Note
This module is part of the fortinet.fortios collection (version 2.4.0).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install fortinet.fortios. You need further requirements to be able to use this module, see Requirements for details.
To use it in a playbook, specify: fortinet.fortios.fortios_wireless_controller_wtp_profile.
New in fortinet.fortios 2.0.0
The below requirements are needed on the host that executes this module.
Parameter | Comments |
|---|---|
access_token string | Token-based authentication. Generated from GUI of Fortigate. |
enable_log boolean | Enable/Disable logging for task. Choices:
|
member_path string | Member attribute path to operate on. Delimited by a slash character if there are more than one attribute. Parameter marked with member_path is legitimate for doing member operation. |
member_state string | Add or delete a member under specified attribute path. When member_state is specified, the state option is ignored. Choices:
|
state string / required | Indicates whether to create or remove the object. Choices:
|
vdom string | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. Default: |
wireless_controller_wtp_profile dictionary | Configure WTP profiles or FortiAP profiles that define radio settings for manageable FortiAP platforms. |
|
admin_auth_tacacs_plus string |
Remote authentication server for admin user. Source user.tacacs+.name. |
|
admin_restrict_local string |
Enable/disable local admin authentication restriction when remote authenticator is up and running . Choices:
|
|
allowaccess list / elements=string |
Control management access to the managed WTP, FortiAP, or AP. Separate entries with a space. Choices:
|
|
ap_country string |
Country in which this WTP, FortiAP, or AP will operate . Choices:
|
|
ap_handoff string |
Enable/disable AP handoff of clients to other APs . Choices:
|
|
apcfg_profile string |
AP local configuration profile name. Source wireless-controller.apcfg-profile.name. |
|
ble_profile string |
Bluetooth Low Energy profile name. Source wireless-controller.ble-profile.name. |
|
bonjour_profile string |
Bonjour profile name. Source wireless-controller.bonjour-profile.name. |
|
comment string |
Comment. |
|
console_login string |
Enable/disable FortiAP console login access . Choices:
|
|
control_message_offload list / elements=string |
Enable/disable CAPWAP control message data channel offload. Choices:
|
|
deny_mac_list list / elements=dictionary |
List of MAC addresses that are denied access to this WTP, FortiAP, or AP. |
|
id integer / required |
ID. see <a href=’#notes’>Notes</a>. |
|
mac string |
A WiFi device with this MAC address is denied access to this WTP, FortiAP or AP. |
|
dtls_in_kernel string |
Enable/disable data channel DTLS in kernel. Choices:
|
|
dtls_policy list / elements=string |
WTP data channel DTLS policy . Choices:
|
|
energy_efficient_ethernet string |
Enable/disable use of energy efficient Ethernet on WTP. Choices:
|
|
esl_ses_dongle dictionary |
ESL SES-imagotag dongle configuration. |
|
apc_addr_type string |
ESL SES-imagotag APC address type . Choices:
|
|
apc_fqdn string |
FQDN of ESL SES-imagotag Access Point Controller (APC). |
|
apc_ip string |
IP address of ESL SES-imagotag Access Point Controller (APC). |
|
apc_port integer |
Port of ESL SES-imagotag Access Point Controller (APC). |
|
coex_level string |
ESL SES-imagotag dongle coexistence level . Choices:
|
|
compliance_level string |
Compliance levels for the ESL solution integration . Choices:
|
|
esl_channel string |
ESL SES-imagotag dongle channel . Choices:
|
|
output_power string |
ESL SES-imagotag dongle output power . Choices:
|
|
scd_enable string |
Enable/disable ESL SES-imagotag Serial Communication Daemon (SCD) . Choices:
|
|
tls_cert_verification string |
Enable/disable TLS certificate verification . Choices:
|
|
tls_fqdn_verification string |
Enable/disable TLS certificate verification . Choices:
|
|
ext_info_enable string |
Enable/disable station/VAP/radio extension information. Choices:
|
|
frequency_handoff string |
Enable/disable frequency handoff of clients to other channels . Choices:
|
|
handoff_roaming string |
Enable/disable client load balancing during roaming to avoid roaming delay . Choices:
|
|
handoff_rssi integer |
Minimum received signal strength indicator (RSSI) value for handoff (20 - 30). |
|
handoff_sta_thresh integer |
Threshold value for AP handoff. |
|
indoor_outdoor_deployment string |
Set to allow indoor/outdoor-only channels under regulatory rules . Choices:
|
|
ip_fragment_preventing list / elements=string |
Method(s) by which IP fragmentation is prevented for control and data packets through CAPWAP tunnel . Choices:
|
|
lan dictionary |
WTP LAN port mapping. |
|
port1_mode string |
LAN port 1 mode. Choices:
|
|
port1_ssid string |
Bridge LAN port 1 to SSID. Source system.interface.name. |
|
port2_mode string |
LAN port 2 mode. Choices:
|
|
port2_ssid string |
Bridge LAN port 2 to SSID. Source system.interface.name. |
|
port3_mode string |
LAN port 3 mode. Choices:
|
|
port3_ssid string |
Bridge LAN port 3 to SSID. Source system.interface.name. |
|
port4_mode string |
LAN port 4 mode. Choices:
|
|
port4_ssid string |
Bridge LAN port 4 to SSID. Source system.interface.name. |
|
port5_mode string |
LAN port 5 mode. Choices:
|
|
port5_ssid string |
Bridge LAN port 5 to SSID. Source system.interface.name. |
|
port6_mode string |
LAN port 6 mode. Choices:
|
|
port6_ssid string |
Bridge LAN port 6 to SSID. Source system.interface.name. |
|
port7_mode string |
LAN port 7 mode. Choices:
|
|
port7_ssid string |
Bridge LAN port 7 to SSID. Source system.interface.name. |
|
port8_mode string |
LAN port 8 mode. Choices:
|
|
port8_ssid string |
Bridge LAN port 8 to SSID. Source system.interface.name. |
|
port_esl_mode string |
ESL port mode. Choices:
|
|
port_esl_ssid string |
Bridge ESL port to SSID. Source system.interface.name. |
|
port_mode string |
LAN port mode. Choices:
|
|
port_ssid string |
Bridge LAN port to SSID. Source system.interface.name. |
|
lbs dictionary |
Set various location based service (LBS) options. |
|
aeroscout string |
Enable/disable AeroScout Real Time Location Service (RTLS) support . Choices:
|
|
aeroscout_ap_mac string |
Use BSSID or board MAC address as AP MAC address in AeroScout AP messages . Choices:
|
|
aeroscout_mmu_report string |
Enable/disable compounded AeroScout tag and MU report . Choices:
|
|
aeroscout_mu string |
Enable/disable AeroScout Mobile Unit (MU) support . Choices:
|
|
aeroscout_mu_factor integer |
AeroScout MU mode dilution factor . |
|
aeroscout_mu_timeout integer |
AeroScout MU mode timeout (0 - 65535 sec). |
|
aeroscout_server_ip string |
IP address of AeroScout server. |
|
aeroscout_server_port integer |
AeroScout server UDP listening port. |
|
ble_rtls string |
Set BLE Real Time Location Service (RTLS) support . Choices:
|
|
ble_rtls_accumulation_interval integer |
Time that measurements should be accumulated in seconds . |
|
ble_rtls_asset_addrgrp_list string |
Tags and asset addrgrp list to be reported. Source firewall.addrgrp.name. |
|
ble_rtls_asset_uuid_list1 string |
Tags and asset UUID list 1 to be reported (string in the format of “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”). |
|
ble_rtls_asset_uuid_list2 string |
Tags and asset UUID list 2 to be reported (string in the format of “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”). |
|
ble_rtls_asset_uuid_list3 string |
Tags and asset UUID list 3 to be reported (string in the format of “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”). |
|
ble_rtls_asset_uuid_list4 string |
Tags and asset UUID list 4 to be reported (string in the format of “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”). |
|
ble_rtls_protocol string |
Select the protocol to report Measurements, Advertising Data, or Location Data to Cloud Server . Choices:
|
|
ble_rtls_reporting_interval integer |
Time between reporting accumulated measurements in seconds . |
|
ble_rtls_server_fqdn string |
FQDN of BLE Real Time Location Service (RTLS) Server. |
|
