source:	fortios_vpn_ssl_web_portal.py
orphan:

fortios_vpn_ssl_web_portal -- Portal in Fortinet's FortiOS and FortiGate.

.. versionadded:: 2.0.0

Synopsis
Requirements
Tips
FortiOS Version Compatibility
Parameters
Notes
Examples
Return Values
Status
Authors

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify vpn_ssl_web feature and portal category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

ansible>=2.14

Tips

Using member operation to add an element to an existing object.

FortiOS Version Compatibility

	Supported Version Ranges
fortios_vpn_ssl_web_portal	`v6.0.0 -> latest`

Parameters

access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
enable_log - Enable/Disable logging for task. type: bool required: false default: False
vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
member_path - Member attribute path to operate on. type: str
member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
vpn_ssl_web_portal - Portal. type: dict more...

Supported Version Ranges

vpn_ssl_web_portal v6.0.0 -> latest

allow_user_access - Allow user access to SSL-VPN applications. type: list choices: web, ftp, smb, sftp, telnet, ssh, vnc, rdp, ping, citrix, portforward more...

	Supported Version Ranges
allow_user_access	`v6.0.0 -> latest`
[web]	`v6.0.0 -> latest`
[ftp]	`v6.0.0 -> latest`
[smb]	`v6.0.0 -> latest`
[sftp]	`v6.2.0 -> latest`
[telnet]	`v6.0.0 -> latest`
[ssh]	`v6.0.0 -> latest`
[vnc]	`v6.0.0 -> latest`
[rdp]	`v6.0.0 -> latest`
[ping]	`v6.0.0 -> latest`
[citrix]	`v6.0.0 -> v7.0.0`
[portforward]	`v6.0.0 -> v7.0.0`

auto_connect - Enable/disable automatic connect by client when system is up. type: str choices: enable, disable more...

Supported Version Ranges

auto_connect v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
bookmark_group - Portal bookmark group. type: list member_path: bookmark_group:name more...

Supported Version Ranges

bookmark_group v6.0.0 -> latest

bookmarks - Bookmark table. type: list member_path: bookmark_group:name/bookmarks:name more...

Supported Version Ranges

bookmarks v6.0.0 -> latest

additional_params - Additional parameters. type: str more...

Supported Version Ranges

additional_params v6.0.0 -> latest

apptype - Application type. type: str choices: ftp, rdp, sftp, smb, ssh, telnet, vnc, web, citrix, portforward more...

	Supported Version Ranges
apptype	`v6.0.0 -> latest`
[ftp]	`v6.0.0 -> latest`
[rdp]	`v6.0.0 -> latest`
[sftp]	`v6.2.0 -> latest`
[smb]	`v6.0.0 -> latest`
[ssh]	`v6.0.0 -> latest`
[telnet]	`v6.0.0 -> latest`
[vnc]	`v6.0.0 -> latest`
[web]	`v6.0.0 -> latest`
[citrix]	`v6.0.0 -> v6.0.11`
[portforward]	`v6.0.0 -> v6.0.11`

color_depth - Color depth per pixel. type: str choices: 32, 16, 8 more...

Supported Version Ranges

color_depth v7.0.1 -> latest

[32] v6.0.0 -> latest
[16] v6.0.0 -> latest
[8] v6.0.0 -> latest
description - Description. type: str more...

Supported Version Ranges

description v6.0.0 -> latest
domain - Login domain. type: str more...

Supported Version Ranges

domain v6.4.0 -> v6.4.0 v6.4.4 -> latest
folder - Network shared file folder parameter. type: str more...

Supported Version Ranges

folder v6.0.0 -> latest
form_data - Form data. type: list member_path: bookmark_group:name/bookmarks:name/form_data:name more...

Supported Version Ranges

form_data v6.0.0 -> latest

name - Name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest
value - Value. type: str more...

Supported Version Ranges

value v6.0.0 -> latest

height - Screen height (range from 0 - 65535). type: int more...

Supported Version Ranges

height v7.0.4 -> latest
host - Host name/IP parameter. type: str more...

Supported Version Ranges

host v6.0.0 -> latest

keyboard_layout - Keyboard layout. type: str choices: ar-101, ar-102, ar-102-azerty, can-mul, cz, cz-qwerty, cz-pr, da, nl, de, de-ch, de-ibm, en-uk, en-uk-ext, en-us, en-us-dvorak, es, es-var, fi, fi-sami, fr, fr-apple, fr-ca, fr-ch, fr-be, hr, hu, hu-101, it, it-142, ja, ko, la-am, lt, lt-ibm, lt-std, lav-std, lav-leg, mk, mk-std, no, no-sami, pol-214, pol-pr, pt, pt-br, pt-br-abnt2, ru, ru-mne, ru-t, sl, sv, sv-sami, tuk, tur-f, tur-q, zh-sym-sg-us, zh-sym-us, zh-tr-hk, zh-tr-mo, zh-tr-us more...

