Closed slazer2au closed 1 year ago
Hi @slazer2au ,
Thank you for bring up this issue, I can reproduce that, but we recommend to use "token" as a primary authentication way to login FGT. In order to do so, we need to create an API user with an appropriate "accprofile" and generate a token then use that token in the playbook you use, if you still have issue to access FGT, please let me know.
FGVMULTM22003786 # config system api-user
FGVMULTM22003786 (api-user) # edit api
FGVMULTM22003786 (api) # show
config system api-user
edit "api"
set api-key ENC SH2Dt0e3z6j6k+V8TsABtBoy8UmCgtmI192MaPRGhhyYqROt6m/r9IATuRV68I=
set accprofile "super_admin"
set vdom "root"
next
end
FGVMULTM22003786 (api) # end
FGVMULTM22003786 # execute api-user generate-key api
New API key: 6Hjrf1GHzNsw837wdwnxNNwN0b8f8t
NOTE: The bearer of this API key will be granted all access privileges assigned to the api-user api.
ansible play book
tasks:
- name: System Global configuration
fortios_system_global:
vdom: root
access_token: 6Hjrf1GHzNsw837wdwnxNNwN0b8f8t
system_global:
admintimeout: 405
Thanks, Maxx
Using the access_token does work, but we use LDAP to manage automation accounts. Is there going to be a fix for this in the future?
Using the access_token does work, but we use LDAP to manage automation accounts. Is there going to be a fix for this in the future?
Get the same issue, there is a change on name of CCSRF Token (ccsrftoken => ccsrftoken_PORT) https://github.com/fortinet-ansible-dev/ansible-galaxy-fortios-collection/blob/main/plugins/httpapi/fortios.py#L113
@alagoutte @slazer2au Thanks for catching that! The backend has changed the name in the new FortiOS firmware. We will do a bugfix release ASAP.
Same issue on my PowerFGT module and fix (get also the same issue with 7.4.0)
Hi @alagoutte @slazer2au,
We've fixed the issue in version 2.2.3, please go ahead and upgrade the collection to avoid this issue. ansible-galaxy collection install fortinet.fortios:2.2.3
Thanks, Jie
I have upgraded to 2.2.3 but I am now getting 405 errors.
[httpsd 5785 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5785 - 1680004316 info] fweb_debug_init[420] -- Handler "logincheck-handler" assigned to request
[httpsd 5785 - 1680004316 info] fweb_debug_final[306] -- Completed GET request for "/logincheck" (HTTP 302 Found)
[httpsd 5674 - 1680004316 info] fweb_debug_init[416] -- New GET request for "/error/403/" from "192.168.2.9:56039"
[httpsd 5674 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5674 - 1680004316 info] fweb_debug_init[420] -- Handler "error-handler" assigned to request
[httpsd 5674 - 1680004316 info] fweb_debug_final[306] -- Completed GET request for "/error/403/" (HTTP 200)
[httpsd 5785 - 1680004316 info] fweb_debug_init[416] -- New GET request for "/api/v2/monitor/system/status" from "192.168.2.9:56040"
[httpsd 5785 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5785 - 1680004316 info] fweb_debug_init[420] -- Handler "api_monitor_v2-handler" assigned to request
[httpsd 5785 - 1680004316 warning] api_access_check_for_api_key[688] -- API Key request authorized for apiuser from 192.168.2.9.
[httpsd 5785 - 1680004316 info] api_store_parameter[320] -- add API parameter 'vdom' (type=string)
[httpsd 5785 - 1680004316 info] api_store_parameter[320] -- add API parameter 'access_token' (type=string)
[httpsd 5785 - 1680004316 info] endpoint_process_req_vdom[1020] -- new API request (action='select',path='system',name='status',vdom='root',user='apiuser')
[httpsd 5785 - 1680004316 info] endpoint_process_req_vdom[1026] -- completed API request (rss_pre=28040, rss_post=28040, rss_delta=0)
[httpsd 5785 - 1680004316 info] fweb_debug_final[306] -- Completed GET request for "/api/v2/monitor/system/status" (HTTP 200)
[httpsd 5674 - 1680004316 info] fweb_debug_init[416] -- New GET request for "/logincheck" from "192.168.2.9:56041"
[httpsd 5674 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5674 - 1680004316 info] fweb_debug_init[420] -- Handler "logincheck-handler" assigned to request
[httpsd 5674 - 1680004316 info] fweb_debug_final[306] -- Completed GET request for "/logincheck" (HTTP 302 Found)
[httpsd 5785 - 1680004316 info] fweb_debug_init[416] -- New GET request for "/error/403/" from "192.168.2.9:56042"
[httpsd 5785 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5785 - 1680004316 info] fweb_debug_init[420] -- Handler "error-handler" assigned to request
[httpsd 5785 - 1680004316 info] fweb_debug_final[306] -- Completed GET request for "/error/403/" (HTTP 200)
[httpsd 5674 - 1680004316 info] fweb_debug_init[416] -- New GET request for "/api/v2/monitor/system/status" from "192.168.2.9:56043"
[httpsd 5674 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5674 - 1680004316 info] fweb_debug_init[420] -- Handler "api_monitor_v2-handler" assigned to request
[httpsd 5674 - 1680004316 warning] api_access_check_for_api_key[688] -- API Key request authorized for apiuser from 192.168.2.9.
