source:	fortios_wireless_controller_vap.py
orphan:

fortios_wireless_controller_vap -- Configure Virtual Access Points (VAPs) in Fortinet's FortiOS and FortiGate.

.. versionadded:: 2.0.0

Synopsis
Requirements
Tips
FortiOS Version Compatibility
Parameters
Notes
Examples
Return Values
Status
Authors

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify wireless_controller feature and vap category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

ansible>=2.14

Tips

Using member operation to add an element to an existing object.

FortiOS Version Compatibility

	Supported Version Ranges
fortios_wireless_controller_vap	`v6.0.0 -> latest`

Parameters

access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
enable_log - Enable/Disable logging for task. type: bool required: false default: False
vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
member_path - Member attribute path to operate on. type: str
member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
wireless_controller_vap - Configure Virtual Access Points (VAPs). type: dict more...

Supported Version Ranges

wireless_controller_vap v6.0.0 -> latest

access_control_list - Profile name for access-control-list. Source wireless-controller.access-control-list.name. type: str more...

Supported Version Ranges

access_control_list v6.4.0 -> latest
acct_interim_interval - WiFi RADIUS accounting interim interval (60 - 86400 sec). type: int more...

Supported Version Ranges

acct_interim_interval v6.0.0 -> v6.2.7
additional_akms - Additional AKMs. type: list choices: akm6 more...

Supported Version Ranges

additional_akms v7.0.0 -> latest

[akm6] v6.0.0 -> latest
address_group - Firewall Address Group Name. Source firewall.addrgrp.name. type: str more...

Supported Version Ranges

address_group v6.2.0 -> latest
address_group_policy - Configure MAC address filtering policy for MAC addresses that are in the address-group. type: str choices: disable, allow, deny more...

Supported Version Ranges

address_group_policy v7.2.0 -> latest

[disable] v6.0.0 -> latest
[allow] v6.0.0 -> latest
[deny] v6.0.0 -> latest
alias - Alias. type: str more...

Supported Version Ranges

alias v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3
antivirus_profile - AntiVirus profile name. Source antivirus.profile.name. type: str more...

Supported Version Ranges

antivirus_profile v7.0.1 -> latest
application_detection_engine - Enable/disable application detection engine . type: str choices: enable, disable more...

Supported Version Ranges

application_detection_engine v7.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
application_dscp_marking - Enable/disable application attribute based DSCP marking . type: str choices: enable, disable more...

Supported Version Ranges

application_dscp_marking v7.2.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
application_list - Application control list name. Source application.list.name. type: str more...

Supported Version Ranges

application_list v7.0.1 -> latest
application_report_intv - Application report interval (30 - 864000 sec). type: int more...

Supported Version Ranges

application_report_intv v7.2.0 -> latest
atf_weight - Airtime weight in percentage . type: int more...

Supported Version Ranges

atf_weight v6.2.0 -> latest
auth - Authentication protocol. type: str choices: radius, usergroup, psk more...

Supported Version Ranges

auth v6.0.0 -> latest

[radius] v6.0.0 -> latest
[usergroup] v6.0.0 -> latest
[psk] v6.0.0 -> v7.4.0
auth_cert - HTTPS server certificate. Source vpn.certificate.local.name. type: str more...

Supported Version Ranges

auth_cert v7.0.4 -> latest
auth_portal_addr - Address of captive portal. type: str more...

Supported Version Ranges

auth_portal_addr v7.0.4 -> latest
beacon_advertising - Fortinet beacon advertising IE data . type: list choices: name, model, serial-number more...

Supported Version Ranges

beacon_advertising v7.0.2 -> latest

[name] v6.0.0 -> latest
[model] v6.0.0 -> latest
[serial-number] v6.0.0 -> latest
broadcast_ssid - Enable/disable broadcasting the SSID . type: str choices: enable, disable more...

Supported Version Ranges

broadcast_ssid v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest

broadcast_suppression - Optional suppression of broadcast messages. For example, you can keep DHCP messages, ARP broadcasts, and so on off of the wireless network. type: list choices: dhcp-up, dhcp-down, dhcp-starvation, dhcp-ucast, arp-known, arp-unknown, arp-reply, arp-poison, arp-proxy, netbios-ns, netbios-ds, ipv6, all-other-mc, all-other-bc more...

	Supported Version Ranges
broadcast_suppression	`v6.0.0 -> latest`
[dhcp-up]	`v6.0.0 -> latest`
[dhcp-down]	`v6.0.0 -> latest`
[dhcp-starvation]	`v6.0.0 -> latest`
[dhcp-ucast]	`v6.2.0 -> latest`
[arp-known]	`v6.0.0 -> latest`
[arp-unknown]	`v6.0.0 -> latest`
[arp-reply]	`v6.0.0 -> latest`
[arp-poison]	`v6.0.0 -> latest`
[arp-proxy]	`v6.0.0 -> latest`
[netbios-ns]	`v6.0.0 -> latest`
[netbios-ds]	`v6.0.0 -> latest`
[ipv6]	`v6.0.0 -> latest`
[all-other-mc]	`v6.0.0 -> latest`
[all-other-bc]	`v6.0.0 -> latest`

bss_color_partial - Enable/disable 802.11ax partial BSS color . type: str choices: enable, disable more...

Supported Version Ranges

bss_color_partial v6.4.0 -> v6.4.0 v6.4.4 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
bstm_disassociation_imminent - Enable/disable forcing of disassociation after the BSTM request timer has been reached . type: str choices: enable, disable more...

Supported Version Ranges

bstm_disassociation_imminent v7.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
bstm_load_balancing_disassoc_timer - Time interval for client to voluntarily leave AP before forcing a disassociation due to AP load-balancing (0 to 30). type: int more...

Supported Version Ranges

bstm_load_balancing_disassoc_timer v7.0.0 -> latest
bstm_rssi_disassoc_timer - Time interval for client to voluntarily leave AP before forcing a disassociation due to low RSSI (0 to 2000). type: int more...

Supported Version Ranges

bstm_rssi_disassoc_timer v7.0.0 -> latest
captive_portal_ac_name - Local-bridging captive portal ac-name. type: str more...

Supported Version Ranges

captive_portal_ac_name v6.0.0 -> latest
captive_portal_auth_timeout - Hard timeout - AP will always clear the session after timeout regardless of traffic (0 - 864000 sec). type: int more...

Supported Version Ranges

captive_portal_auth_timeout v6.4.0 -> latest
captive_portal_fw_accounting - Enable/disable RADIUS accounting for captive portal firewall authentication session. type: str choices: enable, disable more...

Supported Version Ranges

captive_portal_fw_accounting v7.2.4 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
captive_portal_macauth_radius_secret - Secret key to access the macauth RADIUS server. type: str more...

Supported Version Ranges

captive_portal_macauth_radius_secret v6.0.0 -> v6.2.7
captive_portal_macauth_radius_server - Captive portal external RADIUS server domain name or IP address. type: str more...

Supported Version Ranges

captive_portal_macauth_radius_server v6.0.0 -> v6.2.7
captive_portal_radius_secret - Secret key to access the RADIUS server. type: str more...

Supported Version Ranges

captive_portal_radius_secret v6.0.0 -> v6.2.7
captive_portal_radius_server - Captive portal RADIUS server domain name or IP address. type: str more...

Supported Version Ranges

captive_portal_radius_server v6.0.0 -> v6.2.7
captive_portal_session_timeout_interval - Session timeout interval (0 - 864000 sec). type: int more...

Supported Version Ranges

captive_portal_session_timeout_interval v6.0.0 -> v6.2.7
dhcp_address_enforcement - Enable/disable DHCP address enforcement . type: str choices: enable, disable more...

Supported Version Ranges

dhcp_address_enforcement v7.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dhcp_lease_time - DHCP lease time in seconds for NAT IP address. type: int more...

Supported Version Ranges

dhcp_lease_time v6.0.0 -> latest
dhcp_option43_insertion - Enable/disable insertion of DHCP option 43 . type: str choices: enable, disable more...

Supported Version Ranges

dhcp_option43_insertion v6.4.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dhcp_option82_circuit_id_insertion - Enable/disable DHCP option 82 circuit-id insert . type: str choices: style-1, style-2, style-3, disable more...

Supported Version Ranges

dhcp_option82_circuit_id_insertion v6.0.0 -> latest

[style-1] v6.0.0 -> latest
[style-2] v6.0.0 -> latest
[style-3] v6.4.0 -> latest

[disable] v6.0.0 -> latest
dhcp_option82_insertion - Enable/disable DHCP option 82 insert . type: str choices: enable, disable more...

