_iapd_list v7.0.2 -> latest

iaid - Identity association identifier. see Notes. type: int required: true more...

Supported Version Ranges

iaid v7.0.2 -> latest
prefix_hint - DHCPv6 prefix that will be used as a hint to the upstream DHCPv6 server. type: str more...

Supported Version Ranges

prefix_hint v7.0.2 -> latest
prefix_hint_plt - DHCPv6 prefix hint preferred life time (sec), 0 means unlimited lease time. type: int more...

Supported Version Ranges

prefix_hint_plt v7.0.2 -> latest
prefix_hint_vlt - DHCPv6 prefix hint valid life time (sec). type: int more...

Supported Version Ranges

prefix_hint_vlt v7.0.2 -> latest

dhcp6_information_request - Enable/disable DHCPv6 information request. type: str choices: enable, disable more...

Supported Version Ranges

dhcp6_information_request v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dhcp6_prefix_delegation - Enable/disable DHCPv6 prefix delegation. type: str choices: enable, disable more...

Supported Version Ranges

dhcp6_prefix_delegation v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dhcp6_prefix_hint - DHCPv6 prefix that will be used as a hint to the upstream DHCPv6 server. type: str more...

Supported Version Ranges

dhcp6_prefix_hint v6.0.0 -> v7.0.1
dhcp6_prefix_hint_plt - DHCPv6 prefix hint preferred life time (sec), 0 means unlimited lease time. type: int more...

Supported Version Ranges

dhcp6_prefix_hint_plt v6.0.0 -> v7.0.1
dhcp6_prefix_hint_vlt - DHCPv6 prefix hint valid life time (sec). type: int more...

Supported Version Ranges

dhcp6_prefix_hint_vlt v6.0.0 -> v7.0.1
dhcp6_relay_interface_id - DHCP6 relay interface ID. type: str more...

Supported Version Ranges

dhcp6_relay_interface_id v7.4.1 -> latest
dhcp6_relay_ip - DHCPv6 relay IP address. type: list
dhcp6_relay_service - Enable/disable DHCPv6 relay. type: str choices: disable, enable more...

Supported Version Ranges

dhcp6_relay_service v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
dhcp6_relay_source_interface - Enable/disable use of address on this interface as the source address of the relay message. type: str choices: disable, enable more...

Supported Version Ranges

dhcp6_relay_source_interface v7.2.4 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
dhcp6_relay_source_ip - IPv6 address used by the DHCP6 relay as its source IP. type: str more...

Supported Version Ranges

dhcp6_relay_source_ip v7.4.1 -> latest
dhcp6_relay_type - DHCPv6 relay type. type: str choices: regular more...

Supported Version Ranges

dhcp6_relay_type v6.0.0 -> latest

[regular] v6.0.0 -> latest
icmp6_send_redirect - Enable/disable sending of ICMPv6 redirects. type: str choices: enable, disable more...

Supported Version Ranges

icmp6_send_redirect v6.4.4 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
interface_identifier - IPv6 interface identifier. type: str more...

Supported Version Ranges

interface_identifier v6.4.0 -> latest
ip6_address - Primary IPv6 address prefix. Syntax: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx. type: str more...

Supported Version Ranges

ip6_address v6.0.0 -> latest

ip6_allowaccess - Allow management access to the interface. type: list choices: ping, https, ssh, snmp, http, telnet, fgfm, fabric, capwap more...

	Supported Version Ranges
ip6_allowaccess	`v6.0.0 -> latest`
[ping]	`v6.0.0 -> latest`
[https]	`v6.0.0 -> latest`
[ssh]	`v6.0.0 -> latest`
[snmp]	`v6.0.0 -> latest`
[http]	`v6.0.0 -> latest`
[telnet]	`v6.0.0 -> latest`
[fgfm]	`v6.0.0 -> latest`
[fabric]	`v6.2.0 -> latest`
[capwap]	`v6.0.0 -> v6.0.11`

ip6_default_life - Default life (sec). type: int more...

Supported Version Ranges

ip6_default_life v6.0.0 -> latest
ip6_delegated_prefix_iaid - IAID of obtained delegated-prefix from the upstream interface. type: int more...

Supported Version Ranges

ip6_delegated_prefix_iaid v7.0.2 -> latest
ip6_delegated_prefix_list - Advertised IPv6 delegated prefix list. type: list member_path: ipv6/ip6_delegated_prefix_list:prefix_id more...

Supported Version Ranges

ip6_delegated_prefix_list v6.0.0 -> latest

autonomous_flag - Enable/disable the autonomous flag. type: str choices: enable, disable more...

Supported Version Ranges

autonomous_flag v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
delegated_prefix_iaid - IAID of obtained delegated-prefix from the upstream interface. type: int more...

Supported Version Ranges

delegated_prefix_iaid v7.0.2 -> latest
onlink_flag - Enable/disable the onlink flag. type: str choices: enable, disable more...

Supported Version Ranges

onlink_flag v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
prefix_id - Prefix ID. see Notes. type: int required: true more...

Supported Version Ranges

prefix_id v6.0.0 -> latest
rdnss - Recursive DNS server option. type: list
rdnss_service - Recursive DNS service option. type: str choices: delegated, default, specify more...

Supported Version Ranges

rdnss_service v6.0.0 -> latest

[delegated] v6.0.0 -> latest
[default] v6.0.0 -> latest
[specify] v6.0.0 -> latest
subnet - Add subnet ID to routing prefix. type: str more...

Supported Version Ranges

subnet v6.0.0 -> latest
upstream_interface - Name of the interface that provides delegated information. Source system.interface.name. type: str more...

Supported Version Ranges

upstream_interface v6.0.0 -> latest

ip6_dns_server_override - Enable/disable using the DNS server acquired by DHCP. type: str choices: enable, disable more...

Supported Version Ranges

ip6_dns_server_override v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ip6_extra_addr - Extra IPv6 address prefixes of interface. type: list member_path: ipv6/ip6_extra_addr:prefix more...

Supported Version Ranges

ip6_extra_addr v6.0.0 -> latest

prefix - IPv6 address prefix. type: str required: true more...

Supported Version Ranges

prefix v6.0.0 -> latest

ip6_hop_limit - Hop limit (0 means unspecified). type: int more...

Supported Version Ranges

ip6_hop_limit v6.0.0 -> latest
ip6_link_mtu - IPv6 link MTU. type: int more...

Supported Version Ranges

ip6_link_mtu v6.0.0 -> latest
ip6_manage_flag - Enable/disable the managed flag. type: str choices: enable, disable more...

Supported Version Ranges

ip6_manage_flag v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ip6_max_interval - IPv6 maximum interval (4 to 1800 sec). type: int more...

Supported Version Ranges

ip6_max_interval v6.0.0 -> latest
ip6_min_interval - IPv6 minimum interval (3 to 1350 sec). type: int more...

Supported Version Ranges

ip6_min_interval v6.0.0 -> latest
ip6_mode - Addressing mode (static, DHCP, delegated). type: str choices: static, dhcp, pppoe, delegated more...

Supported Version Ranges

ip6_mode v6.0.0 -> latest

[static] v6.0.0 -> latest
[dhcp] v6.0.0 -> latest
[pppoe] v6.0.0 -> latest
[delegated] v6.0.0 -> latest
ip6_other_flag - Enable/disable the other IPv6 flag. type: str choices: enable, disable more...

Supported Version Ranges

ip6_other_flag v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ip6_prefix_list - Advertised prefix list. type: list member_path: ipv6/ip6_prefix_list:prefix more...