[httpsd 5674 - 1680004316 info] api_store_parameter[320] -- add API parameter 'vdom' (type=string)
[httpsd 5674 - 1680004316 info] api_store_parameter[320] -- add API parameter 'access_token' (type=string)
[httpsd 5674 - 1680004316 info] endpoint_process_req_vdom[1020] -- new API request (action='select',path='system',name='status',vdom='root',user='apiuser')
[httpsd 5674 - 1680004316 info] endpoint_process_req_vdom[1026] -- completed API request (rss_pre=40512, rss_post=40512, rss_delta=0)
[httpsd 5674 - 1680004316 info] fweb_debug_final[306] -- Completed GET request for "/api/v2/monitor/system/status" (HTTP 200)
[httpsd 5785 - 1680004316 info] fweb_debug_init[416] -- New GET request for "/api/v2/monitor/system/status" from "192.168.2.9:56044"
[httpsd 5785 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5785 - 1680004316 info] fweb_debug_init[420] -- Handler "api_monitor_v2-handler" assigned to request
[httpsd 5785 - 1680004316 warning] api_access_check_for_api_key[688] -- API Key request authorized for apiuser from 192.168.2.9.
[httpsd 5785 - 1680004316 info] api_store_parameter[320] -- add API parameter 'vdom' (type=string)
[httpsd 5785 - 1680004316 info] api_store_parameter[320] -- add API parameter 'access_token' (type=string)
[httpsd 5785 - 1680004316 info] endpoint_process_req_vdom[1020] -- new API request (action='select',path='system',name='status',vdom='root',user='apiuser')
[httpsd 5785 - 1680004316 info] endpoint_process_req_vdom[1026] -- completed API request (rss_pre=28040, rss_post=28040, rss_delta=0)
[httpsd 5785 - 1680004316 info] fweb_debug_final[306] -- Completed GET request for "/api/v2/monitor/system/status" (HTTP 200)
[httpsd 5674 - 1680004316 info] fweb_debug_init[416] -- New POST request for "/api/v2/cmdb/system/global" from "192.168.2.9:56045"
[httpsd 5674 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5674 - 1680004316 info] fweb_debug_init[420] -- Handler "api_cmdb_v2-handler" assigned to request
[httpsd 5674 - 1680004316 warning] api_access_check_for_api_key[688] -- API Key request authorized for apiuser from 192.168.2.9.
[httpsd 5674 - 1680004316 info] api_store_parameter[320] -- add API parameter 'vdom' (type=string)
[httpsd 5674 - 1680004316 info] api_store_parameter[320] -- add API parameter 'access_token' (type=string)
[httpsd 5674 - 1680004316 info] api_store_parameter[320] -- add API parameter 'timezone' (type=string)
[httpsd 5674 - 1680004316 info] api_cmdb_request_init_by_path[1800] -- new CMDB query (path='system',name='global')
[httpsd 5674 - 1680004316 info] handle_cli_req_v2[3200] -- no method found for requested action: (null)
[httpsd 5674 - 1680004316 info] handle_cli_req_v2[3318] -- returning to original vdom "root"
[httpsd 5674 - 1680004316 warning] api_return_http_result[1272] -- API error 405 raised
[httpsd 5674 - 1680004316 info] fweb_debug_final[306] -- Completed POST request for "/api/v2/cmdb/system/global" (HTTP 405)
[httpsd 5785 - 1680004316 info] fweb_debug_init[416] -- New POST request for "/api/v2/cmdb/system/global" from "192.168.2.9:56046"
[httpsd 5785 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5785 - 1680004316 info] fweb_debug_init[420] -- Handler "api_cmdb_v2-handler" assigned to request
[httpsd 5785 - 1680004316 warning] api_access_check_for_api_key[688] -- API Key request authorized for apiuser from 192.168.2.9.
