Module vpn_ssl_settings: Attribute source_address and source_interface doesn't work about ansible-galaxy-fortios-collection HOT 6 CLOSED

hi @ikreb7 ,
thanks for you issue.

please find the document here:
https://ansible-galaxy-fortios-docs.readthedocs.io/en/latest/gen/fortios_vpn_ssl_settings.html

name of groups is: user.group.name, you can see all entries by cli: show user group
name of source_address is: firewall.address.name , you can see all entries by cli: show firewall address
name of source_interface is: system.interface.name, you can see all entries by cli: show system interface

please let us know if there is a better way to present the description in the document.

thanks,
Link..

from ansible-galaxy-fortios-collection.

Thanks for your very fast and detailed answer.

The command show firewall address returns me the group all.

This is the verbose dict:

"source_address": [{"name": "all"}],
"source_interface": [{"name": "SSL_VPN"}],
"users": [{"name": "."}]

So this is wrong, or? It should be:

"source_address": [{"name": "user.group.name"}],
"source_interface": [{"name": "firewall.address.name"}],
"users": [{"name": "system.interface.name"}]

But how do I commit the certain group, e.g. all?

from ansible-galaxy-fortios-collection.

Thanks for your very fast and detailed answer.

The command show firewall address returns me the group all.

This is the verbose dict:

"source_address": [{"name": "all"}],
"source_interface": [{"name": "SSL_VPN"}],
"users": [{"name": "."}]

So this is wrong, or? It should be:

"source_address": [{"name": "user.group.name"}],
"source_interface": [{"name": "firewall.address.name"}],
"users": [{"name": "system.interface.name"}]

But how do I commit the certain group, e.g. all?

hi @ikreb7 ,
if you see the description or example, there is a keyword source, it 's just a hint to direct you where you can find the object/entry name. in your playbook, it should be the customized entry/object name.

name: "default_name_14 (source firewall.address.name firewall.addrgrp.name)"
name: "default_name_9 (source user.group.name)"
name: "default_name_20 (source system.interface.name system.zone.name)"
name: "default_name_22 (source user.local.name)"

e.g. name: "default_name_14 (source firewall.address.name firewall.addrgrp.name)"

either entry in firewall.address or firewall.addrgrp will be legal here.

from ansible-galaxy-fortios-collection.

Ok. Then I my first attempt was correct and it doesn't work. If I call show vpn ssl settings it doesn't show the settings for source_address and source_interface. I use 6.0.9.

from ansible-galaxy-fortios-collection.

Ok. Then I my first attempt was correct and it doesn't work. If I call show vpn ssl settings it doesn't show the settings for source_address and source_interface. I use 6.0.9.

Yes, just confirm the object/entry exists either via cli or web UI. or your playbook will fail. As a matter of fact, we are always creating these dependent objects/entries first.

from ansible-galaxy-fortios-collection.

Hi @ikreb7 ,

I now mark this issue closed.
please feel free to reopen it and reach out to me if the document is not clear to fill out the playbook template.

thanks,
Link

from ansible-galaxy-fortios-collection.