Modify static route - Githubissues

fortinet-ansible-dev / ansible-galaxy-fortios-collection

GNU General Public License v3.0

84 stars 48 forks source link

Modify static route #223

Closed shokrymohamedshokry closed 1 year ago

shokrymohamedshokry commented 1 year ago

How can i edit on static route, every time i run the playbook it's create a new static route, how can i modify not to create a new one

Example of playbook

- hosts: fortigate05
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "In-Out"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 8443
  tasks:
  - name: Configure IPv4 static routing tables.
    fortios_router_static:
      vdom:  "{{ vdom }}"
      state: "present"
      access_token: "{{ fortios_access_token2 }}"
      router_static:
        comment: "Hello from ansible"
        device: "TEST"
        distance: "10"
        dst: "1.1.1.1/255.255.255.255"
        gateway: "172.1.1.1"
        status: "enable"

For Example, if i need the status to be disable and change status: "enable" to status: "disable" it will create a new static with disable state.

MaxxLiu22 commented 1 year ago

Hi @shokrymohamedshokry ,

Thank you for your question, ansible use argument "seq_num" as a key to locate the static route item, if that is not set, system would add a new static router instead. Could you try the following code, if you still encounter any issue, feel free to let me know

- hosts: fortigate05
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "In-Out"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 8443
  tasks:
  - name: Configure IPv4 static routing tables.
    fortios_router_static:
      vdom:  "{{ vdom }}"
      state: "present"
      access_token: "{{ fortios_access_token2 }}"
      router_static:
        seq_num: 2  # static router you want to edit
        comment: "Hello from ansible"
        device: "TEST"
        distance: "10"
        dst: "1.1.1.1/255.255.255.255"
        gateway: "172.1.1.1"
        status: "enable"

Thanks, Maxx

shokrymohamedshokry commented 1 year ago

Thanks Max Could you please help me how to find the static route "seq_num" from FortiGate interface?

thanks

shokrymohamedshokry commented 1 year ago

I'm trying this command get system route 5 to get seq_num on FortiGate CLi but not working with me it's give me the below

DR-Perimeter-FWFG-301E $ get system route 5

command parse error before 'route'
Command fail. Return code -61

shokrymohamedshokry commented 1 year ago

solved now after make the following on forti Terminal

config vdom
edit In-Out
show router static | grep -B 2 -A 3 <IP>

thanks