	Supported Version Ranges
keyboard_layout	`v7.0.1 -> latest`
[ar-101]	`v6.0.0 -> latest`
[ar-102]	`v6.0.0 -> latest`
[ar-102-azerty]	`v6.0.0 -> latest`
[can-mul]	`v6.0.0 -> latest`
[cz]	`v6.0.0 -> latest`
[cz-qwerty]	`v6.0.0 -> latest`
[cz-pr]	`v6.0.0 -> latest`
[da]	`v6.0.0 -> latest`
[nl]	`v6.0.0 -> latest`
[de]	`v6.0.0 -> latest`
[de-ch]	`v6.0.0 -> latest`
[de-ibm]	`v6.0.0 -> latest`
[en-uk]	`v6.0.0 -> latest`
[en-uk-ext]	`v6.0.0 -> latest`
[en-us]	`v6.0.0 -> latest`
[en-us-dvorak]	`v6.0.0 -> latest`
[es]	`v6.0.0 -> latest`
[es-var]	`v6.0.0 -> latest`
[fi]	`v6.0.0 -> latest`
[fi-sami]	`v6.0.0 -> latest`
[fr]	`v6.0.0 -> latest`
[fr-apple]	`v7.0.6 -> latest`
[fr-ca]	`v6.0.0 -> latest`
[fr-ch]	`v6.0.0 -> latest`
[fr-be]	`v6.0.0 -> latest`
[hr]	`v6.0.0 -> latest`
[hu]	`v6.0.0 -> latest`
[hu-101]	`v6.0.0 -> latest`
[it]	`v6.0.0 -> latest`
[it-142]	`v6.0.0 -> latest`
[ja]	`v6.0.0 -> latest`
[ko]	`v6.0.0 -> latest`
[la-am]	`v7.4.1 -> latest`
[lt]	`v6.0.0 -> latest`
[lt-ibm]	`v6.0.0 -> latest`
[lt-std]	`v6.0.0 -> latest`
[lav-std]	`v6.0.0 -> latest`
[lav-leg]	`v6.0.0 -> latest`
[mk]	`v6.0.0 -> latest`
[mk-std]	`v6.0.0 -> latest`
[no]	`v6.0.0 -> latest`
[no-sami]	`v6.0.0 -> latest`
[pol-214]	`v6.0.0 -> latest`
[pol-pr]	`v6.0.0 -> latest`
[pt]	`v6.0.0 -> latest`
[pt-br]	`v6.0.0 -> latest`
[pt-br-abnt2]	`v6.0.0 -> latest`
[ru]	`v6.0.0 -> latest`
[ru-mne]	`v6.0.0 -> latest`
[ru-t]	`v6.0.0 -> latest`
[sl]	`v6.0.0 -> latest`
[sv]	`v6.0.0 -> latest`
[sv-sami]	`v6.0.0 -> latest`
[tuk]	`v6.0.0 -> latest`
[tur-f]	`v6.0.0 -> latest`
[tur-q]	`v6.0.0 -> latest`
[zh-sym-sg-us]	`v6.0.0 -> latest`
[zh-sym-us]	`v6.0.0 -> latest`
[zh-tr-hk]	`v6.0.0 -> latest`
[zh-tr-mo]	`v6.0.0 -> latest`
[zh-tr-us]	`v6.0.0 -> latest`

listening_port - Listening port (0 - 65535). type: int more...

Supported Version Ranges

listening_port v6.0.0 -> v7.0.0
load_balancing_info - The load balancing information or cookie which should be provided to the connection broker. type: str more...

Supported Version Ranges

load_balancing_info v6.0.0 -> latest
logon_password - Logon password. type: str more...

Supported Version Ranges

logon_password v6.0.0 -> latest
logon_user - Logon user. type: str more...

Supported Version Ranges

logon_user v6.0.0 -> latest
name - Bookmark name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest
port - Remote port. type: int more...

Supported Version Ranges

port v6.0.0 -> latest
preconnection_blob - An arbitrary string which identifies the RDP source. type: str more...

Supported Version Ranges

preconnection_blob v6.0.0 -> latest
preconnection_id - The numeric ID of the RDP source (0-4294967295). type: int more...

Supported Version Ranges

preconnection_id v6.0.0 -> latest
remote_port - Remote port (0 - 65535). type: int more...

Supported Version Ranges

remote_port v6.0.0 -> v7.0.0
restricted_admin - Enable/disable restricted admin mode for RDP. type: str choices: enable, disable more...

Supported Version Ranges

restricted_admin v7.0.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
security - Security mode for RDP connection . type: str choices: any, rdp, nla, tls more...

Supported Version Ranges

security v6.0.0 -> latest

[any] v6.0.0 -> latest
[rdp] v6.0.0 -> latest
[nla] v6.0.0 -> latest
[tls] v6.0.0 -> latest
send_preconnection_id - Enable/disable sending of preconnection ID. type: str choices: enable, disable more...

Supported Version Ranges

send_preconnection_id v7.0.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest

server_layout - Server side keyboard layout. type: str choices: de-de-qwertz, en-gb-qwerty, en-us-qwerty, es-es-qwerty, fr-ca-qwerty, fr-fr-azerty, fr-ch-qwertz, it-it-qwerty, ja-jp-qwerty, pt-br-qwerty, sv-se-qwerty, tr-tr-qwerty, failsafe more...