Supported Version Ranges

dhcp_option82_insertion v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dhcp_option82_remote_id_insertion - Enable/disable DHCP option 82 remote-id insert . type: str choices: style-1, disable more...

Supported Version Ranges

dhcp_option82_remote_id_insertion v6.0.0 -> latest

[style-1] v6.0.0 -> latest
[disable] v6.0.0 -> latest
dynamic_vlan - Enable/disable dynamic VLAN assignment. type: str choices: enable, disable more...

Supported Version Ranges

dynamic_vlan v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
eap_reauth - Enable/disable EAP re-authentication for WPA-Enterprise security. type: str choices: enable, disable more...

Supported Version Ranges

eap_reauth v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
eap_reauth_intv - EAP re-authentication interval (1800 - 864000 sec). type: int more...

Supported Version Ranges

eap_reauth_intv v6.0.0 -> latest
eapol_key_retries - Enable/disable retransmission of EAPOL-Key frames (message 3/4 and group message 1/2) . type: str choices: disable, enable more...

Supported Version Ranges

eapol_key_retries v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
encrypt - Encryption protocol to use (only available when security is set to a WPA type). type: str choices: TKIP, AES, TKIP-AES more...

Supported Version Ranges

encrypt v6.0.0 -> latest

[TKIP] v6.0.0 -> latest
[AES] v6.0.0 -> latest
[TKIP-AES] v6.0.0 -> latest
external_fast_roaming - Enable/disable fast roaming or pre-authentication with external APs not managed by the FortiGate . type: str choices: enable, disable more...

Supported Version Ranges

external_fast_roaming v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
external_logout - URL of external authentication logout server. type: str more...

Supported Version Ranges

external_logout v6.0.0 -> latest
external_web - URL of external authentication web server. type: str more...

Supported Version Ranges

external_web v6.0.0 -> latest
external_web_format - URL query parameter detection . type: str choices: auto-detect, no-query-string, partial-query-string more...

Supported Version Ranges

external_web_format v6.2.0 -> latest

[auto-detect] v6.0.0 -> latest
[no-query-string] v6.0.0 -> latest
[partial-query-string] v6.0.0 -> latest
fast_bss_transition - Enable/disable 802.11r Fast BSS Transition (FT) . type: str choices: disable, enable more...

Supported Version Ranges

fast_bss_transition v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
fast_roaming - Enable/disable fast-roaming, or pre-authentication, where supported by clients . type: str choices: enable, disable more...

Supported Version Ranges

fast_roaming v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ft_mobility_domain - Mobility domain identifier in FT (1 - 65535). type: int more...

Supported Version Ranges

ft_mobility_domain v6.0.0 -> latest
ft_over_ds - Enable/disable FT over the Distribution System (DS). type: str choices: disable, enable more...

Supported Version Ranges

ft_over_ds v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
ft_r0_key_lifetime - Lifetime of the PMK-R0 key in FT, 1-65535 minutes. type: int more...

Supported Version Ranges

ft_r0_key_lifetime v6.0.0 -> latest
gas_comeback_delay - GAS comeback delay (0 or 100 - 10000 milliseconds). type: int more...

Supported Version Ranges

gas_comeback_delay v7.0.0 -> latest
gas_fragmentation_limit - GAS fragmentation limit (512 - 4096). type: int more...

Supported Version Ranges

gas_fragmentation_limit v7.0.0 -> latest
gtk_rekey - Enable/disable GTK rekey for WPA security. type: str choices: enable, disable more...

Supported Version Ranges

gtk_rekey v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
gtk_rekey_intv - GTK rekey interval (1800 - 864000 sec). type: int more...

Supported Version Ranges

gtk_rekey_intv v6.0.0 -> latest
high_efficiency - Enable/disable 802.11ax high efficiency . type: str choices: enable, disable more...

Supported Version Ranges

high_efficiency v6.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
hotspot20_profile - Hotspot 2.0 profile name. Source wireless-controller.hotspot20.hs-profile.name. type: str more...

Supported Version Ranges

hotspot20_profile v6.0.0 -> latest
igmp_snooping - Enable/disable IGMP snooping. type: str choices: enable, disable more...

Supported Version Ranges

igmp_snooping v6.4.4 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
intra_vap_privacy - Enable/disable blocking communication between clients on the same SSID (called intra-SSID privacy) . type: str choices: enable, disable more...

Supported Version Ranges

intra_vap_privacy v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ip - IP address and subnet mask for the local standalone NAT subnet. type: str more...

Supported Version Ranges

ip v6.0.0 -> latest
ips_sensor - IPS sensor name. Source ips.sensor.name. type: str more...

Supported Version Ranges

ips_sensor v7.0.1 -> latest

ipv6_rules - Optional rules of IPv6 packets. For example, you can keep RA, RS and so on off of the wireless network. type: list choices: drop-icmp6ra, drop-icmp6rs, drop-llmnr6, drop-icmp6mld2, drop-dhcp6s, drop-dhcp6c, ndp-proxy, drop-ns-dad, drop-ns-nondad more...

	Supported Version Ranges
ipv6_rules	`v6.4.0 -> latest`
[drop-icmp6ra]	`v6.0.0 -> latest`
[drop-icmp6rs]	`v6.0.0 -> latest`
[drop-llmnr6]	`v6.0.0 -> latest`
[drop-icmp6mld2]	`v6.0.0 -> latest`
[drop-dhcp6s]	`v6.0.0 -> latest`
[drop-dhcp6c]	`v6.0.0 -> latest`
[ndp-proxy]	`v6.0.0 -> latest`
[drop-ns-dad]	`v6.0.0 -> latest`
[drop-ns-nondad]	`v6.0.0 -> latest`

key - WEP Key. type: str more...

Supported Version Ranges

key v6.0.0 -> latest
keyindex - WEP key index (1 - 4). type: int more...

Supported Version Ranges

keyindex v6.0.0 -> latest
l3_roaming - Enable/disable layer 3 roaming . type: str choices: enable, disable more...

Supported Version Ranges

l3_roaming v7.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
l3_roaming_mode - Select the way that layer 3 roaming traffic is passed . type: str choices: direct, indirect more...

Supported Version Ranges

l3_roaming_mode v7.2.1 -> latest

[direct] v6.0.0 -> latest
[indirect] v6.0.0 -> latest
ldpc - VAP low-density parity-check (LDPC) coding configuration. type: str choices: disable, rx, tx, rxtx more...

Supported Version Ranges

ldpc v6.0.0 -> latest

[disable] v6.0.0 -> latest
[rx] v6.0.0 -> latest
[tx] v6.0.0 -> latest
[rxtx] v6.0.0 -> latest
local_authentication - Enable/disable AP local authentication. type: str choices: enable, disable more...

Supported Version Ranges

local_authentication v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
local_bridging - Enable/disable bridging of wireless and Ethernet interfaces on the FortiAP . type: str choices: enable, disable more...

Supported Version Ranges

local_bridging v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
local_lan - Allow/deny traffic destined for a Class A, B, or C private IP address . type: str choices: allow, deny more...

Supported Version Ranges

local_lan v6.0.0 -> latest

[allow] v6.0.0 -> latest
[deny] v6.0.0 -> latest
local_standalone - Enable/disable AP local standalone . type: str choices: enable, disable more...

Supported Version Ranges

local_standalone v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
local_standalone_dns - Enable/disable AP local standalone DNS. type: str choices: enable, disable more...

Supported Version Ranges

local_standalone_dns v7.0.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
local_standalone_dns_ip - IPv4 addresses for the local standalone DNS. type: list
local_standalone_nat - Enable/disable AP local standalone NAT mode. type: str choices: enable, disable more...

Supported Version Ranges

local_standalone_nat v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
mac_auth_bypass - Enable/disable MAC authentication bypass. type: str choices: enable, disable more...

Supported Version Ranges

mac_auth_bypass v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
mac_called_station_delimiter - MAC called station delimiter . type: str choices: hyphen, single-hyphen, colon, none more...

Supported Version Ranges

mac_called_station_delimiter v7.0.0 -> latest

[hyphen] v6.0.0 -> latest
[single-hyphen] v6.0.0 -> latest
[colon] v6.0.0 -> latest
[none] v6.0.0 -> latest
mac_calling_station_delimiter - MAC calling station delimiter . type: str choices: hyphen, single-hyphen, colon, none more...

Supported Version Ranges

mac_calling_station_delimiter v7.0.0 -> latest

[hyphen] v6.0.0 -> latest
[single-hyphen] v6.0.0 -> latest
[colon] v6.0.0 -> latest
[none] v6.0.0 -> latest
mac_case - MAC case . type: str choices: uppercase, lowercase more...

