New in version 2.8.
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments | ||
|---|---|---|---|---|
| host string | FortiOS or FortiGate IP address. | |||
| https boolean |
| Indicates if the requests towards FortiGate must use HTTPS protocol. | ||
| password string | Default: "" | FortiOS or FortiGate password. | ||
| ssl_verify boolean added in 2.9 |
| Ensures FortiGate certificate must be verified by a proper CA. | ||
| state string added in 2.9 |
| Indicates whether to create or remove the object. This attribute was present already in previous version in a deeper level. It has been moved out to this outer level. | ||
| system_dhcp_server dictionary | Default: null | Configure DHCP servers. | ||
| auto_configuration string |
| Enable/disable auto configuration. | ||
| conflicted_ip_timeout integer | Time in seconds to wait after a conflicted IP address is removed from the DHCP range before it can be reused. | |||
| ddns_auth string |
| DDNS authentication mode. | ||
| ddns_key string | DDNS update key (base 64 encoding). | |||
| ddns_keyname string | DDNS update key name. | |||
| ddns_server_ip string | DDNS server IP. | |||
| ddns_ttl integer | TTL. | |||
| ddns_update string |
| Enable/disable DDNS update for DHCP. | ||
| ddns_update_override string |
| Enable/disable DDNS update override for DHCP. | ||
| ddns_zone string | Zone of your domain name (ex. DDNS.com). | |||
| default_gateway string | Default gateway IP address assigned by the DHCP server. | |||
| dns_server1 string | DNS server 1. | |||
| dns_server2 string | DNS server 2. | |||
| dns_server3 string | DNS server 3. | |||
| dns_service string |
| Options for assigning DNS servers to DHCP clients. | ||
| domain string | Domain name suffix for the IP addresses that the DHCP server assigns to clients. | |||
| exclude_range list | Exclude one or more ranges of IP addresses from being assigned to clients. | |||
| end_ip string | End of IP range. | |||
| id integer / required | ID. | |||
| start_ip string | Start of IP range. | |||
| filename string | Name of the boot file on the TFTP server. | |||
| forticlient_on_net_status string |
| Enable/disable FortiClient-On-Net service for this DHCP server. | ||
| id integer / required | ID. | |||
| interface string | DHCP server can assign IP configurations to clients connected to this interface. Source system.interface.name. | |||
| ip_mode string |
| Method used to assign client IP. | ||
| ip_range list | DHCP IP range configuration. | |||
| end_ip string | End of IP range. | |||
| id integer / required | ID. | |||
| start_ip string | Start of IP range. | |||
| ipsec_lease_hold integer | DHCP over IPsec leases expire this many seconds after tunnel down (0 to disable forced-expiry). | |||
| lease_time integer | Lease time in seconds, 0 means unlimited. | |||
| mac_acl_default_action string |
| MAC access control default action (allow or block assigning IP settings). | ||
| netmask string | Netmask assigned by the DHCP server. | |||
| next_server string | IP address of a server (for example, a TFTP sever) that DHCP clients can download a boot file from. | |||
| ntp_server1 string | NTP server 1. | |||
| ntp_server2 string | NTP server 2. | |||
| ntp_server3 string | NTP server 3. | |||
| ntp_service string |
| Options for assigning Network Time Protocol (NTP) servers to DHCP clients. | ||
| options list | DHCP options. | |||
| code integer | DHCP option code. | |||
| id integer / required | ID. | |||
| ip string | DHCP option IPs. | |||
| type string |
| DHCP option type. | ||
| value string | DHCP option value. | |||
| reserved_address list | Options for the DHCP server to assign IP settings to specific MAC addresses. | |||
| action string |
| Options for the DHCP server to configure the client with the reserved MAC address. | ||
| description string | Description. | |||
| id integer / required | ID. | |||
| ip string | IP address to be reserved for the MAC address. | |||
| mac string | MAC address of the client that will get the reserved IP address. | |||
| server_type string |