	Supported Version Ranges
server_layout	`v6.0.0 -> v7.0.0`
[de-de-qwertz]	`v6.0.0 -> latest`
[en-gb-qwerty]	`v6.0.0 -> latest`
[en-us-qwerty]	`v6.0.0 -> latest`
[es-es-qwerty]	`v6.0.0 -> latest`
[fr-ca-qwerty]	`v6.2.0 -> v7.0.0`
[fr-fr-azerty]	`v6.0.0 -> latest`
[fr-ch-qwertz]	`v6.0.0 -> latest`
[it-it-qwerty]	`v6.0.0 -> latest`
[ja-jp-qwerty]	`v6.0.0 -> latest`
[pt-br-qwerty]	`v6.0.0 -> latest`
[sv-se-qwerty]	`v6.0.0 -> latest`
[tr-tr-qwerty]	`v6.0.0 -> latest`
[failsafe]	`v6.0.0 -> latest`

show_status_window - Enable/disable showing of status window. type: str choices: enable, disable more...

Supported Version Ranges

show_status_window v6.0.0 -> v7.0.0

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
sso - Single sign-on. type: str choices: disable, static, auto more...

Supported Version Ranges

sso v6.0.0 -> latest

[disable] v6.0.0 -> latest
[static] v6.0.0 -> latest
[auto] v6.0.0 -> latest
sso_credential - Single sign-on credentials. type: str choices: sslvpn-login, alternative more...

Supported Version Ranges

sso_credential v6.0.0 -> latest

[sslvpn-login] v6.0.0 -> latest
[alternative] v6.0.0 -> latest
sso_credential_sent_once - Single sign-on credentials are only sent once to remote server. type: str choices: enable, disable more...

Supported Version Ranges

sso_credential_sent_once v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
sso_password - SSO password. type: str more...

Supported Version Ranges

sso_password v6.0.0 -> latest
sso_username - SSO user name. type: str more...

Supported Version Ranges

sso_username v6.0.0 -> latest
url - URL parameter. type: str more...

Supported Version Ranges

url v6.0.0 -> latest

vnc_keyboard_layout - Keyboard layout. type: str choices: default, da, nl, en-uk, en-uk-ext, fi, fr, fr-be, fr-ca-mul, de, de-ch, it, it-142, pt, pt-br-abnt2, no, gd, es, sv, us-intl more...

	Supported Version Ranges
vnc_keyboard_layout	`v7.2.4 -> latest`
[default]	`v6.0.0 -> latest`
[da]	`v6.0.0 -> latest`
[nl]	`v6.0.0 -> latest`
[en-uk]	`v6.0.0 -> latest`
[en-uk-ext]	`v6.0.0 -> latest`
[fi]	`v6.0.0 -> latest`
[fr]	`v6.0.0 -> latest`
[fr-be]	`v6.0.0 -> latest`
[fr-ca-mul]	`v6.0.0 -> latest`
[de]	`v6.0.0 -> latest`
[de-ch]	`v6.0.0 -> latest`
[it]	`v6.0.0 -> latest`
[it-142]	`v6.0.0 -> latest`
[pt]	`v6.0.0 -> latest`
[pt-br-abnt2]	`v6.0.0 -> latest`
[no]	`v6.0.0 -> latest`
[gd]	`v6.0.0 -> latest`
[es]	`v6.0.0 -> latest`
[sv]	`v6.0.0 -> latest`
[us-intl]	`v6.0.0 -> latest`

width - Screen width (range from 0 - 65535). type: int more...

Supported Version Ranges

width v7.0.4 -> latest

name - Bookmark group name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

client_src_range - Allow client to add source range for the tunnel traffic. type: str choices: enable, disable more...

Supported Version Ranges

client_src_range v7.2.4 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
clipboard - Enable to support RDP/VPC clipboard functionality. type: str choices: enable, disable more...

Supported Version Ranges

clipboard v7.0.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
custom_lang - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files. Source system.custom-language.name. type: str more...

Supported Version Ranges

custom_lang v6.0.0 -> latest
customize_forticlient_download_url - Enable support of customized download URL for FortiClient. type: str choices: enable, disable more...

Supported Version Ranges

customize_forticlient_download_url v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest

default_protocol - Application type that is set by default. type: str choices: web, ftp, telnet, smb, vnc, rdp, ssh, sftp more...

	Supported Version Ranges
default_protocol	`v7.4.1 -> latest`
[web]	`v6.0.0 -> latest`
[ftp]	`v6.0.0 -> latest`
[telnet]	`v6.0.0 -> latest`
[smb]	`v6.0.0 -> latest`
[vnc]	`v6.0.0 -> latest`
[rdp]	`v6.0.0 -> latest`
[ssh]	`v6.0.0 -> latest`
[sftp]	`v6.0.0 -> latest`

default_window_height - Screen height (range from 0 - 65535). type: int more...

Supported Version Ranges

default_window_height v7.0.6 -> latest
default_window_width - Screen width (range from 0 - 65535). type: int more...