Supported Version Ranges

mac_case v7.0.0 -> latest

[uppercase] v6.0.0 -> latest
[lowercase] v6.0.0 -> latest
mac_filter - Enable/disable MAC filtering to block wireless clients by mac address. type: str choices: enable, disable more...

Supported Version Ranges

mac_filter v6.0.0 -> v7.4.0

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
mac_filter_list - Create a list of MAC addresses for MAC address filtering. type: list member_path: mac_filter_list:id more...

Supported Version Ranges

mac_filter_list v6.0.0 -> v7.4.0

id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> v7.4.0
mac - MAC address. type: str more...

Supported Version Ranges

mac v6.0.0 -> v7.4.0
mac_filter_policy - Deny or allow the client with this MAC address. type: str choices: allow, deny more...

Supported Version Ranges

mac_filter_policy v6.0.0 -> v7.4.0

[allow] v6.0.0 -> latest
[deny] v6.0.0 -> latest

mac_filter_policy_other - Allow or block clients with MAC addresses that are not in the filter list. type: str choices: allow, deny more...

Supported Version Ranges

mac_filter_policy_other v6.0.0 -> v7.4.0

[allow] v6.0.0 -> latest
[deny] v6.0.0 -> latest
mac_password_delimiter - MAC authentication password delimiter . type: str choices: hyphen, single-hyphen, colon, none more...

Supported Version Ranges

mac_password_delimiter v7.0.0 -> latest

[hyphen] v6.0.0 -> latest
[single-hyphen] v6.0.0 -> latest
[colon] v6.0.0 -> latest
[none] v6.0.0 -> latest
mac_username_delimiter - MAC authentication username delimiter . type: str choices: hyphen, single-hyphen, colon, none more...

Supported Version Ranges

mac_username_delimiter v7.0.0 -> latest

[hyphen] v6.0.0 -> latest
[single-hyphen] v6.0.0 -> latest
[colon] v6.0.0 -> latest
[none] v6.0.0 -> latest
max_clients - Maximum number of clients that can connect simultaneously to the VAP . type: int more...

Supported Version Ranges

max_clients v6.0.0 -> latest
max_clients_ap - Maximum number of clients that can connect simultaneously to the VAP per AP radio . type: int more...

Supported Version Ranges

max_clients_ap v6.0.0 -> latest
mbo - Enable/disable Multiband Operation . type: str choices: disable, enable more...

Supported Version Ranges

mbo v7.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
mbo_cell_data_conn_pref - MBO cell data connection preference (0, 1, or 255). type: str choices: excluded, prefer-not, prefer-use more...

Supported Version Ranges

mbo_cell_data_conn_pref v7.0.0 -> latest

[excluded] v6.0.0 -> latest
[prefer-not] v6.0.0 -> latest
[prefer-use] v6.0.0 -> latest
me_disable_thresh - Disable multicast enhancement when this many clients are receiving multicast traffic. type: int more...

Supported Version Ranges

me_disable_thresh v6.0.0 -> latest
mesh_backhaul - Enable/disable using this VAP as a WiFi mesh backhaul . This entry is only available when security is set to a WPA type or open. type: str choices: enable, disable more...

Supported Version Ranges

mesh_backhaul v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
mpsk - Enable/disable multiple PSK authentication. type: str choices: enable, disable more...

Supported Version Ranges

mpsk v6.0.0 -> v6.2.7 v6.4.1 -> v6.4.1

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
mpsk_concurrent_clients - Maximum number of concurrent clients that connect using the same passphrase in multiple PSK authentication (0 - 65535). type: int more...

Supported Version Ranges

mpsk_concurrent_clients v6.0.0 -> v6.2.7 v6.4.1 -> v6.4.1
mpsk_key - List of multiple PSK entries. type: list member_path: mpsk_key:key_name more...

Supported Version Ranges

mpsk_key v6.0.0 -> v6.2.7 v6.4.1 -> v6.4.1

comment - Comment. type: str more...

Supported Version Ranges

comment v6.0.0 -> v6.2.7 v6.4.1 -> v6.4.1
concurrent_clients - Number of clients that can connect using this pre-shared key. type: str more...

Supported Version Ranges

concurrent_clients v6.0.0 -> v6.2.7 v6.4.1 -> v6.4.1
key_name - Pre-shared key name. type: str required: true more...

Supported Version Ranges

key_name v6.0.0 -> v6.2.7 v6.4.1 -> v6.4.1
mpsk_schedules - Firewall schedule for MPSK passphrase. The passphrase will be effective only when at least one schedule is valid. type: list member_path: mpsk_key:key_name/mpsk_schedules:name more...

Supported Version Ranges

mpsk_schedules v6.2.0 -> v6.2.7 v6.4.1 -> v6.4.1

name - Schedule name. Source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name. type: str required: true more...

Supported Version Ranges

name v6.2.0 -> v6.2.7 v6.4.1 -> v6.4.1

passphrase - WPA Pre-shared key. type: str more...

Supported Version Ranges

passphrase v6.0.0 -> v6.2.7 v6.4.1 -> v6.4.1

mpsk_profile - MPSK profile name. Source wireless-controller.mpsk-profile.name. type: str more...

Supported Version Ranges

mpsk_profile v6.4.0 -> v6.4.0 v6.4.4 -> latest
mu_mimo - Enable/disable Multi-user MIMO . type: str choices: enable, disable more...

Supported Version Ranges

mu_mimo v6.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
multicast_enhance - Enable/disable converting multicast to unicast to improve performance . type: str choices: enable, disable more...

Supported Version Ranges

multicast_enhance v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
multicast_rate - Multicast rate (0, 6000, 12000, or 24000 kbps). type: str choices: 0, 6000, 12000, 24000 more...

Supported Version Ranges

multicast_rate v6.0.0 -> latest

[0] v6.0.0 -> latest
[6000] v6.0.0 -> latest
[12000] v6.0.0 -> latest
[24000] v6.0.0 -> latest
nac - Enable/disable network access control. type: str choices: enable, disable more...

Supported Version Ranges

nac v7.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
nac_profile - NAC profile name. Source wireless-controller.nac-profile.name. type: str more...

Supported Version Ranges

nac_profile v7.0.0 -> latest
name - Virtual AP name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest
neighbor_report_dual_band - Enable/disable dual-band neighbor report . type: str choices: disable, enable more...

Supported Version Ranges

neighbor_report_dual_band v7.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
okc - Enable/disable Opportunistic Key Caching (OKC) . type: str choices: disable, enable more...

Supported Version Ranges

okc v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
osen - Enable/disable OSEN as part of key management . type: str choices: enable, disable more...

Supported Version Ranges

osen v7.0.2 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
owe_groups - OWE-Groups. type: list choices: 19, 20, 21 more...

Supported Version Ranges

owe_groups v6.2.0 -> latest

[19] v6.0.0 -> latest
[20] v6.0.0 -> latest
[21] v6.0.0 -> latest
owe_transition - Enable/disable OWE transition mode support. type: str choices: disable, enable more...

Supported Version Ranges

owe_transition v6.2.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
owe_transition_ssid - OWE transition mode peer SSID. type: str more...

Supported Version Ranges

owe_transition_ssid v6.2.0 -> latest
passphrase - WPA pre-shared key (PSK) to be used to authenticate WiFi users. type: str more...

Supported Version Ranges

passphrase v6.0.0 -> latest
pmf - Protected Management Frames (PMF) support . type: str choices: disable, enable, optional more...

Supported Version Ranges

pmf v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
[optional] v6.0.0 -> latest
pmf_assoc_comeback_timeout - Protected Management Frames (PMF) comeback maximum timeout (1-20 sec). type: int more...

Supported Version Ranges

pmf_assoc_comeback_timeout v6.0.0 -> latest
pmf_sa_query_retry_timeout - Protected Management Frames (PMF) SA query retry timeout interval (1 - 5 100s of msec). type: int more...

Supported Version Ranges

pmf_sa_query_retry_timeout v6.0.0 -> latest
port_macauth - Enable/disable LAN port MAC authentication . type: str choices: disable, radius, address-group more...

Supported Version Ranges

port_macauth v6.4.4 -> latest

[disable] v6.0.0 -> latest
[radius] v6.0.0 -> latest
[address-group] v6.0.0 -> latest
port_macauth_reauth_timeout - LAN port MAC authentication re-authentication timeout value . type: int more...