Supported Version Ranges

ip6_prefix_list v6.0.0 -> latest

autonomous_flag - Enable/disable the autonomous flag. type: str choices: enable, disable more...

Supported Version Ranges

autonomous_flag v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dnssl - DNS search list option. type: list member_path: ipv6/ip6_prefix_list:prefix/dnssl:domain more...

Supported Version Ranges

dnssl v6.0.0 -> latest

domain - Domain name. type: str required: true more...

Supported Version Ranges

domain v6.0.0 -> latest

onlink_flag - Enable/disable the onlink flag. type: str choices: enable, disable more...

Supported Version Ranges

onlink_flag v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
preferred_life_time - Preferred life time (sec). type: int more...

Supported Version Ranges

preferred_life_time v6.0.0 -> latest
prefix - IPv6 prefix. type: str required: true more...

Supported Version Ranges

prefix v6.0.0 -> latest
rdnss - Recursive DNS server option. type: list
valid_life_time - Valid life time (sec). type: int more...

Supported Version Ranges

valid_life_time v6.0.0 -> latest

ip6_prefix_mode - Assigning a prefix from DHCP or RA. type: str choices: dhcp6, ra more...

Supported Version Ranges

ip6_prefix_mode v7.0.0 -> latest

[dhcp6] v6.0.0 -> latest
[ra] v6.0.0 -> latest
ip6_reachable_time - IPv6 reachable time (milliseconds; 0 means unspecified). type: int more...

Supported Version Ranges

ip6_reachable_time v6.0.0 -> latest
ip6_retrans_time - IPv6 retransmit time (milliseconds; 0 means unspecified). type: int more...

Supported Version Ranges

ip6_retrans_time v6.0.0 -> latest
ip6_send_adv - Enable/disable sending advertisements about the interface. type: str choices: enable, disable more...

Supported Version Ranges

ip6_send_adv v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ip6_subnet - Subnet to routing prefix. Syntax: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx. type: str more...

Supported Version Ranges

ip6_subnet v6.0.0 -> latest
ip6_upstream_interface - Interface name providing delegated information. Source system.interface.name. type: str more...

Supported Version Ranges

ip6_upstream_interface v6.0.0 -> latest
nd_cert - Neighbor discovery certificate. Source certificate.local.name. type: str more...

Supported Version Ranges

nd_cert v6.0.0 -> latest
nd_cga_modifier - Neighbor discovery CGA modifier. type: str more...

Supported Version Ranges

nd_cga_modifier v6.0.0 -> latest
nd_mode - Neighbor discovery mode. type: str choices: basic, SEND-compatible more...

Supported Version Ranges

nd_mode v6.0.0 -> latest

[basic] v6.0.0 -> latest
[SEND-compatible] v6.0.0 -> latest
nd_security_level - Neighbor discovery security level (0 - 7; 0 = least secure). type: int more...

Supported Version Ranges

nd_security_level v6.0.0 -> latest
nd_timestamp_delta - Neighbor discovery timestamp delta value (1 - 3600 sec; ). type: int more...

Supported Version Ranges

nd_timestamp_delta v6.0.0 -> latest
nd_timestamp_fuzz - Neighbor discovery timestamp fuzz factor (1 - 60 sec; ). type: int more...

Supported Version Ranges

nd_timestamp_fuzz v6.0.0 -> latest
ra_send_mtu - Enable/disable sending link MTU in RA packet. type: str choices: enable, disable more...

Supported Version Ranges

ra_send_mtu v7.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
unique_autoconf_addr - Enable/disable unique auto config address. type: str choices: enable, disable more...

Supported Version Ranges

unique_autoconf_addr v6.4.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
vrip6_link_local - Link-local IPv6 address of virtual router. type: str more...

Supported Version Ranges

vrip6_link_local v6.0.0 -> latest
vrrp_virtual_mac6 - Enable/disable virtual MAC for VRRP. type: str choices: enable, disable more...

Supported Version Ranges

vrrp_virtual_mac6 v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
vrrp6 - IPv6 VRRP configuration. type: list member_path: ipv6/vrrp6:vrid more...

Supported Version Ranges

vrrp6 v6.0.0 -> latest

accept_mode - Enable/disable accept mode. type: str choices: enable, disable more...

Supported Version Ranges

accept_mode v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
adv_interval - Advertisement interval (1 - 255 seconds). type: int more...

Supported Version Ranges

adv_interval v6.0.0 -> latest
preempt - Enable/disable preempt mode. type: str choices: enable, disable more...

Supported Version Ranges

preempt v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
priority - Priority of the virtual router (1 - 255). type: int more...

Supported Version Ranges

priority v6.0.0 -> latest
start_time - Startup time (1 - 255 seconds). type: int more...

Supported Version Ranges

start_time v6.0.0 -> latest
status - Enable/disable VRRP. type: str choices: enable, disable more...

Supported Version Ranges

status v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
vrdst6 - Monitor the route to this destination. type: list
vrgrp - VRRP group ID (1 - 65535). type: int more...

Supported Version Ranges

vrgrp v6.0.0 -> latest
vrid - Virtual router identifier (1 - 255). see Notes. type: int required: true more...

Supported Version Ranges

vrid v6.0.0 -> latest
vrip6 - IPv6 address of the virtual router. type: str more...

Supported Version Ranges

vrip6 v6.0.0 -> latest

l2forward - Enable/disable l2 forwarding. type: str choices: enable, disable more...

Supported Version Ranges

l2forward v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
lacp_ha_secondary - LACP HA secondary member. type: str choices: enable, disable more...

Supported Version Ranges

lacp_ha_secondary v7.2.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
lacp_ha_slave - LACP HA slave. type: str choices: enable, disable more...

Supported Version Ranges

lacp_ha_slave v6.0.0 -> v7.2.0

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
lacp_mode - LACP mode. type: str choices: static, passive, active more...

Supported Version Ranges

lacp_mode v6.0.0 -> latest

[static] v6.0.0 -> latest
[passive] v6.0.0 -> latest
[active] v6.0.0 -> latest
lacp_speed - How often the interface sends LACP messages. type: str choices: slow, fast more...

Supported Version Ranges

lacp_speed v6.0.0 -> latest

[slow] v6.0.0 -> latest
[fast] v6.0.0 -> latest
lcp_echo_interval - Time in seconds between PPPoE Link Control Protocol (LCP) echo requests. type: int more...

Supported Version Ranges

lcp_echo_interval v6.0.0 -> latest
lcp_max_echo_fails - Maximum missed LCP echo messages before disconnect. type: int more...

Supported Version Ranges

lcp_max_echo_fails v6.0.0 -> latest
link_up_delay - Number of milliseconds to wait before considering a link is up. type: int more...

Supported Version Ranges

link_up_delay v6.0.0 -> latest
lldp_network_policy - LLDP-MED network policy profile. Source system.lldp.network-policy.name. type: str more...

Supported Version Ranges

lldp_network_policy v6.2.0 -> latest
lldp_reception - Enable/disable Link Layer Discovery Protocol (LLDP) reception. type: str choices: enable, disable, vdom more...

Supported Version Ranges

lldp_reception v6.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
[vdom] v6.0.0 -> latest
lldp_transmission - Enable/disable Link Layer Discovery Protocol (LLDP) transmission. type: str choices: enable, disable, vdom more...

Supported Version Ranges

lldp_transmission v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
[vdom] v6.0.0 -> latest
macaddr - Change the interface"s MAC address. type: str more...

Supported Version Ranges

macaddr v6.0.0 -> latest
managed_device - Available when FortiLink is enabled, used for managed devices through FortiLink interface. type: list member_path: managed_device:name more...