ble_rtls_server_path string |
Path of BLE Real Time Location Service (RTLS) Server. |
|
ble_rtls_server_port integer |
Port of BLE Real Time Location Service (RTLS) Server . |
|
ble_rtls_server_token string |
Access Token of BLE Real Time Location Service (RTLS) Server. |
|
ekahau_blink_mode string |
Enable/disable Ekahau blink mode (now known as AiRISTA Flow) to track and locate WiFi tags . Choices:
|
|
ekahau_tag string |
WiFi frame MAC address or WiFi Tag. |
|
erc_server_ip string |
IP address of Ekahau RTLS Controller (ERC). |
|
erc_server_port integer |
Ekahau RTLS Controller (ERC) UDP listening port. |
|
fortipresence string |
Enable/disable FortiPresence to monitor the location and activity of WiFi clients even if they don”t connect to this WiFi network . Choices:
|
|
fortipresence_ble string |
Enable/disable FortiPresence finding and reporting BLE devices. Choices:
|
|
fortipresence_frequency integer |
FortiPresence report transmit frequency (5 - 65535 sec). |
|
fortipresence_port integer |
UDP listening port of FortiPresence server . |
|
fortipresence_project string |
FortiPresence project name (max. 16 characters). |
|
fortipresence_rogue string |
Enable/disable FortiPresence finding and reporting rogue APs. Choices:
|
|
fortipresence_secret string |
FortiPresence secret password (max. 16 characters). |
|
fortipresence_server string |
IP address of FortiPresence server. |
|
fortipresence_server_addr_type string |
FortiPresence server address type . Choices:
|
|
fortipresence_server_fqdn string |
FQDN of FortiPresence server. |
|
fortipresence_unassoc string |
Enable/disable FortiPresence finding and reporting unassociated stations. Choices:
|
|
polestar string |
Enable/disable PoleStar BLE NAO Track Real Time Location Service (RTLS) support . Choices:
|
|
polestar_accumulation_interval integer |
Time that measurements should be accumulated in seconds . |
|
polestar_asset_addrgrp_list string |
Tags and asset addrgrp list to be reported. Source firewall.addrgrp.name. |
|
polestar_asset_uuid_list1 string |
Tags and asset UUID list 1 to be reported (string in the format of “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”). |
|
polestar_asset_uuid_list2 string |
Tags and asset UUID list 2 to be reported (string in the format of “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”). |
|
polestar_asset_uuid_list3 string |
Tags and asset UUID list 3 to be reported (string in the format of “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”). |
|
polestar_asset_uuid_list4 string |
Tags and asset UUID list 4 to be reported (string in the format of “XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX”). |
|
polestar_protocol string |
Select the protocol to report Measurements, Advertising Data, or Location Data to NAO Cloud. . Choices:
|
|
polestar_reporting_interval integer |
Time between reporting accumulated measurements in seconds . |
|
polestar_server_fqdn string |
FQDN of PoleStar Nao Track Server . |
|
polestar_server_path string |
Path of PoleStar Nao Track Server . |
|
polestar_server_port integer |
Port of PoleStar Nao Track Server . |
|
polestar_server_token string |
Access Token of PoleStar Nao Track Server. |
|
station_locate string |
Enable/disable client station locating services for all clients, whether associated or not . Choices:
|
|
led_schedules list / elements=dictionary |
Recurring firewall schedules for illuminating LEDs on the FortiAP. If led-state is enabled, LEDs will be visible when at least one of the schedules is valid. Separate multiple schedule names with a space. |
|
name string / required |
Schedule name. Source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name. |
|
led_state string |
Enable/disable use of LEDs on WTP . Choices:
|
|
lldp string |
Enable/disable Link Layer Discovery Protocol (LLDP) for the WTP, FortiAP, or AP . Choices:
|
|
login_passwd string |
Set the managed WTP, FortiAP, or AP”s administrator password. |
|
login_passwd_change string |
Change or reset the administrator password of a managed WTP, FortiAP or AP (yes, default, or no). Choices:
|
|
max_clients integer |
Maximum number of stations (STAs) supported by the WTP . |
|
name string / required |
WTP (or FortiAP or AP) profile name. |
|
platform dictionary |
WTP, FortiAP, or AP platform. |
|
ddscan string |
Enable/disable use of one radio for dedicated full-band scanning to detect RF characterization and wireless threat management. Choices:
|
|
mode string |
Configure operation mode of 5G radios . Choices:
|
|
type string |
WTP, FortiAP or AP platform type. There are built-in WTP profiles for all supported FortiAP models. You can select a built-in profile and customize it or create a new profile. Choices:
|
|
poe_mode string |
Set the WTP, FortiAP, or AP”s PoE mode. Choices:
|
|
radio_1 dictionary |
Configuration options for radio 1. |
|
airtime_fairness string |
Enable/disable airtime fairness . Choices:
|
|
amsdu string |
Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported by your WiFi clients . Choices:
|
|
ap_handoff string |
Enable/disable AP handoff of clients to other APs . Choices:
|
|
ap_sniffer_addr string |
MAC address to monitor. |
|
ap_sniffer_bufsize integer |
Sniffer buffer size (1 - 32 MB). |
|
ap_sniffer_chan integer |
Channel on which to operate the sniffer . |
|
ap_sniffer_chan_width string |
Channel bandwidth for sniffer. Choices:
|
|
ap_sniffer_ctl string |
Enable/disable sniffer on WiFi control frame . Choices:
|
|
ap_sniffer_data string |
Enable/disable sniffer on WiFi data frame . Choices:
|
|
ap_sniffer_mgmt_beacon string |
Enable/disable sniffer on WiFi management Beacon frames . Choices:
|
|
ap_sniffer_mgmt_other string |
Enable/disable sniffer on WiFi management other frames . Choices:
|
|
ap_sniffer_mgmt_probe string |
Enable/disable sniffer on WiFi management probe frames . Choices:
|
|
arrp_profile string |
Distributed Automatic Radio Resource Provisioning (DARRP) profile name to assign to the radio. Source wireless-controller .arrp-profile.name. |
|
auto_power_high integer |
The upper bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). |
|
auto_power_level string |
Enable/disable automatic power-level adjustment to prevent co-channel interference . Choices:
|
|
auto_power_low integer |
The lower bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). |
|
auto_power_target string |
Target of automatic transmit power adjustment in dBm (-95 to -20). |
|
band list / elements=string |
WiFi band that Radio 1 operates on. Choices:
|
|
band_5g_type string |
WiFi 5G band type. Choices:
|
|
bandwidth_admission_control string |
Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize WiFi bandwidth use. A request to join the wireless network is only allowed if the access point has enough bandwidth to support it. Choices:
|
|
bandwidth_capacity integer |
Maximum bandwidth capacity allowed (1 - 600000 Kbps). |
|
beacon_interval integer |
Beacon interval. The time between beacon frames in milliseconds. Actual range of beacon interval depends on the AP platform type . |
|
bss_color integer |
BSS color value for this 11ax radio (0 - 63, disable = 0). |
|
bss_color_mode string |
BSS color mode for this 11ax radio . Choices:
|
|
call_admission_control string |
Enable/disable WiFi multimedia (WMM) call admission control to optimize WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there is enough bandwidth available to support them. Choices:
|
|
call_capacity integer |
Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio (0 - 60). |
|
channel list / elements=dictionary |
Selected list of wireless radio channels. |
|
chan string / required |
Channel number. |
|
channel_bonding string |
Channel bandwidth: 320, 240, 160, 80, 40, or 20MHz. Channels may use both 20 and 40 by enabling coexistence. Choices:
|
|
channel_bonding_ext string |
Channel bandwidth extension: 320 MHz-1 and 320 MHz-2 . Choices:
|
|
channel_utilization string |
Enable/disable measuring channel utilization. Choices:
|
|
coexistence string |
Enable/disable allowing both HT20 and HT40 on the same radio . Choices:
|
|
darrp string |
Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP) to make sure the radio is always using the most optimal channel . Choices:
|
|
drma string |
Enable/disable dynamic radio mode assignment (DRMA) . Choices:
|
|
drma_sensitivity string |
Network Coverage Factor (NCF) percentage required to consider a radio as redundant . Choices:
|
|
dtim integer |
Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save battery life of WiFi client in power-save mode. |
|
frag_threshold integer |
Maximum packet size that can be sent without fragmentation (800 - 2346 bytes). |
|
frequency_handoff string |
Enable/disable frequency handoff of clients to other channels . Choices:
|
|
iperf_protocol string |
Iperf test protocol . Choices:
|
|
iperf_server_port integer |
Iperf service port number. |
|
max_clients integer |
Maximum number of stations (STAs) or WiFi clients supported by the radio. Range depends on the hardware. |
|
max_distance integer |
Maximum expected distance between the AP and clients (0 - 54000 m). |
|
mimo_mode string |
Configure radio MIMO mode . Choices:
|
|
mode string |
Mode of radio 1. Radio 1 can be disabled, configured as an access point, a rogue AP monitor, a sniffer, or a station. Choices:
|
|
optional_antenna string |
Optional antenna used on FAP . Choices:
|
|
optional_antenna_gain string |
Optional antenna gain in dBi (0 to 20). |
|
power_level integer |
Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100). |
|
power_mode string |
Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities. Choices:
|
|
power_value integer |
Radio EIRP power in dBm (1 - 33). |
|
powersave_optimize list / elements=string |
Enable client power-saving features such as TIM, AC VO, and OBSS etc. Choices:
|
|
protection_mode string |
Enable/disable 802.11g protection modes to support backwards compatibility with older clients (rtscts, ctsonly, disable). Choices:
|
|
radio_id integer |
radio-id |
|
rts_threshold integer |
Maximum packet size for RTS transmissions, specifying the maximum size of a data packet before RTS/CTS (256 - 2346 bytes). |
|
sam_bssid string |
BSSID for WiFi network. |
|
sam_ca_certificate string |
CA certificate for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.ca.name. |
|
sam_captive_portal string |
Enable/disable Captive Portal Authentication . Choices:
|
|
sam_client_certificate string |
Client certificate for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.local.name. |
|
sam_cwp_failure_string string |
Failure identification on the page after an incorrect login. |
|
sam_cwp_match_string string |
Identification string from the captive portal login form. |
|
sam_cwp_password string |
Password for captive portal authentication. |
|
sam_cwp_success_string string |
Success identification on the page after a successful login. |
|
sam_cwp_test_url string |
Website the client is trying to access. |
|
sam_cwp_username string |
Username for captive portal authentication. |
|
sam_eap_method string |
Select WPA2/WPA3-ENTERPRISE EAP Method . Choices:
|
|
sam_password string |
Passphrase for WiFi network connection. |
|
sam_private_key string |
Private key for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.local.name. |
|
sam_private_key_password string |
Password for private key file for WPA2/WPA3-ENTERPRISE. |
|
sam_report_intv integer |
SAM report interval (sec), 0 for a one-time report. |
|
sam_security_type string |
Select WiFi network security type . Choices:
|
|
sam_server string |
SAM test server IP address or domain name. |
|
sam_server_fqdn string |
SAM test server domain name. |
|
sam_server_ip string |
SAM test server IP address. |
|
sam_server_type string |
Select SAM server type . Choices:
|
|
sam_ssid string |
SSID for WiFi network. |
|
sam_test string |
Select SAM test type . Choices:
|
|
sam_username string |
Username for WiFi network connection. |
|
set_80211d string |
Enable/disable 802.11d countryie. Choices:
|
|
set_80211mc string |
Enable/disable 802.11mc responder mode . Choices:
|
|
short_guard_interval string |
Use either the short guard interval (Short GI) of 400 ns or the long guard interval (Long GI) of 800 ns. Choices:
|
|
spectrum_analysis string |
Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. Choices:
|
|
transmit_optimize list / elements=string |
Packet transmission optimization options including power saving, aggregation limiting, retry limiting, etc. All are enabled by default. Choices:
|
|
vap_all string |
Configure method for assigning SSIDs to this FortiAP . Choices:
|
|
vaps list / elements=dictionary |
Manually selected list of Virtual Access Points (VAPs). |
|
name string / required |
Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name system.interface.name. |
|
wids_profile string |
Wireless Intrusion Detection System (WIDS) profile name to assign to the radio. Source wireless-controller.wids-profile.name. |
|
zero_wait_dfs string |
Enable/disable zero wait DFS on radio . Choices:
|
|
radio_2 dictionary |
Configuration options for radio 2. |
|
airtime_fairness string |
Enable/disable airtime fairness . Choices:
|
|
amsdu string |
Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported by your WiFi clients . Choices:
|
|
ap_handoff string |
Enable/disable AP handoff of clients to other APs . Choices:
|
|
ap_sniffer_addr string |
MAC address to monitor. |
|
ap_sniffer_bufsize integer |
Sniffer buffer size (1 - 32 MB). |
|
ap_sniffer_chan integer |
Channel on which to operate the sniffer . |
|
ap_sniffer_chan_width string |
Channel bandwidth for sniffer. Choices:
|
|
ap_sniffer_ctl string |
Enable/disable sniffer on WiFi control frame . Choices:
|
|
ap_sniffer_data string |
Enable/disable sniffer on WiFi data frame . Choices:
|
|
ap_sniffer_mgmt_beacon string |
Enable/disable sniffer on WiFi management Beacon frames . Choices:
|
|
ap_sniffer_mgmt_other string |
Enable/disable sniffer on WiFi management other frames . Choices:
|
|
ap_sniffer_mgmt_probe string |
Enable/disable sniffer on WiFi management probe frames . Choices:
|
|
arrp_profile string |
Distributed Automatic Radio Resource Provisioning (DARRP) profile name to assign to the radio. Source wireless-controller .arrp-profile.name. |
|
auto_power_high integer |
The upper bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). |
|
auto_power_level string |
Enable/disable automatic power-level adjustment to prevent co-channel interference . Choices:
|
|
auto_power_low integer |
The lower bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). |
|
auto_power_target string |
Target of automatic transmit power adjustment in dBm (-95 to -20). |
|
band list / elements=string |
WiFi band that Radio 2 operates on. Choices:
|
|
band_5g_type string |
WiFi 5G band type. Choices:
|
|
bandwidth_admission_control string |
Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize WiFi bandwidth use. A request to join the wireless network is only allowed if the access point has enough bandwidth to support it. Choices:
|
|
bandwidth_capacity integer |
Maximum bandwidth capacity allowed (1 - 600000 Kbps). |
|
beacon_interval integer |
Beacon interval. The time between beacon frames in milliseconds. Actual range of beacon interval depends on the AP platform type . |
|
bss_color integer |
BSS color value for this 11ax radio (0 - 63, disable = 0). |
|
bss_color_mode string |
BSS color mode for this 11ax radio . Choices:
|
|
call_admission_control string |
Enable/disable WiFi multimedia (WMM) call admission control to optimize WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there is enough bandwidth available to support them. Choices:
|
|
call_capacity integer |
Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio (0 - 60). |
|
channel list / elements=dictionary |
Selected list of wireless radio channels. |
|
chan string / required |
Channel number. |
|
channel_bonding string |
Channel bandwidth: 320, 240, 160, 80, 40, or 20MHz. Channels may use both 20 and 40 by enabling coexistence. Choices:
|
|
channel_bonding_ext string |
Channel bandwidth extension: 320 MHz-1 and 320 MHz-2 . Choices:
|
|
channel_utilization string |