Supported Version Ranges

port_macauth_reauth_timeout v6.4.4 -> latest
port_macauth_timeout - LAN port MAC authentication idle timeout value . type: int more...

Supported Version Ranges

port_macauth_timeout v6.4.4 -> latest
portal_message_override_group - Replacement message group for this VAP (only available when security is set to a captive portal type). Source system.replacemsg-group .name. type: str more...

Supported Version Ranges

portal_message_override_group v6.0.0 -> latest
portal_message_overrides - Individual message overrides. type: dict more...

Supported Version Ranges

portal_message_overrides v6.0.0 -> latest

auth_disclaimer_page - Override auth-disclaimer-page message with message from portal-message-overrides group. type: str more...

Supported Version Ranges

auth_disclaimer_page v6.0.0 -> latest
auth_login_failed_page - Override auth-login-failed-page message with message from portal-message-overrides group. type: str more...

Supported Version Ranges

auth_login_failed_page v6.0.0 -> latest
auth_login_page - Override auth-login-page message with message from portal-message-overrides group. type: str more...

Supported Version Ranges

auth_login_page v6.0.0 -> latest
auth_reject_page - Override auth-reject-page message with message from portal-message-overrides group. type: str more...

Supported Version Ranges

auth_reject_page v6.0.0 -> latest

portal_type - Captive portal functionality. Configure how the captive portal authenticates users and whether it includes a disclaimer. type: str choices: auth, auth+disclaimer, disclaimer, email-collect, cmcc, cmcc-macauth, auth-mac, external-auth, external-macauth more...

	Supported Version Ranges
portal_type	`v6.0.0 -> latest`
[auth]	`v6.0.0 -> latest`
[auth+disclaimer]	`v6.0.0 -> latest`
[disclaimer]	`v6.0.0 -> latest`
[email-collect]	`v6.0.0 -> latest`
[cmcc]	`v6.0.0 -> latest`
[cmcc-macauth]	`v6.0.0 -> latest`
[auth-mac]	`v6.0.0 -> latest`
[external-auth]	`v6.2.0 -> latest`
[external-macauth]	`v7.0.0 -> latest`

primary_wag_profile - Primary wireless access gateway profile name. Source wireless-controller.wag-profile.name. type: str more...

Supported Version Ranges

primary_wag_profile v6.2.0 -> latest
probe_resp_suppression - Enable/disable probe response suppression (to ignore weak signals) . type: str choices: enable, disable more...

Supported Version Ranges

probe_resp_suppression v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
probe_resp_threshold - Minimum signal level/threshold in dBm required for the AP response to probe requests (-95 to -20). type: str more...

Supported Version Ranges

probe_resp_threshold v6.0.0 -> latest
ptk_rekey - Enable/disable PTK rekey for WPA-Enterprise security. type: str choices: enable, disable more...

Supported Version Ranges

ptk_rekey v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ptk_rekey_intv - PTK rekey interval (1800 - 864000 sec). type: int more...

Supported Version Ranges

ptk_rekey_intv v6.0.0 -> latest
qos_profile - Quality of service profile name. Source wireless-controller.qos-profile.name. type: str more...

Supported Version Ranges

qos_profile v6.0.0 -> latest
quarantine - Enable/disable station quarantine . type: str choices: enable, disable more...

Supported Version Ranges

quarantine v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
radio_2g_threshold - Minimum signal level/threshold in dBm required for the AP response to receive a packet in 2.4G band (-95 to -20). type: str more...

Supported Version Ranges

radio_2g_threshold v6.0.0 -> latest
radio_5g_threshold - Minimum signal level/threshold in dBm required for the AP response to receive a packet in 5G band(-95 to -20). type: str more...

Supported Version Ranges

radio_5g_threshold v6.0.0 -> latest
radio_sensitivity - Enable/disable software radio sensitivity (to ignore weak signals) . type: str choices: enable, disable more...

Supported Version Ranges

radio_sensitivity v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
radius_mac_auth - Enable/disable RADIUS-based MAC authentication of clients . type: str choices: enable, disable more...

Supported Version Ranges

radius_mac_auth v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
radius_mac_auth_block_interval - Don"t send RADIUS MAC auth request again if the client has been rejected within specific interval (0 or 30 - 864000 seconds). type: int more...

Supported Version Ranges

radius_mac_auth_block_interval v7.2.4 -> latest
radius_mac_auth_server - RADIUS-based MAC authentication server. Source user.radius.name. type: str more...

Supported Version Ranges

radius_mac_auth_server v6.0.0 -> latest
radius_mac_auth_usergroups - Selective user groups that are permitted for RADIUS mac authentication. type: list member_path: radius_mac_auth_usergroups:name more...

Supported Version Ranges

radius_mac_auth_usergroups v6.0.0 -> latest

name - User group name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

radius_mac_mpsk_auth - Enable/disable RADIUS-based MAC authentication of clients for MPSK authentication . type: str choices: enable, disable more...

Supported Version Ranges

radius_mac_mpsk_auth v7.0.2 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
radius_mac_mpsk_timeout - RADIUS MAC MPSK cache timeout interval (0 or 300 - 864000). type: int more...

Supported Version Ranges

radius_mac_mpsk_timeout v7.0.2 -> latest
radius_server - RADIUS server to be used to authenticate WiFi users. Source user.radius.name. type: str more...

Supported Version Ranges

radius_server v6.0.0 -> latest

rates_11a - Allowed data rates for 802.11a. type: list choices: 6, 6-basic, 9, 9-basic, 12, 12-basic, 18, 18-basic, 24, 24-basic, 36, 36-basic, 48, 48-basic, 54, 54-basic, 1, 1-basic, 2, 2-basic, 5.5, 5.5-basic, 11, 11-basic more...

	Supported Version Ranges
rates_11a	`v6.0.0 -> latest`
[6]	`v6.0.0 -> latest`
[6-basic]	`v6.0.0 -> latest`
[9]	`v6.0.0 -> latest`
[9-basic]	`v6.0.0 -> latest`
[12]	`v6.0.0 -> latest`
[12-basic]	`v6.0.0 -> latest`
[18]	`v6.0.0 -> latest`
[18-basic]	`v6.0.0 -> latest`
[24]	`v6.0.0 -> latest`
[24-basic]	`v6.0.0 -> latest`
[36]	`v6.0.0 -> latest`
[36-basic]	`v6.0.0 -> latest`
[48]	`v6.0.0 -> latest`
[48-basic]	`v6.0.0 -> latest`
[54]	`v6.0.0 -> latest`
[54-basic]	`v6.0.0 -> latest`
[1]	`v6.0.0 -> v7.4.0`
[1-basic]	`v6.0.0 -> v7.4.0`
[2]	`v6.0.0 -> v7.4.0`
[2-basic]	`v6.0.0 -> v7.4.0`
[5.5]	`v6.0.0 -> v7.4.0`
[5.5-basic]	`v6.0.0 -> v7.4.0`
[11]	`v6.0.0 -> v7.4.0`
[11-basic]	`v6.0.0 -> v7.4.0`

rates_11ac_mcs_map - Comma separated list of max supported VHT MCS for spatial streams 1 through 8. type: str more...

Supported Version Ranges

rates_11ac_mcs_map v7.2.1 -> latest

rates_11ac_ss12 - Allowed data rates for 802.11ac with 1 or 2 spatial streams. type: list choices: mcs0/1, mcs1/1, mcs2/1, mcs3/1, mcs4/1, mcs5/1, mcs6/1, mcs7/1, mcs8/1, mcs9/1, mcs10/1, mcs11/1, mcs0/2, mcs1/2, mcs2/2, mcs3/2, mcs4/2, mcs5/2, mcs6/2, mcs7/2, mcs8/2, mcs9/2, mcs10/2, mcs11/2 more...