Supported Version Ranges

default_window_width v7.0.6 -> latest
dhcp_ip_overlap - Configure overlapping DHCP IP allocation assignment. type: str choices: use-new, use-old more...

Supported Version Ranges

dhcp_ip_overlap v7.0.6 -> v7.0.12 v7.2.1 -> latest

[use-new] v6.0.0 -> latest
[use-old] v6.0.0 -> latest
dhcp_ra_giaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests. type: str more...

Supported Version Ranges

dhcp_ra_giaddr v7.2.4 -> latest
dhcp6_ra_linkaddr - Relay agent IPv6 link address to use in DHCP6 requests. type: str more...

Supported Version Ranges

dhcp6_ra_linkaddr v7.2.4 -> latest
display_bookmark - Enable to display the web portal bookmark widget. type: str choices: enable, disable more...

Supported Version Ranges

display_bookmark v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
display_connection_tools - Enable to display the web portal connection tools widget. type: str choices: enable, disable more...

Supported Version Ranges

display_connection_tools v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
display_history - Enable to display the web portal user login history widget. type: str choices: enable, disable more...

Supported Version Ranges

display_history v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
display_status - Enable to display the web portal status widget. type: str choices: enable, disable more...

Supported Version Ranges

display_status v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dns_server1 - IPv4 DNS server 1. type: str more...

Supported Version Ranges

dns_server1 v6.0.0 -> latest
dns_server2 - IPv4 DNS server 2. type: str more...

Supported Version Ranges

dns_server2 v6.0.0 -> latest
dns_suffix - DNS suffix. type: str more...

Supported Version Ranges

dns_suffix v6.0.0 -> latest
exclusive_routing - Enable/disable all traffic go through tunnel only. type: str choices: enable, disable more...

Supported Version Ranges

exclusive_routing v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
focus_bookmark - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. type: str choices: enable, disable more...

Supported Version Ranges

focus_bookmark v7.4.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
forticlient_download - Enable/disable download option for FortiClient. type: str choices: enable, disable more...

Supported Version Ranges

forticlient_download v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
forticlient_download_method - FortiClient download method. type: str choices: direct, ssl-vpn more...

Supported Version Ranges

forticlient_download_method v6.0.0 -> latest

[direct] v6.0.0 -> latest
[ssl-vpn] v6.0.0 -> latest
heading - Web portal heading message. type: str more...

Supported Version Ranges

heading v6.0.0 -> latest
hide_sso_credential - Enable to prevent SSO credential being sent to client. type: str choices: enable, disable more...

Supported Version Ranges

hide_sso_credential v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
host_check - Type of host checking performed on endpoints. type: str choices: none, av, fw, av-fw, custom more...

Supported Version Ranges

host_check v6.0.0 -> latest

[none] v6.0.0 -> latest
[av] v6.0.0 -> latest
[fw] v6.0.0 -> latest
[av-fw] v6.0.0 -> latest
[custom] v6.0.0 -> latest
host_check_interval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects. type: int more...

Supported Version Ranges

host_check_interval v6.0.0 -> latest
host_check_policy - One or more policies to require the endpoint to have specific security software. type: list member_path: host_check_policy:name more...

Supported Version Ranges

host_check_policy v6.0.0 -> latest

name - Host check software list name. Source vpn.ssl.web.host-check-software.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

ip_mode - Method by which users of this SSL-VPN tunnel obtain IP addresses. type: str choices: range, user-group, dhcp, no-ip more...

Supported Version Ranges

ip_mode v6.0.0 -> latest

[range] v6.0.0 -> latest
[user-group] v6.0.0 -> latest
[dhcp] v7.0.6 -> v7.0.12 v7.2.1 -> latest

[no-ip] v7.2.4 -> latest
ip_pools - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. type: list member_path: ip_pools:name more...

Supported Version Ranges

ip_pools v6.0.0 -> latest

name - Address name. Source firewall.address.name firewall.addrgrp.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

ipv6_dns_server1 - IPv6 DNS server 1. type: str more...

Supported Version Ranges

ipv6_dns_server1 v6.0.0 -> latest
ipv6_dns_server2 - IPv6 DNS server 2. type: str more...

Supported Version Ranges

ipv6_dns_server2 v6.0.0 -> latest
ipv6_exclusive_routing - Enable/disable all IPv6 traffic go through tunnel only. type: str choices: enable, disable more...

Supported Version Ranges

ipv6_exclusive_routing v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ipv6_pools - IPv6 firewall source address objects reserved for SSL-VPN tunnel mode clients. type: list member_path: ipv6_pools:name more...

Supported Version Ranges

ipv6_pools v6.0.0 -> latest

name - Address name. Source firewall.address6.name firewall.addrgrp6.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

ipv6_service_restriction - Enable/disable IPv6 tunnel service restriction. type: str choices: enable, disable more...

Supported Version Ranges

ipv6_service_restriction v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ipv6_split_tunneling - Enable/disable IPv6 split tunneling. type: str choices: enable, disable more...

Supported Version Ranges

ipv6_split_tunneling v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ipv6_split_tunneling_routing_address - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. type: list member_path: ipv6_split_tunneling_routing_address:name more...