Supported Version Ranges

managed_device v6.0.0 -> v6.0.11

name - Managed dev identifier. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v6.0.11

managed_subnetwork_size - Number of IP addresses to be allocated by FortiIPAM and used by this FortiGate unit"s DHCP server settings. type: str choices: 32, 64, 128, 256, 512, 1024, 2048, 4096, 8192, 16384, 32768, 65536 more...

	Supported Version Ranges
managed_subnetwork_size	`v6.4.0 -> latest`
[32]	`v7.0.2 -> latest`
[64]	`v7.0.2 -> latest`
[128]	`v7.0.2 -> latest`
[256]	`v6.0.0 -> latest`
[512]	`v6.0.0 -> latest`
[1024]	`v6.0.0 -> latest`
[2048]	`v6.0.0 -> latest`
[4096]	`v6.0.0 -> latest`
[8192]	`v6.0.0 -> latest`
[16384]	`v6.0.0 -> latest`
[32768]	`v6.0.0 -> latest`
[65536]	`v6.0.0 -> latest`

management_ip - High Availability in-band management IP address of this interface. type: str more...

Supported Version Ranges

management_ip v6.0.0 -> latest
measured_downstream_bandwidth - Measured downstream bandwidth (kbps). type: int more...

Supported Version Ranges

measured_downstream_bandwidth v6.4.0 -> latest
measured_upstream_bandwidth - Measured upstream bandwidth (kbps). type: int more...

Supported Version Ranges

measured_upstream_bandwidth v6.4.0 -> latest
mediatype - Select SFP media interface type type: str choices: cfp2-sr10, cfp2-lr4 more...

Supported Version Ranges

mediatype v6.0.0 -> v6.2.7 v6.4.1 -> v7.0.12 v7.2.1 -> v7.2.4

[cfp2-sr10] v6.0.0 -> latest
[cfp2-lr4] v6.0.0 -> latest
member - Physical interfaces that belong to the aggregate or redundant interface. type: list member_path: member:interface_name more...

Supported Version Ranges

member v6.0.0 -> latest

interface_name - Physical interface name. Source system.interface.name. type: str required: true more...

Supported Version Ranges

interface_name v6.0.0 -> latest

min_links - Minimum number of aggregated ports that must be up. type: int more...

Supported Version Ranges

min_links v6.0.0 -> latest
min_links_down - Action to take when less than the configured minimum number of links are active. type: str choices: operational, administrative more...

Supported Version Ranges

min_links_down v6.0.0 -> latest

[operational] v6.0.0 -> latest
[administrative] v6.0.0 -> latest
mode - Addressing mode (static, DHCP, PPPoE). type: str choices: static, dhcp, pppoe more...

Supported Version Ranges

mode v6.0.0 -> latest

[static] v6.0.0 -> latest
[dhcp] v6.0.0 -> latest
[pppoe] v6.0.0 -> latest
monitor_bandwidth - Enable monitoring bandwidth on this interface. type: str choices: enable, disable more...

Supported Version Ranges

monitor_bandwidth v6.4.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
mtu - MTU value for this interface. type: int more...

Supported Version Ranges

mtu v6.0.0 -> latest
mtu_override - Enable to set a custom MTU for this interface. type: str choices: enable, disable more...

Supported Version Ranges

mtu_override v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
name - Name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest
ndiscforward - Enable/disable NDISC forwarding. type: str choices: enable, disable more...

Supported Version Ranges

ndiscforward v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
netbios_forward - Enable/disable NETBIOS forwarding. type: str choices: disable, enable more...

Supported Version Ranges

netbios_forward v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
netflow_sampler - Enable/disable NetFlow on this interface and set the data that NetFlow collects (rx, tx, or both). type: str choices: disable, tx, rx, both more...

Supported Version Ranges

netflow_sampler v6.0.0 -> latest

[disable] v6.0.0 -> latest
[tx] v6.0.0 -> latest
[rx] v6.0.0 -> latest
[both] v6.0.0 -> latest
outbandwidth - Bandwidth limit for outgoing traffic (0 - 80000000 kbps). type: int more...

Supported Version Ranges

outbandwidth v6.0.0 -> latest
padt_retry_timeout - PPPoE Active Discovery Terminate (PADT) used to terminate sessions after an idle time. type: int more...

Supported Version Ranges

padt_retry_timeout v6.0.0 -> latest
password - PPPoE account"s password. type: str more...

Supported Version Ranges

password v6.0.0 -> latest
ping_serv_status - PING server status. type: int more...

Supported Version Ranges

ping_serv_status v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
polling_interval - sFlow polling interval in seconds (1 - 255). type: int more...

Supported Version Ranges

polling_interval v6.0.0 -> latest
pppoe_unnumbered_negotiate - Enable/disable PPPoE unnumbered negotiation. type: str choices: enable, disable more...

Supported Version Ranges

pppoe_unnumbered_negotiate v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
pptp_auth_type - PPTP authentication type. type: str choices: auto, pap, chap, mschapv1, mschapv2 more...

Supported Version Ranges

pptp_auth_type v6.0.0 -> latest

[auto] v6.0.0 -> latest
[pap] v6.0.0 -> latest
[chap] v6.0.0 -> latest
[mschapv1] v6.0.0 -> latest
[mschapv2] v6.0.0 -> latest
pptp_client - Enable/disable PPTP client. type: str choices: enable, disable more...

Supported Version Ranges

pptp_client v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
pptp_password - PPTP password. type: str more...

Supported Version Ranges

pptp_password v6.0.0 -> latest
pptp_server_ip - PPTP server IP address. type: str more...

Supported Version Ranges

pptp_server_ip v6.0.0 -> latest
pptp_timeout - Idle timer in minutes (0 for disabled). type: int more...

Supported Version Ranges

pptp_timeout v6.0.0 -> latest
pptp_user - PPTP user name. type: str more...

Supported Version Ranges

pptp_user v6.0.0 -> latest
preserve_session_route - Enable/disable preservation of session route when dirty. type: str choices: enable, disable more...

Supported Version Ranges

preserve_session_route v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
priority - Priority of learned routes. type: int more...

Supported Version Ranges

priority v6.0.0 -> latest
priority_override - Enable/disable fail back to higher priority port once recovered. type: str choices: enable, disable more...

Supported Version Ranges

priority_override v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
proxy_captive_portal - Enable/disable proxy captive portal on this interface. type: str choices: enable, disable more...

Supported Version Ranges

proxy_captive_portal v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
reachable_time - IPv4 reachable time in milliseconds (30000 - 3600000). type: int more...

Supported Version Ranges

reachable_time v7.0.4 -> latest
redundant_interface - Redundant interface. type: str more...

Supported Version Ranges

redundant_interface v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
remote_ip - Remote IP address of tunnel. type: str more...

Supported Version Ranges

remote_ip v6.0.0 -> latest
replacemsg_override_group - Replacement message override group. type: str more...

Supported Version Ranges

replacemsg_override_group v6.0.0 -> latest
ring_rx - RX ring size. type: int more...

Supported Version Ranges

ring_rx
ring_tx - TX ring size. type: int more...

Supported Version Ranges

ring_tx
role - Interface role. type: str choices: lan, wan, dmz, undefined more...

Supported Version Ranges

role v6.0.0 -> latest

[lan] v6.0.0 -> latest
[wan] v6.0.0 -> latest
[dmz] v6.0.0 -> latest
[undefined] v6.0.0 -> latest
sample_direction - Data that NetFlow collects (rx, tx, or both). type: str choices: tx, rx, both more...