	Supported Version Ranges
rates_11ac_ss12	`v6.0.0 -> v7.2.0`
[mcs0/1]	`v6.0.0 -> latest`
[mcs1/1]	`v6.0.0 -> latest`
[mcs2/1]	`v6.0.0 -> latest`
[mcs3/1]	`v6.0.0 -> latest`
[mcs4/1]	`v6.0.0 -> latest`
[mcs5/1]	`v6.0.0 -> latest`
[mcs6/1]	`v6.0.0 -> latest`
[mcs7/1]	`v6.0.0 -> latest`
[mcs8/1]	`v6.0.0 -> latest`
[mcs9/1]	`v6.0.0 -> latest`
[mcs10/1]	`v6.0.0 -> latest`
[mcs11/1]	`v6.0.0 -> latest`
[mcs0/2]	`v6.0.0 -> latest`
[mcs1/2]	`v6.0.0 -> latest`
[mcs2/2]	`v6.0.0 -> latest`
[mcs3/2]	`v6.0.0 -> latest`
[mcs4/2]	`v6.0.0 -> latest`
[mcs5/2]	`v6.0.0 -> latest`
[mcs6/2]	`v6.0.0 -> latest`
[mcs7/2]	`v6.0.0 -> latest`
[mcs8/2]	`v6.0.0 -> latest`
[mcs9/2]	`v6.0.0 -> latest`
[mcs10/2]	`v6.0.0 -> latest`
[mcs11/2]	`v6.0.0 -> latest`

rates_11ac_ss34 - Allowed data rates for 802.11ac with 3 or 4 spatial streams. type: list choices: mcs0/3, mcs1/3, mcs2/3, mcs3/3, mcs4/3, mcs5/3, mcs6/3, mcs7/3, mcs8/3, mcs9/3, mcs10/3, mcs11/3, mcs0/4, mcs1/4, mcs2/4, mcs3/4, mcs4/4, mcs5/4, mcs6/4, mcs7/4, mcs8/4, mcs9/4, mcs10/4, mcs11/4 more...

	Supported Version Ranges
rates_11ac_ss34	`v6.0.0 -> v7.2.0`
[mcs0/3]	`v6.0.0 -> latest`
[mcs1/3]	`v6.0.0 -> latest`
[mcs2/3]	`v6.0.0 -> latest`
[mcs3/3]	`v6.0.0 -> latest`
[mcs4/3]	`v6.0.0 -> latest`
[mcs5/3]	`v6.0.0 -> latest`
[mcs6/3]	`v6.0.0 -> latest`
[mcs7/3]	`v6.0.0 -> latest`
[mcs8/3]	`v6.0.0 -> latest`
[mcs9/3]	`v6.0.0 -> latest`
[mcs10/3]	`v6.0.0 -> latest`
[mcs11/3]	`v6.0.0 -> latest`
[mcs0/4]	`v6.0.0 -> latest`
[mcs1/4]	`v6.0.0 -> latest`
[mcs2/4]	`v6.0.0 -> latest`
[mcs3/4]	`v6.0.0 -> latest`
[mcs4/4]	`v6.0.0 -> latest`
[mcs5/4]	`v6.0.0 -> latest`
[mcs6/4]	`v6.0.0 -> latest`
[mcs7/4]	`v6.0.0 -> latest`
[mcs8/4]	`v6.0.0 -> latest`
[mcs9/4]	`v6.0.0 -> latest`
[mcs10/4]	`v6.0.0 -> latest`
[mcs11/4]	`v6.0.0 -> latest`

rates_11ax_mcs_map - Comma separated list of max supported HE MCS for spatial streams 1 through 8. type: str more...

Supported Version Ranges

rates_11ax_mcs_map v7.2.1 -> latest

rates_11ax_ss12 - Allowed data rates for 802.11ax with 1 or 2 spatial streams. type: list choices: mcs0/1, mcs1/1, mcs2/1, mcs3/1, mcs4/1, mcs5/1, mcs6/1, mcs7/1, mcs8/1, mcs9/1, mcs10/1, mcs11/1, mcs0/2, mcs1/2, mcs2/2, mcs3/2, mcs4/2, mcs5/2, mcs6/2, mcs7/2, mcs8/2, mcs9/2, mcs10/2, mcs11/2 more...

	Supported Version Ranges
rates_11ax_ss12	`v7.0.2 -> v7.2.0`
[mcs0/1]	`v6.0.0 -> latest`
[mcs1/1]	`v6.0.0 -> latest`
[mcs2/1]	`v6.0.0 -> latest`
[mcs3/1]	`v6.0.0 -> latest`
[mcs4/1]	`v6.0.0 -> latest`
[mcs5/1]	`v6.0.0 -> latest`
[mcs6/1]	`v6.0.0 -> latest`
[mcs7/1]	`v6.0.0 -> latest`
[mcs8/1]	`v6.0.0 -> latest`
[mcs9/1]	`v6.0.0 -> latest`
[mcs10/1]	`v6.0.0 -> latest`
[mcs11/1]	`v6.0.0 -> latest`
[mcs0/2]	`v6.0.0 -> latest`
[mcs1/2]	`v6.0.0 -> latest`
[mcs2/2]	`v6.0.0 -> latest`
[mcs3/2]	`v6.0.0 -> latest`
[mcs4/2]	`v6.0.0 -> latest`
[mcs5/2]	`v6.0.0 -> latest`
[mcs6/2]	`v6.0.0 -> latest`
[mcs7/2]	`v6.0.0 -> latest`
[mcs8/2]	`v6.0.0 -> latest`
[mcs9/2]	`v6.0.0 -> latest`
[mcs10/2]	`v6.0.0 -> latest`
[mcs11/2]	`v6.0.0 -> latest`

rates_11ax_ss34 - Allowed data rates for 802.11ax with 3 or 4 spatial streams. type: list choices: mcs0/3, mcs1/3, mcs2/3, mcs3/3, mcs4/3, mcs5/3, mcs6/3, mcs7/3, mcs8/3, mcs9/3, mcs10/3, mcs11/3, mcs0/4, mcs1/4, mcs2/4, mcs3/4, mcs4/4, mcs5/4, mcs6/4, mcs7/4, mcs8/4, mcs9/4, mcs10/4, mcs11/4 more...

	Supported Version Ranges
rates_11ax_ss34	`v7.0.2 -> v7.2.0`
[mcs0/3]	`v6.0.0 -> latest`
[mcs1/3]	`v6.0.0 -> latest`
[mcs2/3]	`v6.0.0 -> latest`
[mcs3/3]	`v6.0.0 -> latest`
[mcs4/3]	`v6.0.0 -> latest`
[mcs5/3]	`v6.0.0 -> latest`
[mcs6/3]	`v6.0.0 -> latest`
[mcs7/3]	`v6.0.0 -> latest`
[mcs8/3]	`v6.0.0 -> latest`
[mcs9/3]	`v6.0.0 -> latest`
[mcs10/3]	`v6.0.0 -> latest`
[mcs11/3]	`v6.0.0 -> latest`
[mcs0/4]	`v6.0.0 -> latest`
[mcs1/4]	`v6.0.0 -> latest`
[mcs2/4]	`v6.0.0 -> latest`
[mcs3/4]	`v6.0.0 -> latest`
[mcs4/4]	`v6.0.0 -> latest`
[mcs5/4]	`v6.0.0 -> latest`
[mcs6/4]	`v6.0.0 -> latest`
[mcs7/4]	`v6.0.0 -> latest`
[mcs8/4]	`v6.0.0 -> latest`
[mcs9/4]	`v6.0.0 -> latest`
[mcs10/4]	`v6.0.0 -> latest`
[mcs11/4]	`v6.0.0 -> latest`

rates_11bg - Allowed data rates for 802.11b/g. type: list choices: 6, 6-basic, 9, 9-basic, 12, 12-basic, 18, 18-basic, 24, 24-basic, 36, 36-basic, 48, 48-basic, 54, 54-basic, 1, 1-basic, 2, 2-basic, 5.5, 5.5-basic, 11, 11-basic more...

	Supported Version Ranges
rates_11bg	`v6.0.0 -> latest`
[6]	`v6.0.0 -> latest`
[6-basic]	`v6.0.0 -> latest`
[9]	`v6.0.0 -> latest`
[9-basic]	`v6.0.0 -> latest`
[12]	`v6.0.0 -> latest`
[12-basic]	`v6.0.0 -> latest`
[18]	`v6.0.0 -> latest`
[18-basic]	`v6.0.0 -> latest`
[24]	`v6.0.0 -> latest`
[24-basic]	`v6.0.0 -> latest`
[36]	`v6.0.0 -> latest`
[36-basic]	`v6.0.0 -> latest`
[48]	`v6.0.0 -> latest`
[48-basic]	`v6.0.0 -> latest`
[54]	`v6.0.0 -> latest`
[54-basic]	`v6.0.0 -> latest`
[1]	`v6.0.0 -> v7.4.0`
[1-basic]	`v6.0.0 -> v7.4.0`
[2]	`v6.0.0 -> v7.4.0`
[2-basic]	`v6.0.0 -> v7.4.0`
[5.5]	`v6.0.0 -> v7.4.0`
[5.5-basic]	`v6.0.0 -> v7.4.0`
[11]	`v6.0.0 -> v7.4.0`
[11-basic]	`v6.0.0 -> v7.4.0`

rates_11n_ss12 - Allowed data rates for 802.11n with 1 or 2 spatial streams. type: list choices: mcs0/1, mcs1/1, mcs2/1, mcs3/1, mcs4/1, mcs5/1, mcs6/1, mcs7/1, mcs8/2, mcs9/2, mcs10/2, mcs11/2, mcs12/2, mcs13/2, mcs14/2, mcs15/2 more...

