W3cubDocs

/Ansible 2.10

fortinet.fortios.fortios_system_dhcp_server – Configure DHCP servers in Fortinet’s FortiOS and FortiGate.

Note

This plugin is part of the fortinet.fortios collection.

To install it use: ansible-galaxy collection install fortinet.fortios.

To use it in a playbook, specify: fortinet.fortios.fortios_system_dhcp_server.

New in version 2.8: of fortinet.fortios

Synopsis

  • This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system_dhcp feature and server category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.9.0

Parameters

Parameter Choices/Defaults Comments
host
string
FortiOS or FortiGate IP address.
https
boolean
    Choices:
  • no
  • yes
Indicates if the requests towards FortiGate must use HTTPS protocol.
password
string
Default:
""
FortiOS or FortiGate password.
ssl_verify
boolean
added in 2.9 of fortinet.fortios
    Choices:
  • no
  • yes
Ensures FortiGate certificate must be verified by a proper CA.
state
string
added in 2.9 of fortinet.fortios
    Choices:
  • present
  • absent
Indicates whether to create or remove the object. This attribute was present already in previous version in a deeper level. It has been moved out to this outer level.
system_dhcp_server
dictionary
Configure DHCP servers.
auto_configuration
string
    Choices:
  • disable
  • enable
Enable/disable auto configuration.
conflicted_ip_timeout
integer
Time in seconds to wait after a conflicted IP address is removed from the DHCP range before it can be reused.
ddns_auth
string
    Choices:
  • disable
  • tsig
DDNS authentication mode.
ddns_key
string
DDNS update key (base 64 encoding).
ddns_keyname
string
DDNS update key name.
ddns_server_ip
string
DDNS server IP.
ddns_ttl
integer
TTL.
ddns_update
string
    Choices:
  • disable
  • enable
Enable/disable DDNS update for DHCP.
ddns_update_override
string
    Choices:
  • disable
  • enable
Enable/disable DDNS update override for DHCP.
ddns_zone
string
Zone of your domain name (ex. DDNS.com).
default_gateway
string
Default gateway IP address assigned by the DHCP server.
dns_server1
string
DNS server 1.
dns_server2
string
DNS server 2.
dns_server3
string
DNS server 3.
dns_service
string
    Choices:
  • local
  • default
  • specify
Options for assigning DNS servers to DHCP clients.
domain
string
Domain name suffix for the IP addresses that the DHCP server assigns to clients.
exclude_range
list / elements=string
Exclude one or more ranges of IP addresses from being assigned to clients.
end_ip
string
End of IP range.
id
integer / required
ID.
start_ip
string
Start of IP range.
filename
string
Name of the boot file on the TFTP server.
forticlient_on_net_status
string
    Choices:
  • disable
  • enable
Enable/disable FortiClient-On-Net service for this DHCP server.
id
integer / required
ID.
interface
string
DHCP server can assign IP configurations to clients connected to this interface. Source system.interface.name.
ip_mode
string
    Choices:
  • range
  • usrgrp
Method used to assign client IP.
ip_range
list / elements=string
DHCP IP range configuration.
end_ip
string
End of IP range.
id
integer / required
ID.
start_ip
string
Start of IP range.
ipsec_lease_hold
integer
DHCP over IPsec leases expire this many seconds after tunnel down (0 to disable forced-expiry).
lease_time
integer
Lease time in seconds, 0 means unlimited.
mac_acl_default_action
string
    Choices:
  • assign
  • block
MAC access control default action (allow or block assigning IP settings).
netmask
string
Netmask assigned by the DHCP server.
next_server
string
IP address of a server (for example, a TFTP sever) that DHCP clients can download a boot file from.
ntp_server1
string
NTP server 1.
ntp_server2
string
NTP server 2.
ntp_server3
string
NTP server 3.
ntp_service
string
    Choices:
  • local
  • default
  • specify
Options for assigning Network Time Protocol (NTP) servers to DHCP clients.
options
list / elements=string
DHCP options.
code
integer
DHCP option code.
id
integer / required
ID.
ip
string
DHCP option IPs.
type
string
    Choices:
  • hex
  • string
  • ip
DHCP option type.
value
string
DHCP option value.
reserved_address
list / elements=string
Options for the DHCP server to assign IP settings to specific MAC addresses.
action
string
    Choices:
  • assign
  • block
  • reserved
Options for the DHCP server to configure the client with the reserved MAC address.
description
string
Description.
id
integer / required
ID.
ip
string
IP address to be reserved for the MAC address.
mac
string
MAC address of the client that will get the reserved IP address.
server_type
string
    Choices:
  • regular
  • ipsec
DHCP server can be a normal DHCP server or an IPsec DHCP server.
state
string
    Choices:
  • present
  • absent
Deprecated
Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
Indicates whether to create or remove the object.
status
string
    Choices:
  • disable
  • enable
Enable/disable this DHCP configuration.
tftp_server
list / elements=string
One or more hostnames or IP addresses of the TFTP servers in quotes separated by spaces.
tftp_server
string
TFTP server.
timezone
string
    Choices:
  • 1
  • 2
  • 3
  • 4
  • 5
  • 81
  • 6
  • 7
  • 08
  • 09
  • 10
  • 11
  • 12
  • 13
  • 74
  • 14
  • 77
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 75
  • 87
  • 21
  • 22
  • 23
  • 24
  • 80
  • 79
  • 25
  • 26
  • 27
  • 28
  • 78
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 83
  • 84
  • 40
  • 85
  • 41
  • 42
  • 43
  • 39
  • 44
  • 46
  • 47
  • 51
  • 48
  • 45
  • 49
  • 50
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 62
  • 63
  • 61
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 0
  • 82
  • 73
  • 86
  • 76
Select the time zone to be assigned to DHCP clients.
timezone_option
string
    Choices:
  • disable
  • default
  • specify
Options for the DHCP server to set the client"s time zone.
vci_match
string
    Choices:
  • disable
  • enable
Enable/disable vendor class identifier (VCI) matching. When enabled only DHCP requests with a matching VCI are served.
vci_string
list / elements=string
One or more VCI strings in quotes separated by spaces.
vci_string
string
VCI strings.
wifi_ac1
string
WiFi Access Controller 1 IP address (DHCP option 138, RFC 5417).
wifi_ac2
string
WiFi Access Controller 2 IP address (DHCP option 138, RFC 5417).
wifi_ac3
string
WiFi Access Controller 3 IP address (DHCP option 138, RFC 5417).
wins_server1
string
WINS server 1.
wins_server2
string
WINS server 2.
username
string
FortiOS or FortiGate username.
vdom
string
Default:
"root"
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.