Supported Version Ranges

sample_direction v6.0.0 -> latest

[tx] v6.0.0 -> latest
[rx] v6.0.0 -> latest
[both] v6.0.0 -> latest
sample_rate - sFlow sample rate (10 - 99999). type: int more...

Supported Version Ranges

sample_rate v6.0.0 -> latest
scan_botnet_connections - Enable monitoring or blocking connections to Botnet servers through this interface. type: str choices: disable, block, monitor more...

Supported Version Ranges

scan_botnet_connections v6.0.0 -> v6.0.11

[disable] v6.0.0 -> latest
[block] v6.0.0 -> latest
[monitor] v6.0.0 -> latest
secondary_IP - Enable/disable adding a secondary IP to this interface. type: str choices: enable, disable more...

Supported Version Ranges

secondary_IP v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
secondaryip - Second IP address of interface. type: list member_path: secondaryip:id more...

Supported Version Ranges

secondaryip v6.0.0 -> latest

allowaccess - Management access settings for the secondary IP address. type: list choices: ping, https, ssh, snmp, http, telnet, fgfm, radius-acct, probe-response, fabric, ftm, speed-test, capwap more...

	Supported Version Ranges
allowaccess	`v6.0.0 -> latest`
[ping]	`v6.0.0 -> latest`
[https]	`v6.0.0 -> latest`
[ssh]	`v6.0.0 -> latest`
[snmp]	`v6.0.0 -> latest`
[http]	`v6.0.0 -> latest`
[telnet]	`v6.0.0 -> latest`
[fgfm]	`v6.0.0 -> latest`
[radius-acct]	`v6.0.0 -> latest`
[probe-response]	`v6.0.0 -> latest`
[fabric]	`v6.2.0 -> latest`
[ftm]	`v6.0.0 -> latest`
[speed-test]	`v7.0.1 -> latest`
[capwap]	`v6.0.0 -> v6.0.11`

detectprotocol - Protocols used to detect the server. type: list choices: ping, tcp-echo, udp-echo more...

Supported Version Ranges

detectprotocol v6.0.0 -> latest

[ping] v6.0.0 -> latest
[tcp-echo] v6.0.0 -> latest
[udp-echo] v6.0.0 -> latest
detectserver - Gateway"s ping server for this IP. type: str more...

Supported Version Ranges

detectserver v6.0.0 -> latest
gwdetect - Enable/disable detect gateway alive for first. type: str choices: enable, disable more...

Supported Version Ranges

gwdetect v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ha_priority - HA election priority for the PING server. type: int more...

Supported Version Ranges

ha_priority v6.0.0 -> latest
id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> latest
ip - Secondary IP address of the interface. type: str more...

Supported Version Ranges

ip v6.0.0 -> latest
ping_serv_status - PING server status. type: int more...

Supported Version Ranges

ping_serv_status v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
secip_relay_ip - DHCP relay IP address. type: list

security_exempt_list - Name of security-exempt-list. type: str more...

Supported Version Ranges

security_exempt_list v6.0.0 -> latest
security_external_logout - URL of external authentication logout server. type: str more...

Supported Version Ranges

security_external_logout v6.0.0 -> latest
security_external_web - URL of external authentication web server. type: str more...

Supported Version Ranges

security_external_web v6.0.0 -> latest
security_groups - User groups that can authenticate with the captive portal. type: list member_path: security_groups:name more...

Supported Version Ranges

security_groups v6.0.0 -> latest

name - Names of user groups that can authenticate with the captive portal. Source user.group.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

security_mac_auth_bypass - Enable/disable MAC authentication bypass. type: str choices: mac-auth-only, enable, disable more...

Supported Version Ranges

security_mac_auth_bypass v6.0.0 -> latest

[mac-auth-only] v6.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
security_mode - Turn on captive portal authentication for this interface. type: str choices: none, captive-portal, 802.1X more...

Supported Version Ranges

security_mode v6.0.0 -> latest

[none] v6.0.0 -> latest
[captive-portal] v6.0.0 -> latest
[802.1X] v6.0.0 -> latest
security_redirect_url - URL redirection after disclaimer/authentication. type: str more...

Supported Version Ranges

security_redirect_url v6.0.0 -> latest
service_name - PPPoE service name. type: str more...

Supported Version Ranges

service_name v6.0.0 -> latest
sflow_sampler - Enable/disable sFlow on this interface. type: str choices: enable, disable more...

Supported Version Ranges

sflow_sampler v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
snmp_index - Permanent SNMP Index of the interface. type: int more...

Supported Version Ranges

snmp_index v6.0.0 -> latest

speed - Interface speed. The default setting and the options available depend on the interface hardware. type: str choices: auto, 10full, 10half, 100full, 100half, 1000full, 1000auto, 10000full, 10000auto, 40000full, 40000auto, 100Gfull, 1000half more...

	Supported Version Ranges
speed	`v6.0.0 -> latest`
[auto]	`v6.0.0 -> latest`
[10full]	`v6.0.0 -> latest`
[10half]	`v6.0.0 -> latest`
[100full]	`v6.0.0 -> latest`
[100half]	`v6.0.0 -> latest`
[1000full]	`v6.0.0 -> latest`
[1000auto]	`v6.0.0 -> latest`
[10000full]	`v6.0.0 -> latest`
[10000auto]	`v6.0.0 -> latest`
[40000full]	`v6.0.0 -> latest`
[40000auto]	`v7.4.0 -> latest`
[100Gfull]	`v6.0.0 -> v6.2.7`	`v6.4.1 -> v7.0.12`	`v7.2.1 -> v7.2.4`
[1000half]	`v6.0.0 -> v7.0.3`

spillover_threshold - Egress Spillover threshold (0 - 16776000 kbps), 0 means unlimited. type: int more...

Supported Version Ranges

spillover_threshold v6.0.0 -> latest
src_check - Enable/disable source IP check. type: str choices: enable, disable more...

Supported Version Ranges

src_check v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
status - Bring the interface up or shut the interface down. type: str choices: up, down more...

Supported Version Ranges

status v6.0.0 -> latest

[up] v6.0.0 -> latest
[down] v6.0.0 -> latest
stp - Enable/disable STP. type: str choices: disable, enable more...

Supported Version Ranges

stp v6.0.0 -> v6.2.7 v6.4.1 -> v7.0.12 v7.2.1 -> v7.2.4

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
stp_ha_secondary - Control STP behavior on HA secondary. type: str choices: disable, enable, priority-adjust more...

Supported Version Ranges

stp_ha_secondary v7.0.0 -> v7.0.12 v7.2.1 -> v7.2.4

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
[priority-adjust] v6.0.0 -> latest
stp_ha_slave - Control STP behaviour on HA slave. type: str choices: disable, enable, priority-adjust more...

Supported Version Ranges

stp_ha_slave v6.0.0 -> v6.2.7 v6.4.1 -> v6.4.4

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
[priority-adjust] v6.0.0 -> latest
stpforward - Enable/disable STP forwarding. type: str choices: enable, disable more...

Supported Version Ranges

stpforward v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
stpforward_mode - Configure STP forwarding mode. type: str choices: rpl-all-ext-id, rpl-bridge-ext-id, rpl-nothing more...

Supported Version Ranges

stpforward_mode v6.0.0 -> latest

[rpl-all-ext-id] v6.0.0 -> latest
[rpl-bridge-ext-id] v6.0.0 -> latest
[rpl-nothing] v6.0.0 -> latest
subst - Enable to always send packets from this interface to a destination MAC address. type: str choices: enable, disable more...