Supported Version Ranges

ipv6_split_tunneling_routing_address v6.0.0 -> latest

name - Address name. Source firewall.address6.name firewall.addrgrp6.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

ipv6_split_tunneling_routing_negate - Enable to negate IPv6 split tunneling routing address. type: str choices: enable, disable more...

Supported Version Ranges

ipv6_split_tunneling_routing_negate v6.4.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ipv6_tunnel_mode - Enable/disable IPv6 SSL-VPN tunnel mode. type: str choices: enable, disable more...

Supported Version Ranges

ipv6_tunnel_mode v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ipv6_wins_server1 - IPv6 WINS server 1. type: str more...

Supported Version Ranges

ipv6_wins_server1 v6.0.0 -> latest
ipv6_wins_server2 - IPv6 WINS server 2. type: str more...

Supported Version Ranges

ipv6_wins_server2 v6.0.0 -> latest
keep_alive - Enable/disable automatic reconnect for FortiClient connections. type: str choices: enable, disable more...

Supported Version Ranges

keep_alive v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
landing_page - Landing page options. type: dict more...

Supported Version Ranges

landing_page v7.4.0 -> latest

form_data - Form data. type: list member_path: landing_page/form_data:name more...

Supported Version Ranges

form_data v7.4.0 -> latest

name - Name. type: str required: true more...

Supported Version Ranges

name v7.4.0 -> latest
value - Value. type: str more...

Supported Version Ranges

value v7.4.0 -> latest

logout_url - Landing page log out URL. type: str more...

Supported Version Ranges

logout_url v7.4.0 -> v7.4.0
sso - Single sign-on. type: str choices: disable, static, auto more...

Supported Version Ranges

sso v7.4.0 -> latest

[disable] v6.0.0 -> latest
[static] v6.0.0 -> latest
[auto] v6.0.0 -> latest
sso_credential - Single sign-on credentials. type: str choices: sslvpn-login, alternative more...

Supported Version Ranges

sso_credential v7.4.0 -> latest

[sslvpn-login] v6.0.0 -> latest
[alternative] v6.0.0 -> latest
sso_password - SSO password. type: str more...

Supported Version Ranges

sso_password v7.4.0 -> latest
sso_username - SSO user name. type: str more...

Supported Version Ranges

sso_username v7.4.0 -> latest
url - Landing page URL. type: str more...

Supported Version Ranges

url v7.4.0 -> latest

landing_page_mode - Enable/disable SSL-VPN landing page mode. type: str choices: enable, disable more...

Supported Version Ranges

landing_page_mode v7.4.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
limit_user_logins - Enable to limit each user to one SSL-VPN session at a time. type: str choices: enable, disable more...

Supported Version Ranges

limit_user_logins v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
mac_addr_action - Client MAC address action. type: str choices: allow, deny more...

Supported Version Ranges

mac_addr_action v6.0.0 -> latest

[allow] v6.0.0 -> latest
[deny] v6.0.0 -> latest
mac_addr_check - Enable/disable MAC address host checking. type: str choices: enable, disable more...

Supported Version Ranges

mac_addr_check v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
mac_addr_check_rule - Client MAC address check rule. type: list member_path: mac_addr_check_rule:name more...

Supported Version Ranges

mac_addr_check_rule v6.0.0 -> latest

mac_addr_list - Client MAC address list. type: list member_path: mac_addr_check_rule:name/mac_addr_list:addr more...

Supported Version Ranges

mac_addr_list v6.0.0 -> latest

addr - Client MAC address. type: str required: true more...

Supported Version Ranges

addr v6.0.0 -> latest

mac_addr_mask - Client MAC address mask. type: int more...

Supported Version Ranges

mac_addr_mask v6.0.0 -> latest
name - Client MAC address check rule name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

macos_forticlient_download_url - Download URL for Mac FortiClient. type: str more...

Supported Version Ranges

macos_forticlient_download_url v6.0.0 -> latest
name - Portal name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest
os_check - Enable to let the FortiGate decide action based on client OS. type: str choices: enable, disable more...

Supported Version Ranges

os_check v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
os_check_list - SSL-VPN OS checks. type: list member_path: os_check_list:name more...

Supported Version Ranges

os_check_list v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0

action - OS check options. type: str choices: deny, allow, check-up-to-date more...

Supported Version Ranges

action v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0

[deny] v6.0.0 -> latest
[allow] v6.0.0 -> latest
[check-up-to-date] v6.0.0 -> latest
latest_patch_level - Latest OS patch level. type: str more...

Supported Version Ranges

latest_patch_level v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
name - Name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0
tolerance - OS patch level tolerance. type: int more...

Supported Version Ranges

tolerance v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0

prefer_ipv6_dns - Prefer to query IPv6 DNS server first if enabled. type: str choices: enable, disable more...

Supported Version Ranges

prefer_ipv6_dns v7.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
redir_url - Client login redirect URL. type: str more...

Supported Version Ranges

redir_url v6.0.0 -> latest
rewrite_ip_uri_ui - Rewrite contents for URI contains IP and /ui/ . type: str choices: enable, disable more...