Enable/disable measuring channel utilization. Choices:
|
|
coexistence string |
Enable/disable allowing both HT20 and HT40 on the same radio . Choices:
|
|
darrp string |
Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP) to make sure the radio is always using the most optimal channel . Choices:
|
|
drma string |
Enable/disable dynamic radio mode assignment (DRMA) . Choices:
|
|
drma_sensitivity string |
Network Coverage Factor (NCF) percentage required to consider a radio as redundant . Choices:
|
|
dtim integer |
Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save battery life of WiFi client in power-save mode. |
|
frag_threshold integer |
Maximum packet size that can be sent without fragmentation (800 - 2346 bytes). |
|
frequency_handoff string |
Enable/disable frequency handoff of clients to other channels . Choices:
|
|
iperf_protocol string |
Iperf test protocol . Choices:
|
|
iperf_server_port integer |
Iperf service port number. |
|
max_clients integer |
Maximum number of stations (STAs) or WiFi clients supported by the radio. Range depends on the hardware. |
|
max_distance integer |
Maximum expected distance between the AP and clients (0 - 54000 m). |
|
mimo_mode string |
Configure radio MIMO mode . Choices:
|
|
mode string |
Mode of radio 2. Radio 2 can be disabled, configured as an access point, a rogue AP monitor, a sniffer, or a station. Choices:
|
|
optional_antenna string |
Optional antenna used on FAP . Choices:
|
|
optional_antenna_gain string |
Optional antenna gain in dBi (0 to 20). |
|
power_level integer |
Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100). |
|
power_mode string |
Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities. Choices:
|
|
power_value integer |
Radio EIRP power in dBm (1 - 33). |
|
powersave_optimize list / elements=string |
Enable client power-saving features such as TIM, AC VO, and OBSS etc. Choices:
|
|
protection_mode string |
Enable/disable 802.11g protection modes to support backwards compatibility with older clients (rtscts, ctsonly, disable). Choices:
|
|
radio_id integer |
radio-id |
|
rts_threshold integer |
Maximum packet size for RTS transmissions, specifying the maximum size of a data packet before RTS/CTS (256 - 2346 bytes). |
|
sam_bssid string |
BSSID for WiFi network. |
|
sam_ca_certificate string |
CA certificate for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.ca.name. |
|
sam_captive_portal string |
Enable/disable Captive Portal Authentication . Choices:
|
|
sam_client_certificate string |
Client certificate for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.local.name. |
|
sam_cwp_failure_string string |
Failure identification on the page after an incorrect login. |
|
sam_cwp_match_string string |
Identification string from the captive portal login form. |
|
sam_cwp_password string |
Password for captive portal authentication. |
|
sam_cwp_success_string string |
Success identification on the page after a successful login. |
|
sam_cwp_test_url string |
Website the client is trying to access. |
|
sam_cwp_username string |
Username for captive portal authentication. |
|
sam_eap_method string |
Select WPA2/WPA3-ENTERPRISE EAP Method . Choices:
|
|
sam_password string |
Passphrase for WiFi network connection. |
|
sam_private_key string |
Private key for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.local.name. |
|
sam_private_key_password string |
Password for private key file for WPA2/WPA3-ENTERPRISE. |
|
sam_report_intv integer |
SAM report interval (sec), 0 for a one-time report. |
|
sam_security_type string |
Select WiFi network security type . Choices:
|
|
sam_server string |
SAM test server IP address or domain name. |
|
sam_server_fqdn string |
SAM test server domain name. |
|
sam_server_ip string |
SAM test server IP address. |
|
sam_server_type string |
Select SAM server type . Choices:
|
|
sam_ssid string |
SSID for WiFi network. |
|
sam_test string |
Select SAM test type . Choices:
|
|
sam_username string |
Username for WiFi network connection. |
|
set_80211d string |
Enable/disable 802.11d countryie. Choices:
|
|
set_80211mc string |
Enable/disable 802.11mc responder mode . Choices:
|
|
short_guard_interval string |
Use either the short guard interval (Short GI) of 400 ns or the long guard interval (Long GI) of 800 ns. Choices:
|
|
spectrum_analysis string |
Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. Choices:
|
|
transmit_optimize list / elements=string |
Packet transmission optimization options including power saving, aggregation limiting, retry limiting, etc. All are enabled by default. Choices:
|
|
vap_all string |
Configure method for assigning SSIDs to this FortiAP . Choices:
|
|
vaps list / elements=dictionary |
Manually selected list of Virtual Access Points (VAPs). |
|
name string / required |
Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name system.interface.name. |
|
wids_profile string |
Wireless Intrusion Detection System (WIDS) profile name to assign to the radio. Source wireless-controller.wids-profile.name. |
|
zero_wait_dfs string |
Enable/disable zero wait DFS on radio . Choices:
|
|
radio_3 dictionary |
Configuration options for radio 3. |
|
airtime_fairness string |
Enable/disable airtime fairness . Choices:
|
|
amsdu string |
Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported by your WiFi clients . Choices:
|
|
ap_handoff string |
Enable/disable AP handoff of clients to other APs . Choices:
|
|
ap_sniffer_addr string |
MAC address to monitor. |
|
ap_sniffer_bufsize integer |
Sniffer buffer size (1 - 32 MB). |
|
ap_sniffer_chan integer |
Channel on which to operate the sniffer . |
|
ap_sniffer_chan_width string |
Channel bandwidth for sniffer. Choices:
|
|
ap_sniffer_ctl string |
Enable/disable sniffer on WiFi control frame . Choices:
|
|
ap_sniffer_data string |
Enable/disable sniffer on WiFi data frame . Choices:
|
|
ap_sniffer_mgmt_beacon string |
Enable/disable sniffer on WiFi management Beacon frames . Choices:
|
|
ap_sniffer_mgmt_other string |
Enable/disable sniffer on WiFi management other frames . Choices:
|
|
ap_sniffer_mgmt_probe string |
Enable/disable sniffer on WiFi management probe frames . Choices:
|
|
arrp_profile string |
Distributed Automatic Radio Resource Provisioning (DARRP) profile name to assign to the radio. Source wireless-controller .arrp-profile.name. |
|
auto_power_high integer |
The upper bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). |
|
auto_power_level string |
Enable/disable automatic power-level adjustment to prevent co-channel interference . Choices:
|
|
auto_power_low integer |
The lower bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). |
|
auto_power_target string |
Target of automatic transmit power adjustment in dBm (-95 to -20). |
|
band list / elements=string |
WiFi band that Radio 3 operates on. Choices:
|
|
band_5g_type string |
WiFi 5G band type. Choices:
|
|
bandwidth_admission_control string |
Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize WiFi bandwidth use. A request to join the wireless network is only allowed if the access point has enough bandwidth to support it. Choices:
|
|
bandwidth_capacity integer |
Maximum bandwidth capacity allowed (1 - 600000 Kbps). |
|
beacon_interval integer |
Beacon interval. The time between beacon frames in milliseconds. Actual range of beacon interval depends on the AP platform type . |
|
bss_color integer |
BSS color value for this 11ax radio (0 - 63, disable = 0). |
|
bss_color_mode string |
BSS color mode for this 11ax radio . Choices:
|
|
call_admission_control string |
Enable/disable WiFi multimedia (WMM) call admission control to optimize WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there is enough bandwidth available to support them. Choices:
|
|
call_capacity integer |
Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio (0 - 60). |
|
channel list / elements=dictionary |
Selected list of wireless radio channels. |
|
chan string / required |
Channel number. |
|
channel_bonding string |
Channel bandwidth: 320, 240, 160, 80, 40, or 20MHz. Channels may use both 20 and 40 by enabling coexistence. Choices:
|
|
channel_bonding_ext string |
Channel bandwidth extension: 320 MHz-1 and 320 MHz-2 . Choices:
|
|
channel_utilization string |
Enable/disable measuring channel utilization. Choices:
|
|
coexistence string |
Enable/disable allowing both HT20 and HT40 on the same radio . Choices:
|
|
darrp string |
Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP) to make sure the radio is always using the most optimal channel . Choices:
|
|
drma string |
Enable/disable dynamic radio mode assignment (DRMA) . Choices:
|
|
drma_sensitivity string |
Network Coverage Factor (NCF) percentage required to consider a radio as redundant . Choices:
|
|
dtim integer |
Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save battery life of WiFi client in power-save mode. |
|
frag_threshold integer |
Maximum packet size that can be sent without fragmentation (800 - 2346 bytes). |
|
frequency_handoff string |
Enable/disable frequency handoff of clients to other channels . Choices:
|
|
iperf_protocol string |
Iperf test protocol . Choices:
|
|
iperf_server_port integer |
Iperf service port number. |
|
max_clients integer |
Maximum number of stations (STAs) or WiFi clients supported by the radio. Range depends on the hardware. |
|
max_distance integer |
Maximum expected distance between the AP and clients (0 - 54000 m). |
|
mimo_mode string |
Configure radio MIMO mode . Choices:
|
|
mode string |
Mode of radio 3. Radio 3 can be disabled, configured as an access point, a rogue AP monitor, a sniffer, or a station. Choices:
|
|
optional_antenna string |
Optional antenna used on FAP . Choices:
|
|
optional_antenna_gain string |
Optional antenna gain in dBi (0 to 20). |
|
power_level integer |
Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100). |
|
power_mode string |
Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities. Choices:
|
|
power_value integer |
Radio EIRP power in dBm (1 - 33). |
|
powersave_optimize list / elements=string |
Enable client power-saving features such as TIM, AC VO, and OBSS etc. Choices:
|
|
protection_mode string |
Enable/disable 802.11g protection modes to support backwards compatibility with older clients (rtscts, ctsonly, disable). Choices:
|
|
radio_id integer |
radio-id |
|
rts_threshold integer |
Maximum packet size for RTS transmissions, specifying the maximum size of a data packet before RTS/CTS (256 - 2346 bytes). |
|
sam_bssid string |
BSSID for WiFi network. |
|
sam_ca_certificate string |
CA certificate for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.ca.name. |
|
sam_captive_portal string |
Enable/disable Captive Portal Authentication . Choices:
|
|
sam_client_certificate string |
Client certificate for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.local.name. |
|
sam_cwp_failure_string string |
Failure identification on the page after an incorrect login. |
|
sam_cwp_match_string string |
Identification string from the captive portal login form. |
|
sam_cwp_password string |
Password for captive portal authentication. |
|
sam_cwp_success_string string |
Success identification on the page after a successful login. |
|
sam_cwp_test_url string |
Website the client is trying to access. |
|
sam_cwp_username string |
Username for captive portal authentication. |
|
sam_eap_method string |
Select WPA2/WPA3-ENTERPRISE EAP Method . Choices:
|
|
sam_password string |
Passphrase for WiFi network connection. |
|
sam_private_key string |
Private key for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.local.name. |
|
sam_private_key_password string |
Password for private key file for WPA2/WPA3-ENTERPRISE. |
|
sam_report_intv integer |
SAM report interval (sec), 0 for a one-time report. |
|
sam_security_type string |
Select WiFi network security type . Choices:
|
|
sam_server string |
SAM test server IP address or domain name. |
|
sam_server_fqdn string |
SAM test server domain name. |
|
sam_server_ip string |
SAM test server IP address. |
|
sam_server_type string |
Select SAM server type . Choices:
|
|
sam_ssid string |
SSID for WiFi network. |
|
sam_test string |
Select SAM test type . Choices:
|
|
sam_username string |
Username for WiFi network connection. |
|
set_80211d string |
Enable/disable 802.11d countryie. Choices:
|
|
set_80211mc string |
Enable/disable 802.11mc responder mode . Choices:
|
|
short_guard_interval string |
Use either the short guard interval (Short GI) of 400 ns or the long guard interval (Long GI) of 800 ns. Choices:
|
|
spectrum_analysis string |
Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. Choices:
|
|
transmit_optimize list / elements=string |
Packet transmission optimization options including power saving, aggregation limiting, retry limiting, etc. All are enabled by default. Choices:
|
|
vap_all string |
Configure method for assigning SSIDs to this FortiAP . Choices:
|
|
vaps list / elements=dictionary |
Manually selected list of Virtual Access Points (VAPs). |
|
name string / required |
Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name system.interface.name. |
|
wids_profile string |
Wireless Intrusion Detection System (WIDS) profile name to assign to the radio. Source wireless-controller.wids-profile.name. |
|
zero_wait_dfs string |
Enable/disable zero wait DFS on radio . Choices:
|
|
radio_4 dictionary |
Configuration options for radio 4. |
|
airtime_fairness string |
Enable/disable airtime fairness . Choices:
|
|
amsdu string |
Enable/disable 802.11n AMSDU support. AMSDU can improve performance if supported by your WiFi clients . Choices:
|
|
ap_handoff string |
Enable/disable AP handoff of clients to other APs . Choices:
|
|
ap_sniffer_addr string |
MAC address to monitor. |
|
ap_sniffer_bufsize integer |
Sniffer buffer size (1 - 32 MB). |
|
ap_sniffer_chan integer |
Channel on which to operate the sniffer . |
|
ap_sniffer_chan_width string |
Channel bandwidth for sniffer. Choices:
|
|
ap_sniffer_ctl string |
Enable/disable sniffer on WiFi control frame . Choices:
|
|
ap_sniffer_data string |
Enable/disable sniffer on WiFi data frame . Choices:
|
|
ap_sniffer_mgmt_beacon string |
Enable/disable sniffer on WiFi management Beacon frames . Choices:
|
|
ap_sniffer_mgmt_other string |
Enable/disable sniffer on WiFi management other frames . Choices:
|
|
ap_sniffer_mgmt_probe string |
Enable/disable sniffer on WiFi management probe frames . Choices:
|
|
arrp_profile string |
Distributed Automatic Radio Resource Provisioning (DARRP) profile name to assign to the radio. Source wireless-controller .arrp-profile.name. |
|
auto_power_high integer |
The upper bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). |
|
auto_power_level string |
Enable/disable automatic power-level adjustment to prevent co-channel interference . Choices:
|
|
auto_power_low integer |
The lower bound of automatic transmit power adjustment in dBm (the actual range of transmit power depends on the AP platform type). |
|
auto_power_target string |
Target of automatic transmit power adjustment in dBm (-95 to -20). |
|
band list / elements=string |
WiFi band that Radio 4 operates on. Choices:
|
|
band_5g_type string |
WiFi 5G band type. Choices:
|
|
bandwidth_admission_control string |
Enable/disable WiFi multimedia (WMM) bandwidth admission control to optimize WiFi bandwidth use. A request to join the wireless network is only allowed if the access point has enough bandwidth to support it. Choices:
|
|
bandwidth_capacity integer |
Maximum bandwidth capacity allowed (1 - 600000 Kbps). |
|
beacon_interval integer |
Beacon interval. The time between beacon frames in milliseconds. Actual range of beacon interval depends on the AP platform type . |
|
bss_color integer |
BSS color value for this 11ax radio (0 - 63, disable = 0). |
|
bss_color_mode string |
BSS color mode for this 11ax radio . Choices:
|
|
call_admission_control string |
Enable/disable WiFi multimedia (WMM) call admission control to optimize WiFi bandwidth use for VoIP calls. New VoIP calls are only accepted if there is enough bandwidth available to support them. Choices:
|
|
call_capacity integer |