Supported Version Ranges

subst v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
substitute_dst_mac - Destination MAC address that all packets are sent to from this interface. type: str more...

Supported Version Ranges

substitute_dst_mac v6.0.0 -> latest
sw_algorithm - Frame distribution algorithm for switch. type: str choices: l2, l3, eh more...

Supported Version Ranges

sw_algorithm v7.2.0 -> v7.2.0 v7.4.0 -> latest

[l2] v6.0.0 -> latest
[l3] v6.0.0 -> latest
[eh] v6.0.0 -> latest
swc_first_create - Initial create for switch-controller VLANs. type: int more...

Supported Version Ranges

swc_first_create v6.4.4 -> latest
swc_vlan - Creation status for switch-controller VLANs. type: int more...

Supported Version Ranges

swc_vlan v6.4.0 -> v7.0.5 v7.2.0 -> v7.2.0
switch - Contained in switch. type: str more...

Supported Version Ranges

switch v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
switch_controller_access_vlan - Block FortiSwitch port-to-port traffic. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_access_vlan v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_arp_inspection - Enable/disable FortiSwitch ARP inspection. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_arp_inspection v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_dhcp_snooping - Switch controller DHCP snooping. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_dhcp_snooping v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_dhcp_snooping_option82 - Switch controller DHCP snooping option82. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_dhcp_snooping_option82 v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_dhcp_snooping_verify_mac - Switch controller DHCP snooping verify MAC. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_dhcp_snooping_verify_mac v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_dynamic - Integrated FortiLink settings for managed FortiSwitch. Source switch-controller.fortilink-settings.name. type: str more...

Supported Version Ranges

switch_controller_dynamic v7.0.0 -> latest

switch_controller_feature - Interface"s purpose when assigning traffic (read only). type: str choices: none, default-vlan, quarantine, rspan, voice, video, nac, nac-segment more...

	Supported Version Ranges
switch_controller_feature	`v6.4.0 -> latest`
[none]	`v6.0.0 -> latest`
[default-vlan]	`v6.0.0 -> latest`
[quarantine]	`v6.0.0 -> latest`
[rspan]	`v6.0.0 -> latest`
[voice]	`v6.0.0 -> latest`
[video]	`v6.0.0 -> latest`
[nac]	`v6.0.0 -> latest`
[nac-segment]	`v7.0.1 -> latest`

switch_controller_igmp_snooping - Switch controller IGMP snooping. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_igmp_snooping v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_igmp_snooping_fast_leave - Switch controller IGMP snooping fast-leave. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_igmp_snooping_fast_leave v6.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_igmp_snooping_proxy - Switch controller IGMP snooping proxy. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_igmp_snooping_proxy v6.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_iot_scanning - Enable/disable managed FortiSwitch IoT scanning. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_iot_scanning v6.4.4 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_learning_limit - Limit the number of dynamic MAC addresses on this VLAN (1 - 128, 0 = no limit, default). type: int more...

Supported Version Ranges

switch_controller_learning_limit v6.0.0 -> latest
switch_controller_mgmt_vlan - VLAN to use for FortiLink management purposes. type: int more...

Supported Version Ranges

switch_controller_mgmt_vlan v6.4.0 -> latest
switch_controller_nac - Integrated FortiLink settings for managed FortiSwitch. Source switch-controller.fortilink-settings.name. type: str more...

Supported Version Ranges

switch_controller_nac v6.4.0 -> latest
switch_controller_netflow_collect - NetFlow collection and processing. type: str choices: disable, enable more...

Supported Version Ranges

switch_controller_netflow_collect v7.2.1 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
switch_controller_offload - Enable/disable managed FortiSwitch routing offload. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_offload v7.4.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_offload_gw - Enable/disable managed FortiSwitch routing offload gateway. type: str choices: enable, disable more...

Supported Version Ranges

switch_controller_offload_gw v7.4.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
switch_controller_offload_ip - IP for routing offload on FortiSwitch. type: str more...

Supported Version Ranges

switch_controller_offload_ip v7.4.1 -> latest
switch_controller_rspan_mode - Stop Layer2 MAC learning and interception of BPDUs and other packets on this interface. type: str choices: disable, enable more...

Supported Version Ranges

switch_controller_rspan_mode v6.2.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
switch_controller_source_ip - Source IP address used in FortiLink over L3 connections. type: str choices: outbound, fixed more...

Supported Version Ranges

switch_controller_source_ip v6.4.4 -> latest

[outbound] v6.0.0 -> latest
[fixed] v6.0.0 -> latest
switch_controller_traffic_policy - Switch controller traffic policy for the VLAN. Source switch-controller.traffic-policy.name. type: str more...

Supported Version Ranges

switch_controller_traffic_policy v6.2.0 -> latest
system_id - Define a system ID for the aggregate interface. type: str more...

Supported Version Ranges

system_id v7.0.2 -> latest
system_id_type - Method in which system ID is generated. type: str choices: auto, user more...

Supported Version Ranges

system_id_type v7.0.2 -> latest

[auto] v6.0.0 -> latest
[user] v6.0.0 -> latest
tagging - Config object tagging. type: list member_path: tagging:name more...

Supported Version Ranges

tagging v6.0.0 -> latest

category - Tag category. Source system.object-tagging.category. type: str more...

Supported Version Ranges

category v6.0.0 -> latest
name - Tagging entry name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest
tags - Tags. type: list member_path: tagging:name/tags:name more...

Supported Version Ranges

tags v6.0.0 -> latest

name - Tag name. Source system.object-tagging.tags.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

tcp_mss - TCP maximum segment size. 0 means do not change segment size. type: int more...

Supported Version Ranges

tcp_mss v6.0.0 -> latest
trust_ip_1 - Trusted host for dedicated management traffic (0.0.0.0/24 for all hosts). type: str more...

Supported Version Ranges

trust_ip_1 v6.0.0 -> latest
trust_ip_2 - Trusted host for dedicated management traffic (0.0.0.0/24 for all hosts). type: str more...

Supported Version Ranges

trust_ip_2 v6.0.0 -> latest
trust_ip_3 - Trusted host for dedicated management traffic (0.0.0.0/24 for all hosts). type: str more...

Supported Version Ranges

trust_ip_3 v6.0.0 -> latest
trust_ip6_1 - Trusted IPv6 host for dedicated management traffic (::/0 for all hosts). type: str more...

Supported Version Ranges

trust_ip6_1 v6.0.0 -> latest
trust_ip6_2 - Trusted IPv6 host for dedicated management traffic (::/0 for all hosts). type: str more...

Supported Version Ranges

trust_ip6_2 v6.0.0 -> latest
trust_ip6_3 - Trusted IPv6 host for dedicated management traffic (::/0 for all hosts). type: str more...

Supported Version Ranges

trust_ip6_3 v6.0.0 -> latest

type - Interface type. type: str choices: physical, vlan, aggregate, redundant, tunnel, vdom-link, loopback, switch, vap-switch, wl-mesh, fext-wan, vxlan, geneve, hdlc, switch-vlan, emac-vlan, ssl, lan-extension, hard-switch more...