Supported Version Ranges

rewrite_ip_uri_ui v7.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
save_password - Enable/disable FortiClient saving the user"s password. type: str choices: enable, disable more...

Supported Version Ranges

save_password v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
service_restriction - Enable/disable tunnel service restriction. type: str choices: enable, disable more...

Supported Version Ranges

service_restriction v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
skip_check_for_browser - Enable to skip host check for browser support. type: str choices: enable, disable more...

Supported Version Ranges

skip_check_for_browser v6.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
skip_check_for_unsupported_browser - Enable to skip host check if browser does not support it. type: str choices: enable, disable more...

Supported Version Ranges

skip_check_for_unsupported_browser v6.0.0 -> v6.0.11

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
skip_check_for_unsupported_os - Enable to skip host check if client OS does not support it. type: str choices: enable, disable more...

Supported Version Ranges

skip_check_for_unsupported_os v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
smb_max_version - SMB maximum client protocol version. type: str choices: smbv1, smbv2, smbv3 more...

Supported Version Ranges

smb_max_version v6.2.0 -> latest

[smbv1] v6.0.0 -> latest
[smbv2] v6.0.0 -> latest
[smbv3] v6.0.0 -> latest
smb_min_version - SMB minimum client protocol version. type: str choices: smbv1, smbv2, smbv3 more...

Supported Version Ranges

smb_min_version v6.2.0 -> latest

[smbv1] v6.0.0 -> latest
[smbv2] v6.0.0 -> latest
[smbv3] v6.0.0 -> latest
smb_ntlmv1_auth - Enable support of NTLMv1 for Samba authentication. type: str choices: enable, disable more...

Supported Version Ranges

smb_ntlmv1_auth v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
smbv1 - SMB version 1. type: str choices: enable, disable more...

Supported Version Ranges

smbv1 v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
split_dns - Split DNS for SSL-VPN. type: list member_path: split_dns:id more...

Supported Version Ranges

split_dns v6.0.0 -> latest

dns_server1 - DNS server 1. type: str more...

Supported Version Ranges

dns_server1 v6.0.0 -> latest
dns_server2 - DNS server 2. type: str more...

Supported Version Ranges

dns_server2 v6.0.0 -> latest
domains - Split DNS domains used for SSL-VPN clients separated by comma. type: str more...

Supported Version Ranges

domains v6.0.0 -> latest
id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> latest
ipv6_dns_server1 - IPv6 DNS server 1. type: str more...

Supported Version Ranges

ipv6_dns_server1 v6.0.0 -> latest
ipv6_dns_server2 - IPv6 DNS server 2. type: str more...

Supported Version Ranges

ipv6_dns_server2 v6.0.0 -> latest

split_tunneling - Enable/disable IPv4 split tunneling. type: str choices: enable, disable more...

Supported Version Ranges

split_tunneling v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
split_tunneling_routing_address - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. type: list member_path: split_tunneling_routing_address:name more...

Supported Version Ranges

split_tunneling_routing_address v6.0.0 -> latest

name - Address name. Source firewall.address.name firewall.addrgrp.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

split_tunneling_routing_negate - Enable to negate split tunneling routing address. type: str choices: enable, disable more...

Supported Version Ranges

split_tunneling_routing_negate v6.4.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest

theme - Web portal color scheme. type: str choices: jade, neutrino, mariner, graphite, melongene, jet-stream, security-fabric, dark-matter, onyx, eclipse, blue, green, red more...

	Supported Version Ranges
theme	`v6.0.0 -> latest`
[jade]	`v7.0.0 -> latest`
[neutrino]	`v6.2.0 -> latest`
[mariner]	`v6.0.0 -> latest`
[graphite]	`v7.0.0 -> latest`
[melongene]	`v6.0.0 -> latest`
[jet-stream]	`v7.4.0 -> latest`
[security-fabric]	`v7.4.0 -> latest`
[dark-matter]	`v7.0.0 -> latest`
[onyx]	`v7.0.0 -> latest`
[eclipse]	`v7.0.0 -> latest`
[blue]	`v6.0.0 -> v6.4.4`
[green]	`v6.0.0 -> v6.4.4`
[red]	`v6.0.0 -> v6.0.11`

transform_backward_slashes - Transform backward slashes to forward slashes in URLs. type: str choices: enable, disable more...

Supported Version Ranges

transform_backward_slashes v6.2.0 -> v6.2.7

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
tunnel_mode - Enable/disable IPv4 SSL-VPN tunnel mode. type: str choices: enable, disable more...

Supported Version Ranges

tunnel_mode v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
use_sdwan - Use SD-WAN rules to get output interface. type: str choices: enable, disable more...

Supported Version Ranges

use_sdwan v6.2.7 -> v6.2.7 v6.4.4 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
user_bookmark - Enable to allow web portal users to create their own bookmarks. type: str choices: enable, disable more...

Supported Version Ranges

user_bookmark v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
user_group_bookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. type: str choices: enable, disable more...

