New in version 2.8.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments | ||
---|---|---|---|---|
host
-
/ required
|
FortiOS or FortiGate ip address.
|
|||
https
boolean
|
|
Indicates if the requests towards FortiGate must use HTTPS protocol
|
||
password
-
|
Default: ""
|
FortiOS or FortiGate password.
|
||
username
-
/ required
|
FortiOS or FortiGate username.
|
|||
vdom
-
|
Default: "root"
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
|
||
wanopt_profile
-
|
Default: null
|
Configure WAN optimization profiles.
|
||
auth-group
-
|
Optionally add an authentication group to restrict access to the WAN Optimization tunnel to peers in the authentication group. Source wanopt.auth-group.name.
|
|||
cifs
-
|
Enable/disable CIFS (Windows sharing) WAN Optimization and configure CIFS WAN Optimization features.
|
|||
byte-caching
-
|
|
Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache.
|
||
log-traffic
-
|
|
Enable/disable logging.
|
||
port
-
|
Single port number or port number range for CIFS. Only packets with a destination port number that matches this port number or range are accepted by this profile.
|
|||
prefer-chunking
-
|
|
Select dynamic or fixed-size data chunking for HTTP WAN Optimization.
|
||
secure-tunnel
-
|
|
Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810).
|
||
status
-
|
|
Enable/disable HTTP WAN Optimization.
|
||
tunnel-sharing
-
|
|
Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols.
|
||
comments
-
|
Comment.
|
|||
ftp
-
|
Enable/disable FTP WAN Optimization and configure FTP WAN Optimization features.
|
|||
byte-caching
-
|
|
Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache.
|
||
log-traffic
-
|
|
Enable/disable logging.
|
||
port
-
|
Single port number or port number range for FTP. Only packets with a destination port number that matches this port number or range are accepted by this profile.
|
|||
prefer-chunking
-
|
|
Select dynamic or fixed-size data chunking for HTTP WAN Optimization.
|
||
secure-tunnel
-
|
|
Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810).
|
||
status
-
|
|
Enable/disable HTTP WAN Optimization.
|
||
tunnel-sharing
-
|
|
Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols.
|
||
http
-
|
Enable/disable HTTP WAN Optimization and configure HTTP WAN Optimization features.
|
|||
byte-caching
-
|
|
Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache.
|
||
log-traffic
-
|
|
Enable/disable logging.
|
||
port
-
|
Single port number or port number range for HTTP. Only packets with a destination port number that matches this port number or range are accepted by this profile.
|
|||
prefer-chunking
-
|
|
Select dynamic or fixed-size data chunking for HTTP WAN Optimization.
|
||
secure-tunnel
-
|
|
Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810).
|
||
ssl
-
|
|
Enable/disable SSL/TLS offloading (hardware acceleration) for HTTPS traffic in this tunnel.
|
||
ssl-port
-
|
Port on which to expect HTTPS traffic for SSL/TLS offloading.
|
|||
status
-
|
|
Enable/disable HTTP WAN Optimization.
|
||
tunnel-non-http
-
|
|
Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port.
|
||
tunnel-sharing
-
|
|
Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols.
|
||
unknown-http-version
-
|
|
How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1.
|
||
mapi
-
|
Enable/disable MAPI email WAN Optimization and configure MAPI WAN Optimization features.
|
|||
byte-caching
-
|
|
Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache.
|
||
log-traffic
-
|
|
Enable/disable logging.
|
||
port
-
|
Single port number or port number range for MAPI. Only packets with a destination port number that matches this port number or range are accepted by this profile.
|
|||
secure-tunnel
-
|
|
Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810).
|
||
status
-
|
|
Enable/disable HTTP WAN Optimization.
|
||
tunnel-sharing
-
|
|
Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols.
|
||
name
-
/ required
|
Profile name.
|
|||
state
-
|
|
Indicates whether to create or remove the object
|
||
tcp
-
|
Enable/disable TCP WAN Optimization and configure TCP WAN Optimization features.
|
|||
byte-caching
-
|
|
Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache.
|
||
byte-caching-opt
-
|
|
Select whether TCP byte-caching uses system memory only or both memory and disk space.
|
||
log-traffic
-
|
|
Enable/disable logging.
|
||
port
-
|
Single port number or port number range for TCP. Only packets with a destination port number that matches this port number or range are accepted by this profile.
|
|||
secure-tunnel
-
|
|
Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810).
|
||
ssl
-
|
|
Enable/disable SSL/TLS offloading.
|
||
ssl-port
-
|
Port on which to expect HTTPS traffic for SSL/TLS offloading.
|
|||
status
-
|
|
Enable/disable HTTP WAN Optimization.
|
||
tunnel-sharing
-
|
|
Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols.
|
||
transparent
-
|
|
Enable/disable transparent mode.
|
Note
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
tasks:
- name: Configure WAN optimization profiles.
fortios_wanopt_profile:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
wanopt_profile:
state: "present"
auth-group: "<your_own_value> (source wanopt.auth-group.name)"
cifs:
byte-caching: "enable"
log-traffic: "enable"
port: "7"
prefer-chunking: "dynamic"
secure-tunnel: "enable"
status: "enable"
tunnel-sharing: "private"
comments: "<your_own_value>"
ftp:
byte-caching: "enable"
log-traffic: "enable"
port: "16"
prefer-chunking: "dynamic"
secure-tunnel: "enable"
status: "enable"
tunnel-sharing: "private"
http:
byte-caching: "enable"
log-traffic: "enable"
port: "24"
prefer-chunking: "dynamic"
secure-tunnel: "enable"
ssl: "enable"
ssl-port: "28"
status: "enable"
tunnel-non-http: "enable"
tunnel-sharing: "private"
unknown-http-version: "reject"
mapi:
byte-caching: "enable"
log-traffic: "enable"
port: "36"
secure-tunnel: "enable"
status: "enable"
tunnel-sharing: "private"
name: "default_name_40"
tcp:
byte-caching: "enable"
byte-caching-opt: "mem-only"
log-traffic: "enable"
port: "<your_own_value>"
secure-tunnel: "enable"
ssl: "enable"
ssl-port: "48"
status: "enable"
tunnel-sharing: "private"
transparent: "enable"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build
string
|
always |
Build number of the fortigate image
Sample:
1547
|
http_method
string
|
always |
Last method used to provision the content into FortiGate
Sample:
PUT
|
http_status
string
|
always |
Last result given by FortiGate on last operation applied
Sample:
200
|
mkey
string
|
success |
Master key (id) used in the last call to FortiGate
Sample:
id
|
name
string
|
always |
Name of the table used to fulfill the request
Sample:
urlfilter
|
path
string
|
always |
Path of the table used to fulfill the request
Sample:
webfilter
|
revision
string
|
always |
Internal revision number
Sample:
17.0.2.10658
|
serial
string
|
always |
Serial number of the unit
Sample:
FGVMEVYYQT3AB5352
|
status
string
|
always |
Indication of the operation's result
Sample:
success
|
vdom
string
|
always |
Virtual domain used
Sample:
root
|
version
string
|
always |
Version of the FortiGate
Sample:
v5.6.3
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.