	Supported Version Ranges
type	`v6.0.0 -> latest`
[physical]	`v6.0.0 -> latest`
[vlan]	`v6.0.0 -> latest`
[aggregate]	`v6.0.0 -> latest`
[redundant]	`v6.0.0 -> latest`
[tunnel]	`v6.0.0 -> latest`
[vdom-link]	`v6.0.0 -> latest`
[loopback]	`v6.0.0 -> latest`
[switch]	`v6.0.0 -> latest`
[vap-switch]	`v6.0.0 -> latest`
[wl-mesh]	`v6.0.0 -> latest`
[fext-wan]	`v6.0.0 -> latest`
[vxlan]	`v6.0.0 -> latest`
[geneve]	`v6.2.0 -> latest`
[hdlc]	`v6.0.0 -> latest`
[switch-vlan]	`v6.0.0 -> latest`
[emac-vlan]	`v6.0.0 -> latest`
[ssl]	`v7.0.0 -> latest`
[lan-extension]	`v7.0.2 -> latest`
[hard-switch]	`v6.0.0 -> v6.2.7`	`v6.4.1 -> v7.0.12`	`v7.2.1 -> v7.2.4`

username - Username of the PPPoE account, provided by your ISP. type: str more...

Supported Version Ranges

username v6.0.0 -> latest
vdom - Interface is in this virtual domain (VDOM). Source system.vdom.name. type: str more...

Supported Version Ranges

vdom v6.0.0 -> latest
vindex - Switch control interface VLAN ID. type: int more...

Supported Version Ranges

vindex v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
vlan_protocol - Ethernet protocol of VLAN. type: str choices: 8021q, 8021ad more...

Supported Version Ranges

vlan_protocol v6.4.0 -> latest

[8021q] v6.0.0 -> latest
[8021ad] v6.0.0 -> latest
vlanforward - Enable/disable traffic forwarding between VLANs on this interface. type: str choices: enable, disable more...

Supported Version Ranges

vlanforward v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
vlanid - VLAN ID (1 - 4094). type: int more...

Supported Version Ranges

vlanid v6.0.0 -> latest
vrf - Virtual Routing Forwarding ID. type: int more...

Supported Version Ranges

vrf v6.0.0 -> latest
vrrp - VRRP configuration. type: list member_path: vrrp:vrid more...

Supported Version Ranges

vrrp v6.0.0 -> latest

accept_mode - Enable/disable accept mode. type: str choices: enable, disable more...

Supported Version Ranges

accept_mode v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
adv_interval - Advertisement interval (1 - 255 seconds). type: int more...

Supported Version Ranges

adv_interval v6.0.0 -> latest
ignore_default_route - Enable/disable ignoring of default route when checking destination. type: str choices: enable, disable more...

Supported Version Ranges

ignore_default_route v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
preempt - Enable/disable preempt mode. type: str choices: enable, disable more...

Supported Version Ranges

preempt v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
priority - Priority of the virtual router (1 - 255). type: int more...

Supported Version Ranges

priority v6.0.0 -> latest
proxy_arp - VRRP Proxy ARP configuration. type: list member_path: vrrp:vrid/proxy_arp:id more...

Supported Version Ranges

proxy_arp v6.0.0 -> latest

id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> latest
ip - Set IP addresses of proxy ARP. type: str more...

Supported Version Ranges

ip v6.0.0 -> latest

start_time - Startup time (1 - 255 seconds). type: int more...

Supported Version Ranges

start_time v6.0.0 -> latest
status - Enable/disable this VRRP configuration. type: str choices: enable, disable more...

Supported Version Ranges

status v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
version - VRRP version. type: str choices: 2, 3 more...

Supported Version Ranges

version v6.0.0 -> latest

[2] v6.0.0 -> latest
[3] v6.0.0 -> latest
vrdst - Monitor the route to this destination. type: list
vrdst_priority - Priority of the virtual router when the virtual router destination becomes unreachable (0 - 254). type: int more...

Supported Version Ranges

vrdst_priority v6.0.0 -> latest
vrgrp - VRRP group ID (1 - 65535). type: int more...

Supported Version Ranges

vrgrp v6.0.0 -> latest
vrid - Virtual router identifier (1 - 255). see Notes. type: int required: true more...

Supported Version Ranges

vrid v6.0.0 -> latest
vrip - IP address of the virtual router. type: str more...

Supported Version Ranges

vrip v6.0.0 -> latest

vrrp_virtual_mac - Enable/disable use of virtual MAC for VRRP. type: str choices: enable, disable more...

Supported Version Ranges

vrrp_virtual_mac v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
wccp - Enable/disable WCCP on this interface. Used for encapsulated WCCP communication between WCCP clients and servers. type: str choices: enable, disable more...

Supported Version Ranges

wccp v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
weight - Default weight for static routes (if route has no weight configured). type: int more...

Supported Version Ranges

weight v6.0.0 -> latest
wins_ip - WINS server IP. type: str more...

