Note
This plugin is part of the fortinet.fortios collection.
To install it use: ansible-galaxy collection install fortinet.fortios.
To use it in a playbook, specify: fortinet.fortios.fortios_wanopt_profile.
New in version 2.8: of fortinet.fortios
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments | ||
|---|---|---|---|---|
| host string | FortiOS or FortiGate IP address. | |||
| https boolean |
| Indicates if the requests towards FortiGate must use HTTPS protocol. | ||
| password string | Default: "" | FortiOS or FortiGate password. | ||
| ssl_verify boolean added in 2.9 of fortinet.fortios |
| Ensures FortiGate certificate must be verified by a proper CA. | ||
| state string added in 2.9 of fortinet.fortios |
| Indicates whether to create or remove the object. This attribute was present already in previous version in a deeper level. It has been moved out to this outer level. | ||
| username string | FortiOS or FortiGate username. | |||
| vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. | ||
| wanopt_profile dictionary | Configure WAN optimization profiles. | |||
| auth_group string | Optionally add an authentication group to restrict access to the WAN Optimization tunnel to peers in the authentication group. Source wanopt.auth-group.name. | |||
| cifs dictionary | Enable/disable CIFS (Windows sharing) WAN Optimization and configure CIFS WAN Optimization features. | |||
| byte_caching string |
| Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. | ||
| log_traffic string |
| Enable/disable logging. | ||
| port integer | Single port number or port number range for CIFS. Only packets with a destination port number that matches this port number or range are accepted by this profile. | |||
| prefer_chunking string |
| Select dynamic or fixed-size data chunking for HTTP WAN Optimization. | ||
| secure_tunnel string |
| Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). | ||
| status string |
| Enable/disable HTTP WAN Optimization. | ||
| tunnel_sharing string |
| Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. | ||
| comments string | Comment. | |||
| ftp dictionary | Enable/disable FTP WAN Optimization and configure FTP WAN Optimization features. | |||
| byte_caching string |
| Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. | ||
| log_traffic string |
| Enable/disable logging. | ||
| port integer | Single port number or port number range for FTP. Only packets with a destination port number that matches this port number or range are accepted by this profile. | |||
| prefer_chunking string |
| Select dynamic or fixed-size data chunking for HTTP WAN Optimization. | ||
| secure_tunnel string |
| Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). | ||
| status string |
| Enable/disable HTTP WAN Optimization. | ||
| tunnel_sharing string |
| Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. | ||
| http dictionary | Enable/disable HTTP WAN Optimization and configure HTTP WAN Optimization features. | |||
| byte_caching string |
| Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. | ||
| log_traffic string |
| Enable/disable logging. | ||
| port integer | Single port number or port number range for HTTP. Only packets with a destination port number that matches this port number or range are accepted by this profile. | |||
| prefer_chunking string |
| Select dynamic or fixed-size data chunking for HTTP WAN Optimization. | ||
| secure_tunnel string |
| Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). | ||
| ssl string |
| Enable/disable SSL/TLS offloading (hardware acceleration) for HTTPS traffic in this tunnel. | ||
| ssl_port integer | Port on which to expect HTTPS traffic for SSL/TLS offloading. | |||
| status string |
| Enable/disable HTTP WAN Optimization. | ||
| tunnel_non_http string |
| Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. | ||
| tunnel_sharing string |
| Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. | ||
| unknown_http_version string |
| How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. | ||
| mapi dictionary | Enable/disable MAPI email WAN Optimization and configure MAPI WAN Optimization features. | |||
| byte_caching string |
| Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. | ||
| log_traffic string |
| Enable/disable logging. | ||
| port integer | Single port number or port number range for MAPI. Only packets with a destination port number that matches this port number or range are accepted by this profile. | |||
| secure_tunnel string |
| Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). | ||
| status string |
| Enable/disable HTTP WAN Optimization. | ||
| tunnel_sharing string |
| Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. | ||
| name string / required | Profile name. | |||
| state string |
| Deprecated Starting with Ansible 2.9 we recommend using the top-level 'state' parameter. Indicates whether to create or remove the object. | ||
| tcp dictionary | Enable/disable TCP WAN Optimization and configure TCP WAN Optimization features. | |||
| byte_caching string |
| Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. | ||
| byte_caching_opt string |
| Select whether TCP byte-caching uses system memory only or both memory and disk space. | ||
| log_traffic string |
| Enable/disable logging. | ||
| port string | Single port number or port number range for TCP. Only packets with a destination port number that matches this port number or range are accepted by this profile. | |||
| secure_tunnel string |
| Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). | ||
| ssl string |
| Enable/disable SSL/TLS offloading. | ||
| ssl_port integer | Port on which to expect HTTPS traffic for SSL/TLS offloading. | |||
| status string |
| Enable/disable HTTP WAN Optimization. | ||
| tunnel_sharing string |
| Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. | ||
| transparent string |
| Enable/disable transparent mode. | ||
Note
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure WAN optimization profiles.
fortios_wanopt_profile:
vdom: "{{ vdom }}"
state: "present"
wanopt_profile:
auth_group: "<your_own_value> (source wanopt.auth-group.name)"
cifs:
byte_caching: "enable"
log_traffic: "enable"
port: "7"
prefer_chunking: "dynamic"
secure_tunnel: "enable"
status: "enable"
tunnel_sharing: "private"
comments: "<your_own_value>"
ftp:
byte_caching: "enable"
log_traffic: "enable"
port: "16"
prefer_chunking: "dynamic"
secure_tunnel: "enable"
status: "enable"
tunnel_sharing: "private"
http:
byte_caching: "enable"
log_traffic: "enable"
port: "24"
prefer_chunking: "dynamic"
secure_tunnel: "enable"
ssl: "enable"
ssl_port: "28"
status: "enable"
tunnel_non_http: "enable"
tunnel_sharing: "private"
unknown_http_version: "reject"
mapi:
byte_caching: "enable"
log_traffic: "enable"
port: "36"
secure_tunnel: "enable"
status: "enable"
tunnel_sharing: "private"
name: "default_name_40"
tcp:
byte_caching: "enable"
byte_caching_opt: "mem-only"
log_traffic: "enable"
port: "<your_own_value>"
secure_tunnel: "enable"
ssl: "enable"
ssl_port: "48"
status: "enable"
tunnel_sharing: "private"
transparent: "enable"
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| build string | always | Build number of the fortigate image Sample: 1547 |
| http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
| http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
| mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
| name string | always | Name of the table used to fulfill the request Sample: urlfilter |
| path string | always | Path of the table used to fulfill the request Sample: webfilter |
| revision string | always | Internal revision number Sample: 17.0.2.10658 |
| serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
| status string | always | Indication of the operation's result Sample: success |
| vdom string | always | Virtual domain used Sample: root |
| version string | always | Version of the FortiGate Sample: v5.6.3 |
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/fortinet/fortios/fortios_wanopt_profile_module.html