Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ergotherego
Contributor II

Ansible and FortiGates - module that lets you pull entire running-configuration?

Is there an Ansible module that lets you pull down the entire running configuration, versus just certain facts?

 

Previously there was such a module called "fortios_config_module" but it appears to be missing from the current collection.

 

https://docs.ansible.com/...ios_config_module.html

2 REPLIES 2
ergotherego
Contributor II

I was able to solve this using the NTC modules, which use netmiko for SSH connections, which have a handler for FortiGates.

 

Instructions to install the NTC modules:

 

https://github.com/networktocode/ntc-ansible

 

Below is sample playbook that shows how to grab the running-config from a FortiGate. Replace the values for host, username, and password. This play does not require an inventory file.

 

---
- hosts: localhost
  connection: local
  gather_facts: no
  become: no

  tasks:

   - name: "Gather show-run from FortiGate"
     ntc_show_command:
       connection=ssh
       platform=fortinet
       command='show'
       host=firewall_device_name
       username=first.last
       password=password

emnoc
Esteemed Contributor III

We-ve used Ansible and Napalm 

 

http://socpuppet.blogspot.com/2021/04/ansible-and-napalm-to-get-fortios.html

 

Playbook example is in the above link

 

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Labels
Top Kudoed Authors