	Supported Version Ranges
rates_11n_ss12	`v6.0.0 -> latest`
[mcs0/1]	`v6.0.0 -> latest`
[mcs1/1]	`v6.0.0 -> latest`
[mcs2/1]	`v6.0.0 -> latest`
[mcs3/1]	`v6.0.0 -> latest`
[mcs4/1]	`v6.0.0 -> latest`
[mcs5/1]	`v6.0.0 -> latest`
[mcs6/1]	`v6.0.0 -> latest`
[mcs7/1]	`v6.0.0 -> latest`
[mcs8/2]	`v6.0.0 -> latest`
[mcs9/2]	`v6.0.0 -> latest`
[mcs10/2]	`v6.0.0 -> latest`
[mcs11/2]	`v6.0.0 -> latest`
[mcs12/2]	`v6.0.0 -> latest`
[mcs13/2]	`v6.0.0 -> latest`
[mcs14/2]	`v6.0.0 -> latest`
[mcs15/2]	`v6.0.0 -> latest`

rates_11n_ss34 - Allowed data rates for 802.11n with 3 or 4 spatial streams. type: list choices: mcs16/3, mcs17/3, mcs18/3, mcs19/3, mcs20/3, mcs21/3, mcs22/3, mcs23/3, mcs24/4, mcs25/4, mcs26/4, mcs27/4, mcs28/4, mcs29/4, mcs30/4, mcs31/4 more...

	Supported Version Ranges
rates_11n_ss34	`v6.0.0 -> latest`
[mcs16/3]	`v6.0.0 -> latest`
[mcs17/3]	`v6.0.0 -> latest`
[mcs18/3]	`v6.0.0 -> latest`
[mcs19/3]	`v6.0.0 -> latest`
[mcs20/3]	`v6.0.0 -> latest`
[mcs21/3]	`v6.0.0 -> latest`
[mcs22/3]	`v6.0.0 -> latest`
[mcs23/3]	`v6.0.0 -> latest`
[mcs24/4]	`v6.0.0 -> latest`
[mcs25/4]	`v6.0.0 -> latest`
[mcs26/4]	`v6.0.0 -> latest`
[mcs27/4]	`v6.0.0 -> latest`
[mcs28/4]	`v6.0.0 -> latest`
[mcs29/4]	`v6.0.0 -> latest`
[mcs30/4]	`v6.0.0 -> latest`
[mcs31/4]	`v6.0.0 -> latest`

sae_groups - SAE-Groups. type: list choices: 19, 20, 21, 1, 2, 5, 14, 15, 16, 17, 18, 27, 28, 29, 30, 31 more...

	Supported Version Ranges
sae_groups	`v6.2.0 -> latest`
[19]	`v6.0.0 -> latest`
[20]	`v6.0.0 -> latest`
[21]	`v6.0.0 -> latest`
[1]	`v6.2.3 -> v6.2.3`
[2]	`v6.2.3 -> v6.2.3`
[5]	`v6.2.3 -> v6.2.3`
[14]	`v6.2.3 -> v6.2.3`
[15]	`v6.2.3 -> v6.2.3`
[16]	`v6.2.3 -> v6.2.3`
[17]	`v6.2.3 -> v6.2.3`
[18]	`v6.2.3 -> v6.2.3`
[27]	`v6.2.3 -> v6.2.3`
[28]	`v6.2.3 -> v6.2.3`
[29]	`v6.2.3 -> v6.2.3`
[30]	`v6.2.3 -> v6.2.3`
[31]	`v6.2.3 -> v6.2.3`

sae_h2e_only - Use hash-to-element-only mechanism for PWE derivation . type: str choices: enable, disable more...

Supported Version Ranges

sae_h2e_only v7.0.8 -> v7.0.12 v7.2.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
sae_password - WPA3 SAE password to be used to authenticate WiFi users. type: str more...

Supported Version Ranges

sae_password v6.2.0 -> latest
sae_pk - Enable/disable WPA3 SAE-PK . type: str choices: enable, disable more...

Supported Version Ranges

sae_pk v7.0.8 -> v7.0.12 v7.2.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
sae_private_key - Private key used for WPA3 SAE-PK authentication. type: str more...

Supported Version Ranges

sae_private_key v7.0.8 -> v7.0.12 v7.2.1 -> latest
scan_botnet_connections - Block or monitor connections to Botnet servers or disable Botnet scanning. type: str choices: disable, monitor, block more...

Supported Version Ranges

scan_botnet_connections v7.0.1 -> latest

[disable] v6.0.0 -> latest
[monitor] v6.0.0 -> latest
[block] v6.0.0 -> latest
schedule - Firewall schedules for enabling this VAP on the FortiAP. This VAP will be enabled when at least one of the schedules is valid. Separate multiple schedule names with a space. type: list member_path: schedule:name more...

Supported Version Ranges

schedule v6.0.0 -> latest

name - Schedule name. Source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name. type: str required: true more...

Supported Version Ranges

name v6.2.0 -> latest

secondary_wag_profile - Secondary wireless access gateway profile name. Source wireless-controller.wag-profile.name. type: str more...

Supported Version Ranges

secondary_wag_profile v6.2.0 -> latest

security - Security mode for the wireless interface . type: str choices: open, captive-portal, wep64, wep128, wpa-personal, wpa-personal+captive-portal, wpa-enterprise, wpa-only-personal, wpa-only-personal+captive-portal, wpa-only-enterprise, wpa2-only-personal, wpa2-only-personal+captive-portal, wpa2-only-enterprise, wpa3-enterprise, wpa3-only-enterprise, wpa3-enterprise-transition, wpa3-sae, wpa3-sae-transition, owe, osen more...

	Supported Version Ranges
security	`v6.0.0 -> latest`
[open]	`v6.0.0 -> latest`
[captive-portal]	`v6.0.0 -> latest`
[wep64]	`v6.0.0 -> latest`
[wep128]	`v6.0.0 -> latest`
[wpa-personal]	`v6.0.0 -> latest`
[wpa-personal+captive-portal]	`v6.0.0 -> latest`
[wpa-enterprise]	`v6.0.0 -> latest`
[wpa-only-personal]	`v6.0.0 -> latest`
[wpa-only-personal+captive-portal]	`v6.0.0 -> latest`
[wpa-only-enterprise]	`v6.0.0 -> latest`
[wpa2-only-personal]	`v6.0.0 -> latest`
[wpa2-only-personal+captive-portal]	`v6.0.0 -> latest`
[wpa2-only-enterprise]	`v6.0.0 -> latest`
[wpa3-enterprise]	`v6.2.0 -> latest`
[wpa3-only-enterprise]	`v7.0.0 -> latest`
[wpa3-enterprise-transition]	`v7.0.0 -> latest`
[wpa3-sae]	`v6.2.0 -> latest`
[wpa3-sae-transition]	`v6.2.0 -> latest`
[owe]	`v6.2.0 -> latest`
[osen]	`v6.0.0 -> latest`

security_exempt_list - Optional security exempt list for captive portal authentication. Source user.security-exempt-list.name. type: str more...

Supported Version Ranges

security_exempt_list v6.0.0 -> latest
security_obsolete_option - Enable/disable obsolete security options. type: str choices: enable, disable more...

Supported Version Ranges

security_obsolete_option v6.0.0 -> v6.0.11 v6.2.3 -> v6.2.3

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
security_redirect_url - Optional URL for redirecting users after they pass captive portal authentication. type: str more...

Supported Version Ranges

security_redirect_url v6.0.0 -> latest
selected_usergroups - Selective user groups that are permitted to authenticate. type: list member_path: selected_usergroups:name more...

Supported Version Ranges

selected_usergroups v6.0.0 -> latest

name - User group name. Source user.group.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

split_tunneling - Enable/disable split tunneling . type: str choices: enable, disable more...

Supported Version Ranges

split_tunneling v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
ssid - IEEE 802.11 service set identifier (SSID) for the wireless interface. Users who wish to use the wireless network must configure their computers to access this SSID name. type: str more...

Supported Version Ranges

ssid v6.0.0 -> latest
sticky_client_remove - Enable/disable sticky client remove to maintain good signal level clients in SSID . type: str choices: enable, disable more...