Supported Version Ranges

wins_ip v6.0.0 -> latest

Notes

Note

Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- name: Configure interfaces.
  fortinet.fortios.fortios_system_interface:
      vdom: "{{ vdom }}"
      state: "present"
      access_token: "<your_own_value>"
      system_interface:
          ac_name: "<your_own_value>"
          aggregate: "<your_own_value>"
          aggregate_type: "physical"
          algorithm: "L2"
          alias: "<your_own_value>"
          allowaccess: "ping"
          ap_discover: "enable"
          arpforward: "enable"
          auth_cert: "<your_own_value> (source vpn.certificate.local.name)"
          auth_portal_addr: "<your_own_value>"
          auth_type: "auto"
          auto_auth_extension_device: "enable"
          bandwidth_measure_time: "0"
          bfd: "global"
          bfd_desired_min_tx: "250"
          bfd_detect_mult: "3"
          bfd_required_min_rx: "250"
          broadcast_forticlient_discovery: "enable"
          broadcast_forward: "enable"
          captive_portal: "2147483647"
          cli_conn_status: "0"
          client_options:
              -
                  code: "0"
                  id: "26"
                  ip: "<your_own_value>"
                  type: "hex"
                  value: "<your_own_value>"
          color: "0"
          dedicated_to: "none"
          default_purdue_level: "1"
          defaultgw: "enable"
          description: "<your_own_value>"
          detected_peer_mtu: "0"
          detectprotocol: "ping"
          detectserver: "<your_own_value>"
          device_access_list: "<your_own_value>"
          device_identification: "enable"
          device_identification_active_scan: "enable"
          device_netscan: "disable"
          device_user_identification: "enable"
          devindex: "0"
          dhcp_broadcast_flag: "disable"
          dhcp_classless_route_addition: "enable"
          dhcp_client_identifier: "myId_46"
          dhcp_relay_agent_option: "enable"
          dhcp_relay_circuit_id: "<your_own_value>"
          dhcp_relay_interface: "<your_own_value> (source system.interface.name)"
          dhcp_relay_interface_select_method: "auto"
          dhcp_relay_ip: "<your_own_value>"
          dhcp_relay_link_selection: "<your_own_value>"
          dhcp_relay_request_all_server: "disable"
          dhcp_relay_service: "disable"
          dhcp_relay_source_ip: "<your_own_value>"
          dhcp_relay_type: "regular"
          dhcp_renew_time: "0"
          dhcp_smart_relay: "disable"
          dhcp_snooping_server_list:
              -
                  name: "default_name_60"
                  server_ip: "<your_own_value>"
          disc_retry_timeout: "1"
          disconnect_threshold: "0"
          distance: "5"
          dns_server_override: "enable"
          dns_server_protocol: "cleartext"
          drop_fragment: "enable"
          drop_overlapped_fragment: "enable"
          eap_ca_cert: "<your_own_value> (source certificate.ca.name)"
          eap_identity: "<your_own_value>"
          eap_method: "tls"
          eap_password: "<your_own_value>"
          eap_supplicant: "enable"
          eap_user_cert: "<your_own_value> (source certificate.local.name)"
          egress_cos: "disable"
          egress_queues:
              cos0: "<your_own_value> (source system.isf-queue-profile.name)"
              cos1: "<your_own_value> (source system.isf-queue-profile.name)"
              cos2: "<your_own_value> (source system.isf-queue-profile.name)"
              cos3: "<your_own_value> (source system.isf-queue-profile.name)"
              cos4: "<your_own_value> (source system.isf-queue-profile.name)"
              cos5: "<your_own_value> (source system.isf-queue-profile.name)"
              cos6: "<your_own_value> (source system.isf-queue-profile.name)"
              cos7: "<your_own_value> (source system.isf-queue-profile.name)"
          egress_shaping_profile: "<your_own_value> (source firewall.shaping-profile.profile-name)"
          endpoint_compliance: "enable"
          estimated_downstream_bandwidth: "0"
          estimated_upstream_bandwidth: "0"
          explicit_ftp_proxy: "enable"
          explicit_web_proxy: "enable"
          external: "enable"
          fail_action_on_extender: "soft-restart"
          fail_alert_interfaces:
              -
                  name: "default_name_94 (source system.interface.name)"
          fail_alert_method: "link-failed-signal"
          fail_detect: "enable"
          fail_detect_option: "detectserver"
          fortiheartbeat: "enable"
          fortilink: "enable"
          fortilink_backup_link: "0"
          fortilink_neighbor_detect: "lldp"
          fortilink_split_interface: "enable"
          fortilink_stacking: "enable"
          forward_domain: "0"
          gi_gk: "enable"
          gwdetect: "enable"
          ha_priority: "1"
          icmp_accept_redirect: "enable"
          icmp_send_redirect: "enable"
          ident_accept: "enable"
          idle_timeout: "0"
          ike_saml_server: "<your_own_value> (source user.saml.name)"
          inbandwidth: "0"
          ingress_cos: "disable"
          ingress_shaping_profile: "<your_own_value> (source firewall.shaping-profile.profile-name)"
          ingress_spillover_threshold: "0"
          interface: "<your_own_value> (source system.interface.name)"
          internal: "0"
          ip: "<your_own_value>"
          ip_managed_by_fortiipam: "inherit-global"
          ipmac: "enable"
          ips_sniffer_mode: "enable"
          ipunnumbered: "<your_own_value>"
          ipv6:
              autoconf: "enable"
              cli_conn6_status: "0"
              dhcp6_client_options: "rapid"
              dhcp6_iapd_list:
                  -
                      iaid: "<you_own_value>"
                      prefix_hint: "<your_own_value>"
                      prefix_hint_plt: "604800"
                      prefix_hint_vlt: "2592000"
              dhcp6_information_request: "enable"
              dhcp6_prefix_delegation: "enable"
              dhcp6_prefix_hint: "<your_own_value>"
              dhcp6_prefix_hint_plt: "604800"
              dhcp6_prefix_hint_vlt: "2592000"
              dhcp6_relay_interface_id: "<your_own_value>"
              dhcp6_relay_ip: "<your_own_value>"
              dhcp6_relay_service: "disable"
              dhcp6_relay_source_interface: "disable"
              dhcp6_relay_source_ip: "<your_own_value>"
              dhcp6_relay_type: "regular"
              icmp6_send_redirect: "enable"
              interface_identifier: "myId_145"
              ip6_address: "<your_own_value>"
              ip6_allowaccess: "ping"
              ip6_default_life: "1800"
              ip6_delegated_prefix_iaid: "0"
              ip6_delegated_prefix_list:
                  -
                      autonomous_flag: "enable"
                      delegated_prefix_iaid: "0"
                      onlink_flag: "enable"
                      prefix_id: "<you_own_value>"
                      rdnss: "<your_own_value>"
                      rdnss_service: "delegated"
                      subnet: "<your_own_value>"
                      upstream_interface: "<your_own_value> (source system.interface.name)"
              ip6_dns_server_override: "enable"
              ip6_extra_addr:
                  -
                      prefix: "<your_own_value>"
              ip6_hop_limit: "0"
              ip6_link_mtu: "0"
              ip6_manage_flag: "enable"
              ip6_max_interval: "600"
              ip6_min_interval: "198"
              ip6_mode: "static"
              ip6_other_flag: "enable"
              ip6_prefix_list:
                  -
                      autonomous_flag: "enable"
                      dnssl:
                          -
                              domain: "<your_own_value>"
                      onlink_flag: "enable"
                      preferred_life_time: "604800"
                      prefix: "<your_own_value>"
                      rdnss: "<your_own_value>"
                      valid_life_time: "2592000"
              ip6_prefix_mode: "dhcp6"
              ip6_reachable_time: "0"
              ip6_retrans_time: "0"
              ip6_send_adv: "enable"
              ip6_subnet: "<your_own_value>"
              ip6_upstream_interface: "<your_own_value> (source system.interface.name)"
              nd_cert: "<your_own_value> (source certificate.local.name)"
              nd_cga_modifier: "<your_own_value>"
              nd_mode: "basic"
              nd_security_level: "0"
              nd_timestamp_delta: "300"
              nd_timestamp_fuzz: "1"
              ra_send_mtu: "enable"
              unique_autoconf_addr: "enable"
              vrip6_link_local: "<your_own_value>"
              vrrp_virtual_mac6: "enable"
              vrrp6:
                  -
                      accept_mode: "enable"
                      adv_interval: "1"
                      preempt: "enable"
                      priority: "100"
                      start_time: "3"
                      status: "enable"
                      vrdst6: "<your_own_value>"
                      vrgrp: "0"
                      vrid: "<you_own_value>"
                      vrip6: "<your_own_value>"
          l2forward: "enable"
          lacp_ha_secondary: "enable"
          lacp_ha_slave: "enable"
          lacp_mode: "static"
          lacp_speed: "slow"
          lcp_echo_interval: "5"
          lcp_max_echo_fails: "3"
          link_up_delay: "50"
          lldp_network_policy: "<your_own_value> (source system.lldp.network-policy.name)"
          lldp_reception: "enable"
          lldp_transmission: "enable"
          macaddr: "<your_own_value>"
          managed_device:
              -
                  name: "default_name_218"
          managed_subnetwork_size: "32"
          management_ip: "<your_own_value>"
          measured_downstream_bandwidth: "0"
          measured_upstream_bandwidth: "0"
          mediatype: "cfp2-sr10"
          member:
              -
                  interface_name: "<your_own_value> (source system.interface.name)"
          min_links: "1"
          min_links_down: "operational"
          mode: "static"
          monitor_bandwidth: "enable"
          mtu: "1500"
          mtu_override: "enable"
          name: "default_name_232"
          ndiscforward: "enable"
          netbios_forward: "disable"
          netflow_sampler: "disable"
          outbandwidth: "0"
          padt_retry_timeout: "1"
          password: "<your_own_value>"
          ping_serv_status: "0"
          polling_interval: "20"
          pppoe_unnumbered_negotiate: "enable"
          pptp_auth_type: "auto"
          pptp_client: "enable"
          pptp_password: "<your_own_value>"
          pptp_server_ip: "<your_own_value>"
          pptp_timeout: "0"
          pptp_user: "<your_own_value>"
          preserve_session_route: "enable"
          priority: "1"
          priority_override: "enable"
          proxy_captive_portal: "enable"
          reachable_time: "30000"
          redundant_interface: "<your_own_value>"
          remote_ip: "<your_own_value>"
          replacemsg_override_group: "<your_own_value>"
          ring_rx: "0"
          ring_tx: "0"
          role: "lan"
          sample_direction: "tx"
          sample_rate: "2000"
          scan_botnet_connections: "disable"
          secondary_IP: "enable"
          secondaryip:
              -
                  allowaccess: "ping"
                  detectprotocol: "ping"
                  detectserver: "<your_own_value>"
                  gwdetect: "enable"
                  ha_priority: "1"
                  id: "269"
                  ip: "<your_own_value>"
                  ping_serv_status: "0"
                  secip_relay_ip: "<your_own_value>"
          security_exempt_list: "<your_own_value>"
          security_external_logout: "<your_own_value>"
          security_external_web: "<your_own_value>"
          security_groups:
              -
                  name: "default_name_277 (source user.group.name)"
          security_mac_auth_bypass: "mac-auth-only"
          security_mode: "none"
          security_redirect_url: "<your_own_value>"
          service_name: "<your_own_value>"
          sflow_sampler: "enable"
          snmp_index: "0"
          speed: "auto"
          spillover_threshold: "0"
          src_check: "enable"
          status: "up"
          stp: "disable"
          stp_ha_secondary: "disable"
          stp_ha_slave: "disable"
          stpforward: "enable"
          stpforward_mode: "rpl-all-ext-id"
          subst: "enable"
          substitute_dst_mac: "<your_own_value>"
          sw_algorithm: "l2"
          swc_first_create: "0"
          swc_vlan: "0"
          switch: "<your_own_value>"
          switch_controller_access_vlan: "enable"
          switch_controller_arp_inspection: "enable"
          switch_controller_dhcp_snooping: "enable"
          switch_controller_dhcp_snooping_option82: "enable"
          switch_controller_dhcp_snooping_verify_mac: "enable"
          switch_controller_dynamic: "<your_own_value> (source switch-controller.fortilink-settings.name)"
          switch_controller_feature: "none"
          switch_controller_igmp_snooping: "enable"
          switch_controller_igmp_snooping_fast_leave: "enable"
          switch_controller_igmp_snooping_proxy: "enable"
          switch_controller_iot_scanning: "enable"
          switch_controller_learning_limit: "0"
          switch_controller_mgmt_vlan: "4094"
          switch_controller_nac: "<your_own_value> (source switch-controller.fortilink-settings.name)"
          switch_controller_netflow_collect: "disable"
          switch_controller_offload: "enable"
          switch_controller_offload_gw: "enable"
          switch_controller_offload_ip: "<your_own_value>"
          switch_controller_rspan_mode: "disable"
          switch_controller_source_ip: "outbound"
          switch_controller_traffic_policy: "<your_own_value> (source switch-controller.traffic-policy.name)"
          system_id: "<your_own_value>"
          system_id_type: "auto"
          tagging:
              -
                  category: "<your_own_value> (source system.object-tagging.category)"
                  name: "default_name_324"
                  tags:
                      -
                          name: "default_name_326 (source system.object-tagging.tags.name)"
          tcp_mss: "0"
          trust_ip_1: "<your_own_value>"
          trust_ip_2: "<your_own_value>"
          trust_ip_3: "<your_own_value>"
          trust_ip6_1: "<your_own_value>"
          trust_ip6_2: "<your_own_value>"
          trust_ip6_3: "<your_own_value>"
          type: "physical"
          username: "<your_own_value>"
          vdom: "<your_own_value> (source system.vdom.name)"
          vindex: "0"
          vlan_protocol: "8021q"
          vlanforward: "enable"
          vlanid: "0"
          vrf: "0"
          vrrp:
              -
                  accept_mode: "enable"
                  adv_interval: "1"
                  ignore_default_route: "enable"
                  preempt: "enable"
                  priority: "100"
                  proxy_arp:
                      -
                          id: "349"
                          ip: "<your_own_value>"
                  start_time: "3"
                  status: "enable"
                  version: "2"
                  vrdst: "<your_own_value>"
                  vrdst_priority: "0"
                  vrgrp: "0"
                  vrid: "<you_own_value>"
                  vrip: "<your_own_value>"
          vrrp_virtual_mac: "enable"
          wccp: "enable"
          weight: "0"
          wins_ip: "<your_own_value>"