[httpsd 5785 - 1680004316 info] api_store_parameter[320] -- add API parameter 'vdom' (type=string)
[httpsd 5785 - 1680004316 info] api_store_parameter[320] -- add API parameter 'access_token' (type=string)
[httpsd 5785 - 1680004316 info] api_store_parameter[320] -- add API parameter 'timezone' (type=string)
[httpsd 5785 - 1680004316 info] api_cmdb_request_init_by_path[1800] -- new CMDB query (path='system',name='global')
[httpsd 5785 - 1680004316 info] handle_cli_req_v2[3200] -- no method found for requested action: (null)
[httpsd 5785 - 1680004316 info] handle_cli_req_v2[3318] -- returning to original vdom "root"
[httpsd 5785 - 1680004316 warning] api_return_http_result[1272] -- API error 405 raised
[httpsd 5785 - 1680004316 info] fweb_debug_final[306] -- Completed POST request for "/api/v2/cmdb/system/global" (HTTP 405)
[httpsd 5674 - 1680004316 info] fweb_debug_init[416] -- New GET request for "/logout" from "192.168.2.9:56047"
[httpsd 5674 - 1680004316 info] fweb_debug_init[418] -- User-Agent: "Python-urllib/3.10"
[httpsd 5674 - 1680004316 info] fweb_debug_init[420] -- Handler "logout-handler" assigned to request
[httpsd 5674 - 1680004316 info] fweb_debug_final[306] -- Completed GET request for "/logout" (HTTP 200)
ansible@ansible:/mnt/c/Users/ansible/Ansible/Accesstoken$ ansible-playbook demo_fortigate.yml -i hosts -vvv
ansible-playbook [core 2.14.1]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/ansible/.local/lib/python3.10/site-packages/ansible
ansible collection location = /home/ansible/.ansible/collections:/usr/share/ansible/collections
executable location = /home/ansible/.local/bin/ansible-playbook
python version = 3.10.6 (main, Nov 14 2022, 16:10:14) [GCC 11.3.0] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /mnt/c/Users/ansible/Ansible/Accesstoken/hosts as it did not pass its verify_file() method
auto declined parsing /mnt/c/Users/ansible/Ansible/Accesstoken/hosts as it did not pass its verify_file() method
Parsed /mnt/c/Users/ansible/Ansible/Accesstoken/hosts inventory source with ini plugin
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: demo_fortigate.yml ***************************************************************************************************************************************************1 plays in demo_fortigate.yml
PLAY [demo] ********************************************************************************************************************************************************************
TASK [System Global configuration] *********************************************************************************************************************************************task path: /mnt/c/Users/ansible/Ansible/Accesstoken/demo_fortigate.yml:20
redirecting (type: connection) ansible.builtin.httpapi to ansible.netcommon.httpapi
<192.168.2.8> ESTABLISH LOCAL CONNECTION FOR USER: ansible
<192.168.2.8> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/ansible/.ansible/tmp/ansible-local-6498w30f77p `"&& mkdir "` echo /home/ansible/.ansible/tmp/ansible-local-6498w30f77p/ansible-tmp-1680004403.373229-654-145469719858671 `" && echo ansible-tmp-1680004403.373229-654-145469719858671="` echo /home/ansible/.ansible/tmp/ansible-local-6498w30f77p/ansible-tmp-1680004403.373229-654-145469719858671 `" ) && sleep 0'
Using module file /home/ansible/.ansible/collections/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_global.py
<192.168.2.8> PUT /home/ansible/.ansible/tmp/ansible-local-6498w30f77p/tmp_w5i1r0p TO /home/ansible/.ansible/tmp/ansible-local-6498w30f77p/ansible-tmp-1680004403.373229-654-145469719858671/AnsiballZ_fortios_system_global.py
<192.168.2.8> EXEC /bin/sh -c 'chmod u+x /home/ansible/.ansible/tmp/ansible-local-6498w30f77p/ansible-tmp-1680004403.373229-654-145469719858671/ /home/ansible/.ansible/tmp/ansible-local-6498w30f77p/ansible-tmp-1680004403.373229-654-145469719858671/AnsiballZ_fortios_system_global.py && sleep 0'