Supported Version Ranges

sticky_client_remove v6.4.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
sticky_client_threshold_2g - Minimum signal level/threshold in dBm required for the 2G client to be serviced by the AP (-95 to -20). type: str more...

Supported Version Ranges

sticky_client_threshold_2g v6.4.0 -> latest
sticky_client_threshold_5g - Minimum signal level/threshold in dBm required for the 5G client to be serviced by the AP (-95 to -20). type: str more...

Supported Version Ranges

sticky_client_threshold_5g v6.4.0 -> latest
sticky_client_threshold_6g - Minimum signal level/threshold in dBm required for the 6G client to be serviced by the AP (-95 to -20). type: str more...

Supported Version Ranges

sticky_client_threshold_6g v7.0.8 -> v7.0.12 v7.2.1 -> latest
target_wake_time - Enable/disable 802.11ax target wake time . type: str choices: enable, disable more...

Supported Version Ranges

target_wake_time v6.2.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
tkip_counter_measure - Enable/disable TKIP counter measure. type: str choices: enable, disable more...

Supported Version Ranges

tkip_counter_measure v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
tunnel_echo_interval - The time interval to send echo to both primary and secondary tunnel peers (1 - 65535 sec). type: int more...

Supported Version Ranges

tunnel_echo_interval v6.2.0 -> latest
tunnel_fallback_interval - The time interval for secondary tunnel to fall back to primary tunnel (0 - 65535 sec). type: int more...

Supported Version Ranges

tunnel_fallback_interval v6.2.0 -> latest
usergroup - Firewall user group to be used to authenticate WiFi users. type: list member_path: usergroup:name more...

Supported Version Ranges

usergroup v6.0.0 -> latest

name - User group name. Source user.group.name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> latest

utm_log - Enable/disable UTM logging. type: str choices: enable, disable more...

Supported Version Ranges

utm_log v7.0.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
utm_profile - UTM profile name. Source wireless-controller.utm-profile.name. type: str more...

Supported Version Ranges

utm_profile v6.0.0 -> latest
utm_status - Enable to add one or more security profiles (AV, IPS, etc.) to the VAP. type: str choices: enable, disable more...

Supported Version Ranges

utm_status v7.0.1 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
vdom - Name of the VDOM that the Virtual AP has been added to. Source system.vdom.name. type: str more...

Supported Version Ranges

vdom v6.0.0 -> v6.0.11
vlan_auto - Enable/disable automatic management of SSID VLAN interface. type: str choices: enable, disable more...

Supported Version Ranges

vlan_auto v6.0.0 -> latest

[enable] v6.0.0 -> latest
[disable] v6.0.0 -> latest
vlan_name - Table for mapping VLAN name to VLAN ID. type: list member_path: vlan_name:name more...

Supported Version Ranges

vlan_name v7.0.4 -> latest

name - VLAN name. type: str required: true more...

Supported Version Ranges

name v7.0.4 -> latest
vlan_id - VLAN IDs (maximum 8 VLAN IDs). type: list

vlan_pool - VLAN pool. type: list member_path: vlan_pool:id more...

Supported Version Ranges

vlan_pool v6.0.0 -> latest

id - ID. see Notes. type: int required: true more...

Supported Version Ranges

id v6.0.0 -> latest
wtp_group - WTP group name. Source wireless-controller.wtp-group.name. type: str more...

Supported Version Ranges

wtp_group v6.0.0 -> latest

vlan_pooling - Enable/disable VLAN pooling, to allow grouping of multiple wireless controller VLANs into VLAN pools . When set to wtp-group, VLAN pooling occurs with VLAN assignment by wtp-group. type: str choices: wtp-group, round-robin, hash, disable more...

Supported Version Ranges

vlan_pooling v6.0.0 -> latest

[wtp-group] v6.0.0 -> latest
[round-robin] v6.0.0 -> latest
[hash] v6.0.0 -> latest
[disable] v6.0.0 -> latest
vlanid - Optional VLAN ID. type: int more...

Supported Version Ranges

vlanid v6.0.0 -> latest
voice_enterprise - Enable/disable 802.11k and 802.11v assisted Voice-Enterprise roaming . type: str choices: disable, enable more...

Supported Version Ranges

voice_enterprise v6.0.0 -> latest

[disable] v6.0.0 -> latest
[enable] v6.0.0 -> latest
webfilter_profile - WebFilter profile name. Source webfilter.profile.name. type: str more...