| DHCP server can be a normal DHCP server or an IPsec DHCP server. | ||
| state string |
| Deprecated Starting with Ansible 2.9 we recommend using the top-level 'state' parameter. Indicates whether to create or remove the object. | ||
| status string |
| Enable/disable this DHCP configuration. | ||
| tftp_server list | One or more hostnames or IP addresses of the TFTP servers in quotes separated by spaces. | |||
| tftp_server string | TFTP server. | |||
| timezone string |
| Select the time zone to be assigned to DHCP clients. | ||
| timezone_option string |
| Options for the DHCP server to set the client's time zone. | ||
| vci_match string |
| Enable/disable vendor class identifier (VCI) matching. When enabled only DHCP requests with a matching VCI are served. | ||
| vci_string list | One or more VCI strings in quotes separated by spaces. | |||
| vci_string string | VCI strings. | |||
| wifi_ac1 string | WiFi Access Controller 1 IP address (DHCP option 138, RFC 5417). | |||
| wifi_ac2 string | WiFi Access Controller 2 IP address (DHCP option 138, RFC 5417). | |||
| wifi_ac3 string | WiFi Access Controller 3 IP address (DHCP option 138, RFC 5417). | |||
| wins_server1 string | WINS server 1. | |||
| wins_server2 string | WINS server 2. | |||
| username string | FortiOS or FortiGate username. | |||
| vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. | ||
Note
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
ssl_verify: "False"
tasks:
- name: Configure DHCP servers.
fortios_system_dhcp_server:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
state: "present"
system_dhcp_server:
auto_configuration: "disable"
conflicted_ip_timeout: "4"
ddns_auth: "disable"
ddns_key: "<your_own_value>"
ddns_keyname: "<your_own_value>"
ddns_server_ip: "<your_own_value>"
ddns_ttl: "9"
ddns_update: "disable"
ddns_update_override: "disable"
ddns_zone: "<your_own_value>"
default_gateway: "<your_own_value>"
dns_server1: "<your_own_value>"
dns_server2: "<your_own_value>"
dns_server3: "<your_own_value>"
dns_service: "local"
domain: "<your_own_value>"
exclude_range:
-
end_ip: "<your_own_value>"
id: "21"
start_ip: "<your_own_value>"
filename: "<your_own_value>"
forticlient_on_net_status: "disable"
id: "25"
interface: "<your_own_value> (source system.interface.name)"
ip_mode: "range"
ip_range:
-
end_ip: "<your_own_value>"
id: "30"
start_ip: "<your_own_value>"
ipsec_lease_hold: "32"
lease_time: "33"
mac_acl_default_action: "assign"
netmask: "<your_own_value>"
next_server: "<your_own_value>"
ntp_server1: "<your_own_value>"
ntp_server2: "<your_own_value>"
ntp_server3: "<your_own_value>"
ntp_service: "local"
options:
-
code: "42"
id: "43"
ip: "<your_own_value>"
type: "hex"
value: "<your_own_value>"
reserved_address:
-
action: "assign"
description: "<your_own_value>"
id: "50"
ip: "<your_own_value>"
mac: "<your_own_value>"
server_type: "regular"
status: "disable"
tftp_server:
-
tftp_server: "<your_own_value>"
timezone: "01"
timezone_option: "disable"
vci_match: "disable"
vci_string:
-
vci_string: "<your_own_value>"
wifi_ac1: "<your_own_value>"
wifi_ac2: "<your_own_value>"
wifi_ac3: "<your_own_value>"
wins_server1: "<your_own_value>"
wins_server2: "<your_own_value>"
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| build string | always | Build number of the fortigate image Sample: 1547 |
| http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
| http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
| mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
| name string | always | Name of the table used to fulfill the request Sample: urlfilter |
| path string | always | Path of the table used to fulfill the request Sample: webfilter |
| revision string | always | Internal revision number Sample: 17.0.2.10658 |
| serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
| status string | always | Indication of the operation's result Sample: success |
| vdom string | always | Virtual domain used Sample: root |
| version string | always | Version of the FortiGate Sample: v5.6.3 |
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/fortios_system_dhcp_server_module.html