Maximum number of Voice over WLAN (VoWLAN) phones supported by the radio (0 - 60). |
|
channel list / elements=dictionary |
Selected list of wireless radio channels. |
|
chan string / required |
Channel number. |
|
channel_bonding string |
Channel bandwidth: 320, 240, 160, 80, 40, or 20MHz. Channels may use both 20 and 40 by enabling coexistence. Choices:
|
|
channel_bonding_ext string |
Channel bandwidth extension: 320 MHz-1 and 320 MHz-2 . Choices:
|
|
channel_utilization string |
Enable/disable measuring channel utilization. Choices:
|
|
coexistence string |
Enable/disable allowing both HT20 and HT40 on the same radio . Choices:
|
|
darrp string |
Enable/disable Distributed Automatic Radio Resource Provisioning (DARRP) to make sure the radio is always using the most optimal channel . Choices:
|
|
drma string |
Enable/disable dynamic radio mode assignment (DRMA) . Choices:
|
|
drma_sensitivity string |
Network Coverage Factor (NCF) percentage required to consider a radio as redundant . Choices:
|
|
dtim integer |
Delivery Traffic Indication Map (DTIM) period (1 - 255). Set higher to save battery life of WiFi client in power-save mode. |
|
frag_threshold integer |
Maximum packet size that can be sent without fragmentation (800 - 2346 bytes). |
|
frequency_handoff string |
Enable/disable frequency handoff of clients to other channels . Choices:
|
|
iperf_protocol string |
Iperf test protocol . Choices:
|
|
iperf_server_port integer |
Iperf service port number. |
|
max_clients integer |
Maximum number of stations (STAs) or WiFi clients supported by the radio. Range depends on the hardware. |
|
max_distance integer |
Maximum expected distance between the AP and clients (0 - 54000 m). |
|
mimo_mode string |
Configure radio MIMO mode . Choices:
|
|
mode string |
Mode of radio 4. Radio 4 can be disabled, configured as an access point, a rogue AP monitor, a sniffer, or a station. Choices:
|
|
optional_antenna string |
Optional antenna used on FAP . Choices:
|
|
optional_antenna_gain string |
Optional antenna gain in dBi (0 to 20). |
|
power_level integer |
Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100). |
|
power_mode string |
Set radio effective isotropic radiated power (EIRP) in dBm or by a percentage of the maximum EIRP . This power takes into account both radio transmit power and antenna gain. Higher power level settings may be constrained by local regulatory requirements and AP capabilities. Choices:
|
|
power_value integer |
Radio EIRP power in dBm (1 - 33). |
|
powersave_optimize list / elements=string |
Enable client power-saving features such as TIM, AC VO, and OBSS etc. Choices:
|
|
protection_mode string |
Enable/disable 802.11g protection modes to support backwards compatibility with older clients (rtscts, ctsonly, disable). Choices:
|
|
rts_threshold integer |
Maximum packet size for RTS transmissions, specifying the maximum size of a data packet before RTS/CTS (256 - 2346 bytes). |
|
sam_bssid string |
BSSID for WiFi network. |
|
sam_ca_certificate string |
CA certificate for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.ca.name. |
|
sam_captive_portal string |
Enable/disable Captive Portal Authentication . Choices:
|
|
sam_client_certificate string |
Client certificate for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.local.name. |
|
sam_cwp_failure_string string |
Failure identification on the page after an incorrect login. |
|
sam_cwp_match_string string |
Identification string from the captive portal login form. |
|
sam_cwp_password string |
Password for captive portal authentication. |
|
sam_cwp_success_string string |
Success identification on the page after a successful login. |
|
sam_cwp_test_url string |
Website the client is trying to access. |
|
sam_cwp_username string |
Username for captive portal authentication. |
|
sam_eap_method string |
Select WPA2/WPA3-ENTERPRISE EAP Method . Choices:
|
|
sam_password string |
Passphrase for WiFi network connection. |
|
sam_private_key string |
Private key for WPA2/WPA3-ENTERPRISE. Source vpn.certificate.local.name. |
|
sam_private_key_password string |
Password for private key file for WPA2/WPA3-ENTERPRISE. |
|
sam_report_intv integer |
SAM report interval (sec), 0 for a one-time report. |
|
sam_security_type string |
Select WiFi network security type . Choices:
|
|
sam_server string |
SAM test server IP address or domain name. |
|
sam_server_fqdn string |
SAM test server domain name. |
|
sam_server_ip string |
SAM test server IP address. |
|
sam_server_type string |
Select SAM server type . Choices:
|
|
sam_ssid string |
SSID for WiFi network. |
|
sam_test string |
Select SAM test type . Choices:
|
|
sam_username string |
Username for WiFi network connection. |
|
set_80211d string |
Enable/disable 802.11d countryie. Choices:
|
|
set_80211mc string |
Enable/disable 802.11mc responder mode . Choices:
|
|
short_guard_interval string |
Use either the short guard interval (Short GI) of 400 ns or the long guard interval (Long GI) of 800 ns. Choices:
|
|
spectrum_analysis string |
Enable/disable spectrum analysis to find interference that would negatively impact wireless performance. Choices:
|
|
transmit_optimize list / elements=string |
Packet transmission optimization options including power saving, aggregation limiting, retry limiting, etc. All are enabled by default. Choices:
|
|
vap_all string |
Configure method for assigning SSIDs to this FortiAP . Choices:
|
|
vaps list / elements=dictionary |
Manually selected list of Virtual Access Points (VAPs). |
|
name string / required |
Virtual Access Point (VAP) name. Source wireless-controller.vap-group.name system.interface.name. |
|
wids_profile string |
Wireless Intrusion Detection System (WIDS) profile name to assign to the radio. Source wireless-controller.wids-profile.name. |
|
zero_wait_dfs string |
Enable/disable zero wait DFS on radio . Choices:
|
|
split_tunneling_acl list / elements=dictionary |
Split tunneling ACL filter list. |
|
dest_ip string |
Destination IP and mask for the split-tunneling subnet. |
|
id integer / required |
ID. see <a href=’#notes’>Notes</a>. |
|
split_tunneling_acl_local_ap_subnet string |
Enable/disable automatically adding local subnetwork of FortiAP to split-tunneling ACL . Choices:
|
|
split_tunneling_acl_path string |
Split tunneling ACL path is local/tunnel. Choices:
|
|
syslog_profile string |
System log server configuration profile name. Source wireless-controller.syslog-profile.name. |
|
tun_mtu_downlink integer |
The MTU of downlink CAPWAP tunnel (576 - 1500 bytes or 0; 0 means the local MTU of FortiAP; ). |
|
tun_mtu_uplink integer |
The maximum transmission unit (MTU) of uplink CAPWAP tunnel (576 - 1500 bytes or 0; 0 means the local MTU of FortiAP; ). |
|
unii_4_5ghz_band string |
Enable/disable UNII-4 5Ghz band channels . Choices:
|
|
usb_port string |
Enable/disable USB port of the WTP . Choices:
|
|
wan_port_auth string |
Set WAN port authentication mode . Choices:
|
|
wan_port_auth_macsec string |
Enable/disable WAN port 802.1x supplicant MACsec policy . Choices:
|
|
wan_port_auth_methods string |
WAN port 802.1x supplicant EAP methods . Choices:
|
|
wan_port_auth_password string |
Set WAN port 802.1x supplicant password. |
|
wan_port_auth_usrname string |
Set WAN port 802.1x supplicant user name. |
|
wan_port_mode string |
Enable/disable using a WAN port as a LAN port. Choices:
|
Note
- name: Configure WTP profiles or FortiAP profiles that define radio settings for manageable FortiAP platforms.
fortinet.fortios.fortios_wireless_controller_wtp_profile:
vdom: "{{ vdom }}"
state: "present"
access_token: "<your_own_value>"
wireless_controller_wtp_profile:
admin_auth_tacacs_plus: "<your_own_value> (source user.tacacs+.name)"
admin_restrict_local: "enable"
allowaccess: "https"
ap_country: "--"
ap_handoff: "enable"
apcfg_profile: "<your_own_value> (source wireless-controller.apcfg-profile.name)"
ble_profile: "<your_own_value> (source wireless-controller.ble-profile.name)"
bonjour_profile: "<your_own_value> (source wireless-controller.bonjour-profile.name)"
comment: "Comment."