<192.168.2.8> EXEC /bin/sh -c '/usr/bin/python3 /home/ansible/.ansible/tmp/ansible-local-6498w30f77p/ansible-tmp-1680004403.373229-654-145469719858671/AnsiballZ_fortios_system_global.py && sleep 0'
<192.168.2.8> EXEC /bin/sh -c 'rm -f -r /home/ansible/.ansible/tmp/ansible-local-6498w30f77p/ansible-tmp-1680004403.373229-654-145469719858671/ > /dev/null 2>&1 && sleep 0'
fatal: [demo-fgt-p01]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"access_token": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"enable_log": false,
"member_path": null,
"member_state": null,
"system_global": {
"admin_concurrent": null,
"admin_console_timeout": null,
"admin_forticloud_sso_login": null,
"admin_host": null,
"admin_hsts_max_age": null,
"admin_https_pki_required": null,
"admin_https_redirect": null,
"admin_https_ssl_banned_ciphers": null,
"admin_https_ssl_ciphersuites": null,
"admin_https_ssl_versions": null,
"admin_lockout_duration": null,
"admin_lockout_threshold": null,
"admin_login_max": null,
"admin_maintainer": null,
"admin_port": null,
"admin_restrict_local": null,
"admin_scp": null,
"admin_server_cert": null,
"admin_sport": null,
"admin_ssh_grace_time": null,
"admin_ssh_password": null,
"admin_ssh_port": null,
"admin_ssh_v1": null,
"admin_telnet": null,
"admin_telnet_port": null,
"admintimeout": null,
"alias": null,
"allow_traffic_redirect": null,
"anti_replay": null,
"arp_max_entry": null,
"asymroute": null,
"auth_cert": null,
"auth_http_port": null,
"auth_https_port": null,
"auth_ike_saml_port": null,
"auth_keepalive": null,
"auth_session_limit": null,
"auto_auth_extension_device": null,
"autorun_log_fsck": null,
"av_affinity": null,
"av_failopen": null,
"av_failopen_session": null,
"batch_cmdb": null,
"block_session_timer": null,
"br_fdb_max_entry": null,
"cert_chain_max": null,
"cfg_revert_timeout": null,
"cfg_save": null,
"check_protocol_header": null,
"check_reset_range": null,
"cli_audit_log": null,
"cloud_communication": null,
"clt_cert_req": null,
"cmdbsvr_affinity": null,
"compliance_check": null,
"compliance_check_time": null,
"cpu_use_threshold": null,
"csr_ca_attribute": null,
"daily_restart": null,
"default_service_source_port": null,
"device_identification_active_scan_delay": null,
"device_idle_timeout": null,
"dh_params": null,
"dnsproxy_worker_count": null,
"dst": null,
"early_tcp_npu_session": null,
"edit_vdom_prompt": null,
"endpoint_control_fds_access": null,
"endpoint_control_portal_port": null,
"extender_controller_reserved_network": null,
"failtime": null,
"faz_disk_buffer_size": null,
"fds_statistics": null,
"fds_statistics_period": null,
"fec_port": null,
"fgd_alert_subscription": null,
"forticarrier_bypass": null,
"fortiextender": null,
"fortiextender_data_port": null,
"fortiextender_discovery_lockdown": null,
"fortiextender_provision_on_authorization": null,
"fortiextender_vlan_mode": null,
"fortiipam_integration": null,
"fortiservice_port": null,
"fortitoken_cloud": null,
"gui_allow_default_hostname": null,
"gui_app_detection_sdwan": null,
"gui_cdn_usage": null,
"gui_certificates": null,
"gui_custom_language": null,
"gui_date_format": null,
"gui_date_time_source": null,
"gui_device_latitude": null,
"gui_device_longitude": null,
"gui_display_hostname": null,
"gui_firmware_upgrade_warning": null,
"gui_forticare_registration_setup_warning": null,
"gui_fortigate_cloud_sandbox": null,
"gui_fortiguard_resource_fetch": null,
"gui_fortisandbox_cloud": null,
"gui_ipv6": null,
"gui_lines_per_page": null,
"gui_local_out": null,
"gui_replacement_message_groups": null,
"gui_rest_api_cache": null,
"gui_theme": null,
"gui_wireless_opensecurity": null,
"gui_workflow_management": null,
"ha_affinity": null,
"honor_df": null,
"hostname": null,
"igmp_state_limit": null,
"internet_service_database": null,
"interval": null,
"ip_fragment_mem_thresholds": null,