Supported Version Ranges

user_group_bookmark v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
web_mode - Enable/disable SSL-VPN web mode. type: str choices: enable, disable more...

Supported Version Ranges

web_mode v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
windows_forticlient_download_url - Download URL for Windows FortiClient. type: str more...

Supported Version Ranges

windows_forticlient_download_url v6.0.0 -> latest
wins_server1 - IPv4 WINS server 1. type: str more...

Supported Version Ranges

wins_server1 v6.0.0 -> latest
wins_server2 - IPv4 WINS server 1. type: str more...

Supported Version Ranges

wins_server2 v6.0.0 -> latest

Notes

Note

Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- name: Portal.
  fortinet.fortios.fortios_vpn_ssl_web_portal:
      vdom: "{{ vdom }}"
      state: "present"
      access_token: "<your_own_value>"
      vpn_ssl_web_portal:
          allow_user_access: "web"
          auto_connect: "enable"
          bookmark_group:
              -
                  bookmarks:
                      -
                          additional_params: "<your_own_value>"
                          apptype: "ftp"
                          color_depth: "32"
                          description: "<your_own_value>"
                          domain: "<your_own_value>"
                          folder: "<your_own_value>"
                          form_data:
                              -
                                  name: "default_name_14"
                                  value: "<your_own_value>"
                          height: "768"
                          host: "myhostname"
                          keyboard_layout: "ar-101"
                          listening_port: "0"
                          load_balancing_info: "<your_own_value>"
                          logon_password: "<your_own_value>"
                          logon_user: "<your_own_value>"
                          name: "default_name_23"
                          port: "0"
                          preconnection_blob: "<your_own_value>"
                          preconnection_id: "2147483648"
                          remote_port: "0"
                          restricted_admin: "enable"
                          security: "any"
                          send_preconnection_id: "enable"
                          server_layout: "de-de-qwertz"
                          show_status_window: "enable"
                          sso: "disable"
                          sso_credential: "sslvpn-login"
                          sso_credential_sent_once: "enable"
                          sso_password: "<your_own_value>"
                          sso_username: "<your_own_value>"
                          url: "myurl.com"
                          vnc_keyboard_layout: "default"
                          width: "1024"
                  name: "default_name_41"
          client_src_range: "enable"
          clipboard: "enable"
          custom_lang: "<your_own_value> (source system.custom-language.name)"
          customize_forticlient_download_url: "enable"
          default_protocol: "web"
          default_window_height: "768"
          default_window_width: "1024"
          dhcp_ip_overlap: "use-new"
          dhcp_ra_giaddr: "<your_own_value>"
          dhcp6_ra_linkaddr: "<your_own_value>"
          display_bookmark: "enable"
          display_connection_tools: "enable"
          display_history: "enable"
          display_status: "enable"
          dns_server1: "<your_own_value>"
          dns_server2: "<your_own_value>"
          dns_suffix: "<your_own_value>"
          exclusive_routing: "enable"
          focus_bookmark: "enable"
          forticlient_download: "enable"
          forticlient_download_method: "direct"
          heading: "<your_own_value>"
          hide_sso_credential: "enable"
          host_check: "none"
          host_check_interval: "0"
          host_check_policy:
              -
                  name: "default_name_68 (source vpn.ssl.web.host-check-software.name)"
          ip_mode: "range"
          ip_pools:
              -
                  name: "default_name_71 (source firewall.address.name firewall.addrgrp.name)"
          ipv6_dns_server1: "<your_own_value>"
          ipv6_dns_server2: "<your_own_value>"
          ipv6_exclusive_routing: "enable"
          ipv6_pools:
              -
                  name: "default_name_76 (source firewall.address6.name firewall.addrgrp6.name)"
          ipv6_service_restriction: "enable"
          ipv6_split_tunneling: "enable"
          ipv6_split_tunneling_routing_address:
              -
                  name: "default_name_80 (source firewall.address6.name firewall.addrgrp6.name)"
          ipv6_split_tunneling_routing_negate: "enable"
          ipv6_tunnel_mode: "enable"
          ipv6_wins_server1: "<your_own_value>"
          ipv6_wins_server2: "<your_own_value>"
          keep_alive: "enable"
          landing_page:
              form_data:
                  -
                      name: "default_name_88"
                      value: "<your_own_value>"
              logout_url: "<your_own_value>"
              sso: "disable"
              sso_credential: "sslvpn-login"
              sso_password: "<your_own_value>"
              sso_username: "<your_own_value>"
              url: "myurl.com"
          landing_page_mode: "enable"
          limit_user_logins: "enable"
          mac_addr_action: "allow"
          mac_addr_check: "enable"
          mac_addr_check_rule:
              -
                  mac_addr_list:
                      -
                          addr: "<your_own_value>"
                  mac_addr_mask: "48"
                  name: "default_name_104"
          macos_forticlient_download_url: "<your_own_value>"
          name: "default_name_106"
          os_check: "enable"
          os_check_list:
              -
                  action: "deny"
                  latest_patch_level: "<your_own_value>"
                  name: "default_name_111"
                  tolerance: "0"
          prefer_ipv6_dns: "enable"
          redir_url: "<your_own_value>"
          rewrite_ip_uri_ui: "enable"
          save_password: "enable"
          service_restriction: "enable"
          skip_check_for_browser: "enable"
          skip_check_for_unsupported_browser: "enable"
          skip_check_for_unsupported_os: "enable"
          smb_max_version: "smbv1"
          smb_min_version: "smbv1"
          smb_ntlmv1_auth: "enable"
          smbv1: "enable"
          split_dns:
              -
                  dns_server1: "<your_own_value>"
                  dns_server2: "<your_own_value>"
                  domains: "<your_own_value>"
                  id: "129"
                  ipv6_dns_server1: "<your_own_value>"
                  ipv6_dns_server2: "<your_own_value>"
          split_tunneling: "enable"
          split_tunneling_routing_address:
              -
                  name: "default_name_134 (source firewall.address.name firewall.addrgrp.name)"
          split_tunneling_routing_negate: "enable"
          theme: "jade"
          transform_backward_slashes: "enable"
          tunnel_mode: "enable"
          use_sdwan: "enable"
          user_bookmark: "enable"
          user_group_bookmark: "enable"
          web_mode: "enable"
          windows_forticlient_download_url: "<your_own_value>"
          wins_server1: "<your_own_value>"
          wins_server2: "<your_own_value>"