Supported Version Ranges

webfilter_profile v7.0.1 -> latest

Notes

Note

Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- name: Configure Virtual Access Points (VAPs).
  fortinet.fortios.fortios_wireless_controller_vap:
      vdom: "{{ vdom }}"
      state: "present"
      access_token: "<your_own_value>"
      wireless_controller_vap:
          access_control_list: "<your_own_value> (source wireless-controller.access-control-list.name)"
          acct_interim_interval: "43200"
          additional_akms: "akm6"
          address_group: "<your_own_value> (source firewall.addrgrp.name)"
          address_group_policy: "disable"
          alias: "<your_own_value>"
          antivirus_profile: "<your_own_value> (source antivirus.profile.name)"
          application_detection_engine: "enable"
          application_dscp_marking: "enable"
          application_list: "<your_own_value> (source application.list.name)"
          application_report_intv: "120"
          atf_weight: "20"
          auth: "radius"
          auth_cert: "<your_own_value> (source vpn.certificate.local.name)"
          auth_portal_addr: "<your_own_value>"
          beacon_advertising: "name"
          broadcast_ssid: "enable"
          broadcast_suppression: "dhcp-up"
          bss_color_partial: "enable"
          bstm_disassociation_imminent: "enable"
          bstm_load_balancing_disassoc_timer: "10"
          bstm_rssi_disassoc_timer: "200"
          captive_portal_ac_name: "<your_own_value>"
          captive_portal_auth_timeout: "0"
          captive_portal_fw_accounting: "enable"
          captive_portal_macauth_radius_secret: "<your_own_value>"
          captive_portal_macauth_radius_server: "<your_own_value>"
          captive_portal_radius_secret: "<your_own_value>"
          captive_portal_radius_server: "<your_own_value>"
          captive_portal_session_timeout_interval: "432000"
          dhcp_address_enforcement: "enable"
          dhcp_lease_time: "2400"
          dhcp_option43_insertion: "enable"
          dhcp_option82_circuit_id_insertion: "style-1"
          dhcp_option82_insertion: "enable"
          dhcp_option82_remote_id_insertion: "style-1"
          dynamic_vlan: "enable"
          eap_reauth: "enable"
          eap_reauth_intv: "86400"
          eapol_key_retries: "disable"
          encrypt: "TKIP"
          external_fast_roaming: "enable"
          external_logout: "<your_own_value>"
          external_web: "<your_own_value>"
          external_web_format: "auto-detect"
          fast_bss_transition: "disable"
          fast_roaming: "enable"
          ft_mobility_domain: "1000"
          ft_over_ds: "disable"
          ft_r0_key_lifetime: "480"
          gas_comeback_delay: "500"
          gas_fragmentation_limit: "1024"
          gtk_rekey: "enable"
          gtk_rekey_intv: "86400"
          high_efficiency: "enable"
          hotspot20_profile: "<your_own_value> (source wireless-controller.hotspot20.hs-profile.name)"
          igmp_snooping: "enable"
          intra_vap_privacy: "enable"
          ip: "<your_own_value>"
          ips_sensor: "<your_own_value> (source ips.sensor.name)"
          ipv6_rules: "drop-icmp6ra"
          key: "<your_own_value>"
          keyindex: "1"
          l3_roaming: "enable"
          l3_roaming_mode: "direct"
          ldpc: "disable"
          local_authentication: "enable"
          local_bridging: "enable"
          local_lan: "allow"
          local_standalone: "enable"
          local_standalone_dns: "enable"
          local_standalone_dns_ip: "<your_own_value>"
          local_standalone_nat: "enable"
          mac_auth_bypass: "enable"
          mac_called_station_delimiter: "hyphen"
          mac_calling_station_delimiter: "hyphen"
          mac_case: "uppercase"
          mac_filter: "enable"
          mac_filter_list:
              -
                  id: "82"
                  mac: "<your_own_value>"
                  mac_filter_policy: "allow"
          mac_filter_policy_other: "allow"
          mac_password_delimiter: "hyphen"
          mac_username_delimiter: "hyphen"
          max_clients: "0"
          max_clients_ap: "0"
          mbo: "disable"
          mbo_cell_data_conn_pref: "excluded"
          me_disable_thresh: "32"
          mesh_backhaul: "enable"
          mpsk: "enable"
          mpsk_concurrent_clients: "32767"
          mpsk_key:
              -
                  comment: "Comment."
                  concurrent_clients: "<your_own_value>"
                  key_name: "<your_own_value>"
                  mpsk_schedules:
                      -
                          name: "default_name_101 (source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name)"
                  passphrase: "<your_own_value>"
          mpsk_profile: "<your_own_value> (source wireless-controller.mpsk-profile.name)"
          mu_mimo: "enable"
          multicast_enhance: "enable"
          multicast_rate: "0"
          nac: "enable"
          nac_profile: "<your_own_value> (source wireless-controller.nac-profile.name)"
          name: "default_name_109"
          neighbor_report_dual_band: "disable"
          okc: "disable"
          osen: "enable"
          owe_groups: "19"
          owe_transition: "disable"
          owe_transition_ssid: "<your_own_value>"
          passphrase: "<your_own_value>"
          pmf: "disable"
          pmf_assoc_comeback_timeout: "1"
          pmf_sa_query_retry_timeout: "2"
          port_macauth: "disable"
          port_macauth_reauth_timeout: "7200"
          port_macauth_timeout: "600"
          portal_message_override_group: "<your_own_value> (source system.replacemsg-group.name)"
          portal_message_overrides:
              auth_disclaimer_page: "<your_own_value>"
              auth_login_failed_page: "<your_own_value>"
              auth_login_page: "<your_own_value>"
              auth_reject_page: "<your_own_value>"
          portal_type: "auth"
          primary_wag_profile: "<your_own_value> (source wireless-controller.wag-profile.name)"
          probe_resp_suppression: "enable"
          probe_resp_threshold: "<your_own_value>"
          ptk_rekey: "enable"
          ptk_rekey_intv: "86400"
          qos_profile: "<your_own_value> (source wireless-controller.qos-profile.name)"
          quarantine: "enable"
          radio_2g_threshold: "<your_own_value>"
          radio_5g_threshold: "<your_own_value>"
          radio_sensitivity: "enable"
          radius_mac_auth: "enable"
          radius_mac_auth_block_interval: "0"
          radius_mac_auth_server: "<your_own_value> (source user.radius.name)"
          radius_mac_auth_usergroups:
              -
                  name: "default_name_144"
          radius_mac_mpsk_auth: "enable"
          radius_mac_mpsk_timeout: "86400"
          radius_server: "<your_own_value> (source user.radius.name)"
          rates_11a: "6"
          rates_11ac_mcs_map: "<your_own_value>"
          rates_11ac_ss12: "mcs0/1"
          rates_11ac_ss34: "mcs0/3"
          rates_11ax_mcs_map: "<your_own_value>"
          rates_11ax_ss12: "mcs0/1"
          rates_11ax_ss34: "mcs0/3"
          rates_11bg: "6"
          rates_11n_ss12: "mcs0/1"
          rates_11n_ss34: "mcs16/3"
          sae_groups: "19"
          sae_h2e_only: "enable"
          sae_password: "<your_own_value>"
          sae_pk: "enable"
          sae_private_key: "<your_own_value>"
          scan_botnet_connections: "disable"
          schedule:
              -
                  name: "default_name_165 (source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name)"
          secondary_wag_profile: "<your_own_value> (source wireless-controller.wag-profile.name)"
          security: "open"
          security_exempt_list: "<your_own_value> (source user.security-exempt-list.name)"
          security_obsolete_option: "enable"
          security_redirect_url: "<your_own_value>"
          selected_usergroups:
              -
                  name: "default_name_172 (source user.group.name)"
          split_tunneling: "enable"
          ssid: "<your_own_value>"
          sticky_client_remove: "enable"
          sticky_client_threshold_2g: "<your_own_value>"
          sticky_client_threshold_5g: "<your_own_value>"
          sticky_client_threshold_6g: "<your_own_value>"
          target_wake_time: "enable"
          tkip_counter_measure: "enable"
          tunnel_echo_interval: "300"
          tunnel_fallback_interval: "7200"
          usergroup:
              -
                  name: "default_name_184 (source user.group.name)"
          utm_log: "enable"
          utm_profile: "<your_own_value> (source wireless-controller.utm-profile.name)"
          utm_status: "enable"
          vdom: "<your_own_value> (source system.vdom.name)"
          vlan_auto: "enable"
          vlan_name:
              -
                  name: "default_name_191"
                  vlan_id: "<your_own_value>"
          vlan_pool:
              -
                  id: "194"
                  wtp_group: "<your_own_value> (source wireless-controller.wtp-group.name)"
          vlan_pooling: "wtp-group"
          vlanid: "0"
          voice_enterprise: "disable"
          webfilter_profile: "<your_own_value> (source webfilter.profile.name)"

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

build - Build number of the fortigate image returned: always type: str sample: 1547
http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
revision - Internal revision number returned: always type: str sample: 17.0.2.10658
serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
status - Indication of the operation's result returned: always type: str sample: success
vdom - Virtual domain used returned: always type: str sample: root
version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status

This module is not guaranteed to have a backwards compatible interface.

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fortios_wireless_controller_vap.rst

fortios_wireless_controller_vap.rst

fortios_wireless_controller_vap -- Configure Virtual Access Points (VAPs) in Fortinet's FortiOS and FortiGate.

Synopsis

Requirements

Tips

FortiOS Version Compatibility

Parameters

Notes

Examples

Return Values

Status

Authors

	Supported Version Ranges
wireless_controller_vap	`v6.0.0 -> latest`

	Supported Version Ranges
access_control_list	`v6.4.0 -> latest`

	Supported Version Ranges
acct_interim_interval	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
additional_akms	`v7.0.0 -> latest`
[akm6]	`v6.0.0 -> latest`

	Supported Version Ranges
address_group_policy	`v7.2.0 -> latest`
[disable]	`v6.0.0 -> latest`
[allow]	`v6.0.0 -> latest`
[deny]	`v6.0.0 -> latest`

	Supported Version Ranges
alias	`v6.0.0 -> v6.0.11`	`v6.2.3 -> v6.2.3`

	Supported Version Ranges
application_detection_engine	`v7.2.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
application_dscp_marking	`v7.2.1 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
application_report_intv	`v7.2.0 -> latest`

	Supported Version Ranges
auth	`v6.0.0 -> latest`
[radius]	`v6.0.0 -> latest`
[usergroup]	`v6.0.0 -> latest`
[psk]	`v6.0.0 -> v7.4.0`

	Supported Version Ranges
beacon_advertising	`v7.0.2 -> latest`
[name]	`v6.0.0 -> latest`
[model]	`v6.0.0 -> latest`
[serial-number]	`v6.0.0 -> latest`

	Supported Version Ranges
broadcast_ssid	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
bss_color_partial	`v6.4.0 -> v6.4.0`	`v6.4.4 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
bstm_disassociation_imminent	`v7.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
bstm_load_balancing_disassoc_timer	`v7.0.0 -> latest`

	Supported Version Ranges
bstm_rssi_disassoc_timer	`v7.0.0 -> latest`

	Supported Version Ranges
captive_portal_ac_name	`v6.0.0 -> latest`

	Supported Version Ranges
captive_portal_auth_timeout	`v6.4.0 -> latest`

	Supported Version Ranges
captive_portal_fw_accounting	`v7.2.4 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
captive_portal_macauth_radius_secret	`v6.0.0 -> v6.2.7`

Files

fortios_wireless_controller_vap.rst

Latest commit

History

fortios_wireless_controller_vap.rst

File metadata and controls

fortios_wireless_controller_vap -- Configure Virtual Access Points (VAPs) in Fortinet's FortiOS and FortiGate.

	Supported Version Ranges
captive_portal_macauth_radius_server	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
captive_portal_radius_secret	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
captive_portal_radius_server	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
captive_portal_session_timeout_interval	`v6.0.0 -> v6.2.7`

	Supported Version Ranges
dhcp_address_enforcement	`v7.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
dhcp_option43_insertion	`v6.4.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
dhcp_option82_circuit_id_insertion	`v6.0.0 -> latest`
[style-1]	`v6.0.0 -> latest`
[style-2]	`v6.0.0 -> latest`
[style-3]	`v6.4.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
dhcp_option82_insertion	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
dhcp_option82_remote_id_insertion	`v6.0.0 -> latest`
[style-1]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`

	Supported Version Ranges
dynamic_vlan	`v6.0.0 -> latest`
[enable]	`v6.0.0 -> latest`
[disable]	`v6.0.0 -> latest`