console_login: "enable"
control_message_offload: "ebp-frame"
deny_mac_list:
-
id: "15"
mac: "<your_own_value>"
dtls_in_kernel: "enable"
dtls_policy: "clear-text"
energy_efficient_ethernet: "enable"
esl_ses_dongle:
apc_addr_type: "fqdn"
apc_fqdn: "<your_own_value>"
apc_ip: "<your_own_value>"
apc_port: "0"
coex_level: "none"
compliance_level: "compliance-level-2"
esl_channel: "-1"
output_power: "a"
scd_enable: "enable"
tls_cert_verification: "enable"
tls_fqdn_verification: "enable"
ext_info_enable: "enable"
frequency_handoff: "enable"
handoff_roaming: "enable"
handoff_rssi: "25"
handoff_sta_thresh: "0"
indoor_outdoor_deployment: "platform-determined"
ip_fragment_preventing: "tcp-mss-adjust"
lan:
port_esl_mode: "offline"
port_esl_ssid: "<your_own_value> (source system.interface.name)"
port_mode: "offline"
port_ssid: "<your_own_value> (source system.interface.name)"
port1_mode: "offline"
port1_ssid: "<your_own_value> (source system.interface.name)"
port2_mode: "offline"
port2_ssid: "<your_own_value> (source system.interface.name)"
port3_mode: "offline"
port3_ssid: "<your_own_value> (source system.interface.name)"
port4_mode: "offline"
port4_ssid: "<your_own_value> (source system.interface.name)"
port5_mode: "offline"
port5_ssid: "<your_own_value> (source system.interface.name)"
port6_mode: "offline"
port6_ssid: "<your_own_value> (source system.interface.name)"
port7_mode: "offline"
port7_ssid: "<your_own_value> (source system.interface.name)"
port8_mode: "offline"
port8_ssid: "<your_own_value> (source system.interface.name)"
lbs:
aeroscout: "enable"
aeroscout_ap_mac: "bssid"
aeroscout_mmu_report: "enable"
aeroscout_mu: "enable"
aeroscout_mu_factor: "20"
aeroscout_mu_timeout: "5"
aeroscout_server_ip: "<your_own_value>"
aeroscout_server_port: "0"
ble_rtls: "none"
ble_rtls_accumulation_interval: "2"
ble_rtls_asset_addrgrp_list: "<your_own_value> (source firewall.addrgrp.name)"
ble_rtls_asset_uuid_list1: "<your_own_value>"
ble_rtls_asset_uuid_list2: "<your_own_value>"
ble_rtls_asset_uuid_list3: "<your_own_value>"
ble_rtls_asset_uuid_list4: "<your_own_value>"
ble_rtls_protocol: "WSS"
ble_rtls_reporting_interval: "2"
ble_rtls_server_fqdn: "<your_own_value>"
ble_rtls_server_path: "<your_own_value>"
ble_rtls_server_port: "443"
ble_rtls_server_token: "<your_own_value>"
ekahau_blink_mode: "enable"
ekahau_tag: "<your_own_value>"
erc_server_ip: "<your_own_value>"
erc_server_port: "8569"
fortipresence: "foreign"
fortipresence_ble: "enable"
fortipresence_frequency: "30"
fortipresence_port: "3000"
fortipresence_project: "<your_own_value>"
fortipresence_rogue: "enable"
fortipresence_secret: "<your_own_value>"
fortipresence_server: "<your_own_value>"
fortipresence_server_addr_type: "ipv4"
fortipresence_server_fqdn: "<your_own_value>"
fortipresence_unassoc: "enable"
polestar: "enable"
polestar_accumulation_interval: "2"
polestar_asset_addrgrp_list: "<your_own_value> (source firewall.addrgrp.name)"
polestar_asset_uuid_list1: "<your_own_value>"
polestar_asset_uuid_list2: "<your_own_value>"
polestar_asset_uuid_list3: "<your_own_value>"
polestar_asset_uuid_list4: "<your_own_value>"
polestar_protocol: "WSS"
polestar_reporting_interval: "2"
polestar_server_fqdn: "<your_own_value>"
polestar_server_path: "<your_own_value>"
polestar_server_port: "443"
polestar_server_token: "<your_own_value>"
station_locate: "enable"
led_schedules:
-
name: "default_name_112 (source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name)"
led_state: "enable"
lldp: "enable"
login_passwd: "<your_own_value>"
login_passwd_change: "yes"
max_clients: "0"
name: "default_name_118"
platform:
ddscan: "enable"
mode: "single-5G"
type: "AP-11N"
poe_mode: "auto"
radio_1:
airtime_fairness: "enable"
amsdu: "enable"
ap_handoff: "enable"
ap_sniffer_addr: "<your_own_value>"
ap_sniffer_bufsize: "16"
ap_sniffer_chan: "36"
ap_sniffer_chan_width: "320MHz"
ap_sniffer_ctl: "enable"
ap_sniffer_data: "enable"
ap_sniffer_mgmt_beacon: "enable"
ap_sniffer_mgmt_other: "enable"
ap_sniffer_mgmt_probe: "enable"
arrp_profile: "<your_own_value> (source wireless-controller.arrp-profile.name)"
auto_power_high: "17"
auto_power_level: "enable"
auto_power_low: "10"
auto_power_target: "<your_own_value>"
band: "802.11a"
band_5g_type: "5g-full"
bandwidth_admission_control: "enable"
bandwidth_capacity: "2000"
beacon_interval: "100"
bss_color: "0"
bss_color_mode: "auto"
call_admission_control: "enable"
call_capacity: "10"
channel:
-
chan: "<your_own_value>"
channel_bonding: "320MHz"
channel_bonding_ext: "320MHz-1"
channel_utilization: "enable"
coexistence: "enable"
darrp: "enable"
drma: "disable"
drma_sensitivity: "low"
dtim: "1"
frag_threshold: "2346"
frequency_handoff: "enable"
iperf_protocol: "udp"
iperf_server_port: "5001"
max_clients: "0"
max_distance: "0"
mimo_mode: "default"
mode: "disabled"
optional_antenna: "none"
optional_antenna_gain: "<your_own_value>"
power_level: "100"
power_mode: "dBm"
power_value: "27"
powersave_optimize: "tim"
protection_mode: "rtscts"
radio_id: "2"
rts_threshold: "2346"
sam_bssid: "<your_own_value>"
sam_ca_certificate: "<your_own_value> (source vpn.certificate.ca.name)"
sam_captive_portal: "enable"
sam_client_certificate: "<your_own_value> (source vpn.certificate.local.name)"
sam_cwp_failure_string: "<your_own_value>"
sam_cwp_match_string: "<your_own_value>"
sam_cwp_password: "<your_own_value>"
sam_cwp_success_string: "<your_own_value>"
sam_cwp_test_url: "<your_own_value>"
sam_cwp_username: "<your_own_value>"
sam_eap_method: "both"
sam_password: "<your_own_value>"
sam_private_key: "<your_own_value> (source vpn.certificate.local.name)"
sam_private_key_password: "<your_own_value>"
sam_report_intv: "0"
sam_security_type: "open"
sam_server: "<your_own_value>"
sam_server_fqdn: "<your_own_value>"
sam_server_ip: "<your_own_value>"
sam_server_type: "ip"
sam_ssid: "<your_own_value>"
sam_test: "ping"
sam_username: "<your_own_value>"
set_80211d: "enable"
set_80211mc: "enable"
short_guard_interval: "enable"
spectrum_analysis: "enable"
transmit_optimize: "disable"
vap_all: "tunnel"
vaps:
-
name: "default_name_208 (source wireless-controller.vap-group.name system.interface.name)"
wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
zero_wait_dfs: "enable"
radio_2:
airtime_fairness: "enable"
amsdu: "enable"
ap_handoff: "enable"
ap_sniffer_addr: "<your_own_value>"
ap_sniffer_bufsize: "16"
ap_sniffer_chan: "6"
ap_sniffer_chan_width: "320MHz"
ap_sniffer_ctl: "enable"
ap_sniffer_data: "enable"
ap_sniffer_mgmt_beacon: "enable"
ap_sniffer_mgmt_other: "enable"
ap_sniffer_mgmt_probe: "enable"
arrp_profile: "<your_own_value> (source wireless-controller.arrp-profile.name)"
auto_power_high: "17"
auto_power_level: "enable"
auto_power_low: "10"
auto_power_target: "<your_own_value>"
band: "802.11a"
band_5g_type: "5g-full"
bandwidth_admission_control: "enable"
bandwidth_capacity: "2000"
beacon_interval: "100"
bss_color: "0"
bss_color_mode: "auto"
call_admission_control: "enable"
call_capacity: "10"
channel:
-
chan: "<your_own_value>"
channel_bonding: "320MHz"
channel_bonding_ext: "320MHz-1"
channel_utilization: "enable"
coexistence: "enable"
darrp: "enable"
drma: "disable"
drma_sensitivity: "low"
dtim: "1"
frag_threshold: "2346"
frequency_handoff: "enable"
iperf_protocol: "udp"
iperf_server_port: "5001"
max_clients: "0"
max_distance: "0"
mimo_mode: "default"
mode: "disabled"
optional_antenna: "none"
optional_antenna_gain: "<your_own_value>"
power_level: "100"
power_mode: "dBm"
power_value: "27"
powersave_optimize: "tim"
protection_mode: "rtscts"
radio_id: "2"
rts_threshold: "2346"
sam_bssid: "<your_own_value>"
sam_ca_certificate: "<your_own_value> (source vpn.certificate.ca.name)"
sam_captive_portal: "enable"
sam_client_certificate: "<your_own_value> (source vpn.certificate.local.name)"
