forked from fortinet-solutions-cse/40ansible
-
Notifications
You must be signed in to change notification settings - Fork 0
/
play.yml
93 lines (93 loc) · 2.49 KB
/
play.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
- hosts: localhost
# strategy: debug
vars:
# host: "192.168.122.70"
host: "192.168.115.128"
username: "admin"
password: ""
vdom: "root"
tasks:
# If you manage python pip externaly you don't need that version is
# here to ensure update/downgrade if needed (optional)
- pip:
name: fortiosapi
version: 0.9.6
- name: Set static route on the fortigate
fortiosconfig:
action: "set"
host: "{{ host }}"
username: "{{ username}}"
password: "{{ password }}"
vdom: "{{ vdom }}"
config: "router static"
config_parameters:
seq-num: "8"
dst: "10.10.32.0 255.255.255.0"
device: "port2"
gateway: "192.168.40.252"
- name: add multiple firewall address
fortiosconfig:
config: "firewall address"
action: "set"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
config_parameters:
wildcard-fqdn: "*.{{ item }}"
name: "all.{{ item }}"
type: "wildcard-fqdn"
with_items:
- "fortinet.com"
- "acme.org"
- name: firewall policy
fortiosconfig:
config: "firewall policy"
action: "set"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
config_parameters:
policyid: "66"
name: "ansible"
json:
policyid: "66"
name: "ansible"
action: "accept"
srcintf: [ {"name": "port1"} ]
dstintf: [{"name":"port2"} ]
srcaddr: [{"name":"all"} ]
dstaddr: [{"name":"all"}]
schedule: "always"
service: [{"name":"HTTPS"}]
logtraffic: "all"
- name: fortimanager management settings
fortiosconfig:
config: "system central-management"
action: "put"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "global"
config_parameters:
"type": "fortimanager"
fmg: "10.210.67.18"
- name: system resource
fortiosconfig:
config: "system vdom-resource"
action: "monitor"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "global"
- name: Get information
fortiosconfig:
config: "system global"
action: "get"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "global"
config_parameters:
name: "global"