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

build - Build number of the fortigate image returned: always type: str sample: 1547
http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
revision - Internal revision number returned: always type: str sample: 17.0.2.10658
serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
status - Indication of the operation's result returned: always type: str sample: success
vdom - Virtual domain used returned: always type: str sample: root
version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status

This module is not guaranteed to have a backwards compatible interface.

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fortios_system_interface.rst

fortios_system_interface.rst

fortios_system_interface -- Configure interfaces in Fortinet's FortiOS and FortiGate.

Synopsis

Requirements

Tips

FortiOS Version Compatibility

Parameters

Notes

Examples

Return Values

Status

Authors

	Supported Version Ranges
aggregate	`v6.0.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
aggregate_type	`v7.2.1 -> latest`
[physical]	`v6.0.0 -> latest`
[vxlan]	`v6.0.0 -> latest`

	Supported Version Ranges
algorithm	`v6.0.0 -> latest`
[L2]	`v6.0.0 -> latest`
[L3]	`v6.0.0 -> latest`
[L4]	`v6.0.0 -> latest`
[Source-MAC]	`v7.2.1 -> latest`

	Supported Version Ranges
ap_discover	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
arpforward	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
auth_type	`v6.0.0 -> latest`
[auto]	`v6.0.0 -> latest`
[pap]	`v6.0.0 -> latest`
[chap]	`v6.0.0 -> latest`
[mschapv1]	`v6.0.0 -> latest`
[mschapv2]	`v6.0.0 -> latest`

	Supported Version Ranges
auto_auth_extension_device	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
bandwidth_measure_time	`v6.4.0 -> latest`

	Supported Version Ranges
bfd	`v6.0.0 -> latest`
[global]	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
bfd_desired_min_tx	`v6.0.0 -> latest`

	Supported Version Ranges
bfd_required_min_rx	`v6.0.0 -> latest`

	Supported Version Ranges
broadcast_forticlient_discovery	`v6.0.0 -> v6.2.7`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
broadcast_forward	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
captive_portal	`v6.0.0 -> v6.0.11`	`v6.2.3 -> v6.2.3`

	Supported Version Ranges
cli_conn_status	`v6.0.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
dedicated_to	`v6.0.0 -> latest`
[none]	`v6.0.0 -> latest`
[management]	`v6.0.0 -> latest`

	Supported Version Ranges
defaultgw	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
detected_peer_mtu	`v6.0.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
detectprotocol	`v6.0.0 -> latest`
[ping]	`v6.0.0 -> latest`
[tcp-echo]	`v6.0.0 -> latest`
[udp-echo]	`v6.0.0 -> latest`

	Supported Version Ranges
device_access_list	`v6.0.0 -> v6.0.11`	`v6.2.3 -> v6.2.3`

Files

fortios_system_interface.rst

Latest commit

History

fortios_system_interface.rst

File metadata and controls

fortios_system_interface -- Configure interfaces in Fortinet's FortiOS and FortiGate.

	Supported Version Ranges
device_identification	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
device_identification_active_scan	`v6.0.0 -> v6.0.11`	`v6.2.3 -> v6.2.3`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
device_netscan	`v6.0.0 -> v6.0.11`
[disable]	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`

	Supported Version Ranges
device_user_identification	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
devindex	`v6.0.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
dhcp_broadcast_flag	`v7.4.0 -> latest`
[disable]	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`

	Supported Version Ranges
dhcp_classless_route_addition	`v7.0.1 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
dhcp_client_identifier	`v6.0.0 -> latest`

	Supported Version Ranges
dhcp_relay_agent_option	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
dhcp_relay_circuit_id	`v7.4.1 -> latest`