sam_cwp_failure_string: "<your_own_value>"
sam_cwp_match_string: "<your_own_value>"
sam_cwp_password: "<your_own_value>"
sam_cwp_success_string: "<your_own_value>"
sam_cwp_test_url: "<your_own_value>"
sam_cwp_username: "<your_own_value>"
sam_eap_method: "both"
sam_password: "<your_own_value>"
sam_private_key: "<your_own_value> (source vpn.certificate.local.name)"
sam_private_key_password: "<your_own_value>"
sam_report_intv: "0"
sam_security_type: "open"
sam_server: "<your_own_value>"
sam_server_fqdn: "<your_own_value>"
sam_server_ip: "<your_own_value>"
sam_server_type: "ip"
sam_ssid: "<your_own_value>"
sam_test: "ping"
sam_username: "<your_own_value>"
set_80211d: "enable"
set_80211mc: "enable"
short_guard_interval: "enable"
spectrum_analysis: "enable"
transmit_optimize: "disable"
vap_all: "tunnel"
vaps:
-
name: "default_name_295 (source wireless-controller.vap-group.name system.interface.name)"
wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
zero_wait_dfs: "enable"
radio_3:
airtime_fairness: "enable"
amsdu: "enable"
ap_handoff: "enable"
ap_sniffer_addr: "<your_own_value>"
ap_sniffer_bufsize: "16"
ap_sniffer_chan: "37"
ap_sniffer_chan_width: "320MHz"
ap_sniffer_ctl: "enable"
ap_sniffer_data: "enable"
ap_sniffer_mgmt_beacon: "enable"
ap_sniffer_mgmt_other: "enable"
ap_sniffer_mgmt_probe: "enable"
arrp_profile: "<your_own_value> (source wireless-controller.arrp-profile.name)"
auto_power_high: "17"
auto_power_level: "enable"
auto_power_low: "10"
auto_power_target: "<your_own_value>"
band: "802.11a"
band_5g_type: "5g-full"
bandwidth_admission_control: "enable"
bandwidth_capacity: "2000"
beacon_interval: "100"
bss_color: "0"
bss_color_mode: "auto"
call_admission_control: "enable"
call_capacity: "10"
channel:
-
chan: "<your_own_value>"
channel_bonding: "320MHz"
channel_bonding_ext: "320MHz-1"
channel_utilization: "enable"
coexistence: "enable"
darrp: "enable"
drma: "disable"
drma_sensitivity: "low"
dtim: "1"
frag_threshold: "2346"
frequency_handoff: "enable"
iperf_protocol: "udp"
iperf_server_port: "5001"
max_clients: "0"
max_distance: "0"
mimo_mode: "default"
mode: "disabled"
optional_antenna: "none"
optional_antenna_gain: "<your_own_value>"
power_level: "100"
power_mode: "dBm"
power_value: "27"
powersave_optimize: "tim"
protection_mode: "rtscts"
radio_id: "2"
rts_threshold: "2346"
sam_bssid: "<your_own_value>"
sam_ca_certificate: "<your_own_value> (source vpn.certificate.ca.name)"
sam_captive_portal: "enable"
sam_client_certificate: "<your_own_value> (source vpn.certificate.local.name)"
sam_cwp_failure_string: "<your_own_value>"
sam_cwp_match_string: "<your_own_value>"
sam_cwp_password: "<your_own_value>"
sam_cwp_success_string: "<your_own_value>"
sam_cwp_test_url: "<your_own_value>"
sam_cwp_username: "<your_own_value>"
sam_eap_method: "both"
sam_password: "<your_own_value>"
sam_private_key: "<your_own_value> (source vpn.certificate.local.name)"
sam_private_key_password: "<your_own_value>"
sam_report_intv: "0"
sam_security_type: "open"
sam_server: "<your_own_value>"
sam_server_fqdn: "<your_own_value>"
sam_server_ip: "<your_own_value>"
sam_server_type: "ip"
sam_ssid: "<your_own_value>"
sam_test: "ping"
sam_username: "<your_own_value>"
set_80211d: "enable"
set_80211mc: "enable"
short_guard_interval: "enable"
spectrum_analysis: "enable"
transmit_optimize: "disable"
vap_all: "tunnel"
vaps:
-
name: "default_name_382 (source wireless-controller.vap-group.name system.interface.name)"
wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
zero_wait_dfs: "enable"
radio_4:
airtime_fairness: "enable"
amsdu: "enable"
ap_handoff: "enable"
ap_sniffer_addr: "<your_own_value>"
ap_sniffer_bufsize: "16"
ap_sniffer_chan: "6"
ap_sniffer_chan_width: "320MHz"
ap_sniffer_ctl: "enable"
ap_sniffer_data: "enable"
ap_sniffer_mgmt_beacon: "enable"
ap_sniffer_mgmt_other: "enable"
ap_sniffer_mgmt_probe: "enable"
arrp_profile: "<your_own_value> (source wireless-controller.arrp-profile.name)"
auto_power_high: "17"
auto_power_level: "enable"
auto_power_low: "10"
auto_power_target: "<your_own_value>"
band: "802.11a"
band_5g_type: "5g-full"
bandwidth_admission_control: "enable"
bandwidth_capacity: "2000"
beacon_interval: "100"
bss_color: "0"
bss_color_mode: "auto"
call_admission_control: "enable"
call_capacity: "10"
channel:
-
chan: "<your_own_value>"
channel_bonding: "320MHz"
channel_bonding_ext: "320MHz-1"
channel_utilization: "enable"
coexistence: "enable"
darrp: "enable"
drma: "disable"
drma_sensitivity: "low"
dtim: "1"
frag_threshold: "2346"
frequency_handoff: "enable"
iperf_protocol: "udp"
iperf_server_port: "5001"
max_clients: "0"
max_distance: "0"
mimo_mode: "default"
mode: "disabled"
optional_antenna: "none"
optional_antenna_gain: "<your_own_value>"
power_level: "100"
power_mode: "dBm"
power_value: "27"
powersave_optimize: "tim"
protection_mode: "rtscts"
rts_threshold: "2346"
sam_bssid: "<your_own_value>"
sam_ca_certificate: "<your_own_value> (source vpn.certificate.ca.name)"
sam_captive_portal: "enable"
sam_client_certificate: "<your_own_value> (source vpn.certificate.local.name)"
sam_cwp_failure_string: "<your_own_value>"
sam_cwp_match_string: "<your_own_value>"
sam_cwp_password: "<your_own_value>"
sam_cwp_success_string: "<your_own_value>"
sam_cwp_test_url: "<your_own_value>"
sam_cwp_username: "<your_own_value>"
sam_eap_method: "both"
sam_password: "<your_own_value>"
sam_private_key: "<your_own_value> (source vpn.certificate.local.name)"
sam_private_key_password: "<your_own_value>"
sam_report_intv: "0"
sam_security_type: "open"
sam_server: "<your_own_value>"
sam_server_fqdn: "<your_own_value>"
sam_server_ip: "<your_own_value>"
sam_server_type: "ip"
sam_ssid: "<your_own_value>"
sam_test: "ping"
sam_username: "<your_own_value>"
set_80211d: "enable"
set_80211mc: "enable"
short_guard_interval: "enable"
spectrum_analysis: "enable"
transmit_optimize: "disable"
vap_all: "tunnel"
vaps:
-
name: "default_name_468 (source wireless-controller.vap-group.name system.interface.name)"
wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)"
zero_wait_dfs: "enable"
split_tunneling_acl:
-
dest_ip: "<your_own_value>"
id: "473"
split_tunneling_acl_local_ap_subnet: "enable"
split_tunneling_acl_path: "tunnel"
syslog_profile: "<your_own_value> (source wireless-controller.syslog-profile.name)"
tun_mtu_downlink: "0"
tun_mtu_uplink: "0"
unii_4_5ghz_band: "enable"
usb_port: "enable"
wan_port_auth: "none"
wan_port_auth_macsec: "enable"
wan_port_auth_methods: "all"
wan_port_auth_password: "<your_own_value>"
wan_port_auth_usrname: "<your_own_value>"
wan_port_mode: "wan-lan"
Common return values are documented here, the following are the fields unique to this module:
Key | Description |
|---|---|
build string | Build number of the fortigate image Returned: always Sample: |
http_method string | Last method used to provision the content into FortiGate Returned: always Sample: |
http_status string | Last result given by FortiGate on last operation applied Returned: always Sample: |
mkey string | Master key (id) used in the last call to FortiGate Returned: success Sample: |
name string | Name of the table used to fulfill the request Returned: always Sample: |
path string | Path of the table used to fulfill the request Returned: always Sample: |
revision string | Internal revision number Returned: always Sample: |
serial string | Serial number of the unit Returned: always Sample: |
status string | Indication of the operation’s result Returned: always Sample: |
vdom string | Virtual domain used Returned: always Sample: |
version string | Version of the FortiGate Returned: always Sample: |
© 2012–2018 Michael DeHaan
© 2018–2025 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_wireless_controller_wtp_profile_module.html