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

build - Build number of the fortigate image returned: always type: str sample: 1547
http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
revision - Internal revision number returned: always type: str sample: 17.0.2.10658
serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
status - Indication of the operation's result returned: always type: str sample: success
vdom - Virtual domain used returned: always type: str sample: root
version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status

This module is not guaranteed to have a backwards compatible interface.

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fortios_vpn_ssl_web_portal.rst

fortios_vpn_ssl_web_portal.rst

fortios_vpn_ssl_web_portal -- Portal in Fortinet's FortiOS and FortiGate.

Synopsis

Requirements

Tips

FortiOS Version Compatibility

Parameters

Notes

Examples

Return Values

Status

Authors

	Supported Version Ranges
vpn_ssl_web_portal	`v6.0.0 -> latest`

	Supported Version Ranges
auto_connect	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
color_depth	`v7.0.1 -> latest`
[32]	`v6.0.0 -> latest`
[16]	`v6.0.0 -> latest`
[8]	`v6.0.0 -> latest`

	Supported Version Ranges
domain	`v6.4.0 -> v6.4.0`	`v6.4.4 -> latest`

	Supported Version Ranges
load_balancing_info	`v6.0.0 -> latest`

	Supported Version Ranges
preconnection_blob	`v6.0.0 -> latest`

	Supported Version Ranges
restricted_admin	`v7.0.1 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
security	`v6.0.0 -> latest`
[any]	`v6.0.0 -> latest`
[rdp]	`v6.0.0 -> latest`
[nla]	`v6.0.0 -> latest`
[tls]	`v6.0.0 -> latest`

	Supported Version Ranges
send_preconnection_id	`v7.0.1 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
show_status_window	`v6.0.0 -> v7.0.0`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
sso_credential	`v6.0.0 -> latest`
[sslvpn-login]	`v6.0.0 -> latest`
[alternative]	`v6.0.0 -> latest`

	Supported Version Ranges
sso_credential_sent_once	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
client_src_range	`v7.2.4 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
clipboard	`v7.0.1 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
customize_forticlient_download_url	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
default_window_height	`v7.0.6 -> latest`

	Supported Version Ranges
default_window_width	`v7.0.6 -> latest`

	Supported Version Ranges
dhcp_ip_overlap	`v7.0.6 -> v7.0.12`	`v7.2.1 -> latest`
[use-new]	`v6.0.0 -> latest`
[use-old]	`v6.0.0 -> latest`

	Supported Version Ranges
display_bookmark	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
display_connection_tools	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

Files

fortios_vpn_ssl_web_portal.rst

Latest commit

History

fortios_vpn_ssl_web_portal.rst

File metadata and controls

fortios_vpn_ssl_web_portal -- Portal in Fortinet's FortiOS and FortiGate.

	Supported Version Ranges
display_history	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
display_status	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
exclusive_routing	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
focus_bookmark	`v7.4.1 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
forticlient_download	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
forticlient_download_method	`v6.0.0 -> latest`
[direct]	`v6.0.0 -> latest`
[ssl-vpn]	`v6.0.0 -> latest`

	Supported Version Ranges
hide_sso_credential	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
host_check	`v6.0.0 -> latest`
[none]	`v6.0.0 -> latest`
[av]	`v6.0.0 -> latest`
[fw]	`v6.0.0 -> latest`
[av-fw]	`v6.0.0 -> latest`
[custom]	`v6.0.0 -> latest`

	Supported Version Ranges
host_check_interval	`v6.0.0 -> latest`

	Supported Version Ranges
ip_mode	`v6.0.0 -> latest`
[range]	`v6.0.0 -> latest`
[user-group]	`v6.0.0 -> latest`
[dhcp]	`v7.0.6 -> v7.0.12`	`v7.2.1 -> latest`
[no-ip]	`v7.2.4 -> latest`