Notes

Note

  • Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- hosts: fortigates
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:
  - name: Configure DHCP servers.
    fortios_system_dhcp_server:
      vdom:  "{{ vdom }}"
      state: "present"
      system_dhcp_server:
        auto_configuration: "disable"
        conflicted_ip_timeout: "4"
        ddns_auth: "disable"
        ddns_key: "<your_own_value>"
        ddns_keyname: "<your_own_value>"
        ddns_server_ip: "<your_own_value>"
        ddns_ttl: "9"
        ddns_update: "disable"
        ddns_update_override: "disable"
        ddns_zone: "<your_own_value>"
        default_gateway: "<your_own_value>"
        dns_server1: "<your_own_value>"
        dns_server2: "<your_own_value>"
        dns_server3: "<your_own_value>"
        dns_service: "local"
        domain: "<your_own_value>"
        exclude_range:
         -
            end_ip: "<your_own_value>"
            id:  "21"
            start_ip: "<your_own_value>"
        filename: "<your_own_value>"
        forticlient_on_net_status: "disable"
        id:  "25"
        interface: "<your_own_value> (source system.interface.name)"
        ip_mode: "range"
        ip_range:
         -
            end_ip: "<your_own_value>"
            id:  "30"
            start_ip: "<your_own_value>"
        ipsec_lease_hold: "32"
        lease_time: "33"
        mac_acl_default_action: "assign"
        netmask: "<your_own_value>"
        next_server: "<your_own_value>"
        ntp_server1: "<your_own_value>"
        ntp_server2: "<your_own_value>"
        ntp_server3: "<your_own_value>"
        ntp_service: "local"
        options:
         -
            code: "42"
            id:  "43"
            ip: "<your_own_value>"
            type: "hex"
            value: "<your_own_value>"
        reserved_address:
         -
            action: "assign"
            description: "<your_own_value>"
            id:  "50"
            ip: "<your_own_value>"
            mac: "<your_own_value>"
        server_type: "regular"
        status: "disable"
        tftp_server:
         -
            tftp_server: "<your_own_value>"
        timezone: "01"
        timezone_option: "disable"
        vci_match: "disable"
        vci_string:
         -
            vci_string: "<your_own_value>"
        wifi_ac1: "<your_own_value>"
        wifi_ac2: "<your_own_value>"
        wifi_ac3: "<your_own_value>"
        wins_server1: "<your_own_value>"
        wins_server2: "<your_own_value>"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
build
string
always
Build number of the fortigate image

Sample:
1547
http_method
string
always
Last method used to provision the content into FortiGate

Sample:
PUT
http_status
string
always
Last result given by FortiGate on last operation applied

Sample:
200
mkey
string
success
Master key (id) used in the last call to FortiGate

Sample:
id
name
string
always
Name of the table used to fulfill the request

Sample:
urlfilter
path
string
always
Path of the table used to fulfill the request

Sample:
webfilter
revision
string
always
Internal revision number

Sample:
17.0.2.10658
serial
string
always
Serial number of the unit

Sample:
FGVMEVYYQT3AB5352
status
string
always
Indication of the operation's result

Sample:
success
vdom
string
always
Virtual domain used

Sample:
root
version
string
always
Version of the FortiGate

Sample:
v5.6.3


Authors

  • Link Zheng (@chillancezen)
  • Hongbin Lu (@fgtdev-hblu)
  • Frank Shen (@frankshen01)
  • Jie Xue (@JieX19)
  • Miguel Angel Munoz (@mamunozgonzalez)
  • Nicolas Thomas (@thomnico)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/fortinet/fortios/fortios_system_dhcp_server_module.html