I have just finished an Ansible class for my job (switches and such) and was trying to connect with my Fortigate. No Bueno! Anyone have any luck using Ansible to connect to their Fortigate?
Thanks in advance.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I believe my firmware version is too old (because my firewall is too old). Versions less than 6 don't support this. Oh well. A few days wasted aside from the fact I did learn a bunch.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
IDNK about that, but here's a blog I wrote with samples using fortiosapi a while back.
https://socpuppet.blogspot.com/2020/07/howto-user-ansible-with-fortios.html
You should be able to write that as a test and then go deeper as you get past the 1st few hurdles. Github should have samples that you can pull in and modified to fit your env. I would not do a major change like policy add|delete but would start with low hanging fruits likes add/addrgrp/admin/global settings etc.....
FWIW: Operational practice you don't put the password in the playbook but for testing and to ensure it's working I do, but that's just me.
Just ensure you run ANSIBLE_DEBUG and -vvv for more verbose details and work thru your issues. It always boils down to either;
[ul]
But the samples show in the yml files is what I used for testing an verification with fortios. This works for 6.2.x and 6.4.x versions btw.
YMMV but the above links in the blog-post will get you in the right direction and handing into the right port. Also call out a simple test with "curl" if you want to test the api-user. Again samples in the blog post.
Ken Felix
PCNSE
NSE
StrongSwan
Look at Ansible Galaxy... there is a collection of FortiOS and Fortimanager modules available for download. If you're already figured that out, great. The documentation isn't the greatest. Struggling through some things with it myself.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.