"ip_src_port_range": null,
"ips_affinity": null,
"ipsec_asic_offload": null,
"ipsec_ha_seqjump_rate": null,
"ipsec_hmac_offload": null,
"ipsec_round_robin": null,
"ipsec_soft_dec_async": null,
"ipv6_accept_dad": null,
"ipv6_allow_anycast_probe": null,
"ipv6_allow_local_in_slient_drop": null,
"ipv6_allow_multicast_probe": null,
"ipv6_allow_traffic_redirect": null,
"irq_time_accounting": null,
"language": null,
"ldapconntimeout": null,
"lldp_reception": null,
"lldp_transmission": null,
"log_ssl_connection": null,
"log_uuid": null,
"log_uuid_address": null,
"log_uuid_policy": null,
"login_timestamp": null,
"long_vdom_name": null,
"management_ip": null,
"management_port": null,
"management_port_use_admin_sport": null,
"management_vdom": null,
"max_dlpstat_memory": null,
"max_route_cache_size": null,
"mc_ttl_notchange": null,
"memory_use_threshold_extreme": null,
"memory_use_threshold_green": null,
"memory_use_threshold_red": null,
"miglog_affinity": null,
"miglogd_children": null,
"multi_factor_authentication": null,
"multicast_forward": null,
"ndp_max_entry": null,
"per_user_bal": null,
"per_user_bwl": null,
"pmtu_discovery": null,
"policy_auth_concurrent": null,
"post_login_banner": null,
"pre_login_banner": null,
"private_data_encryption": null,
"proxy_auth_lifetime": null,
"proxy_auth_lifetime_timeout": null,
"proxy_auth_timeout": null,
"proxy_cert_use_mgmt_vdom": null,
"proxy_cipher_hardware_acceleration": null,
"proxy_hardware_acceleration": null,
"proxy_kxp_hardware_acceleration": null,
"proxy_re_authentication_mode": null,
"proxy_resource_mode": null,
"proxy_worker_count": null,
"radius_port": null,
"reboot_upon_config_restore": null,
"refresh": null,
"remoteauthtimeout": null,
"reset_sessionless_tcp": null,
"restart_time": null,
"revision_backup_on_logout": null,
"revision_image_auto_backup": null,
"scanunit_count": null,
"security_rating_result_submission": null,
"security_rating_run_on_schedule": null,
"send_pmtu_icmp": null,
"snat_route_change": null,
"special_file_23_support": null,
"speedtest_server": null,
"split_port": null,
"ssd_trim_date": null,
"ssd_trim_freq": null,
"ssd_trim_hour": null,
"ssd_trim_min": null,
"ssd_trim_weekday": null,
"ssh_cbc_cipher": null,
"ssh_enc_algo": null,
"ssh_hmac_md5": null,
"ssh_kex_algo": null,
"ssh_kex_sha1": null,
"ssh_mac_algo": null,
"ssh_mac_weak": null,
"ssl_min_proto_version": null,
"ssl_static_key_ciphers": null,
"sslvpn_cipher_hardware_acceleration": null,
"sslvpn_ems_sn_check": null,
"sslvpn_kxp_hardware_acceleration": null,
"sslvpn_max_worker_count": null,
"sslvpn_plugin_version_check": null,
"strict_dirty_session_check": null,
"strong_crypto": null,
"switch_controller": null,
"switch_controller_reserved_network": null,
"sys_perf_log_interval": null,
"tcp_halfclose_timer": null,
"tcp_halfopen_timer": null,
"tcp_option": null,
"tcp_rst_timer": null,
"tcp_timewait_timer": null,
"tftp": null,
"timezone": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"tp_mc_skip_policy": null,
"traffic_priority": null,
"traffic_priority_level": null,
"two_factor_email_expiry": null,
"two_factor_fac_expiry": null,
"two_factor_ftk_expiry": null,
"two_factor_ftm_expiry": null,
"two_factor_sms_expiry": null,
"udp_idle_timer": null,
"url_filter_affinity": null,
"url_filter_count": null,
"user_device_store_max_devices": null,
"user_device_store_max_unified_mem": null,
"user_device_store_max_users": null,
"user_server_cert": null,
"vdom_admin": null,
"vdom_mode": null,
"vip_arp_range": null,
"virtual_server_count": null,
"virtual_server_hardware_acceleration": null,
"wad_affinity": null,
"wad_csvc_cs_count": null,
"wad_csvc_db_count": null,
"wad_memory_change_granularity": null,
"wad_source_affinity": null,
"wad_worker_count": null,
"wifi_ca_certificate": null,
"wifi_certificate": null,
"wimax_4g_usb": null,
"wireless_controller": null,
"wireless_controller_port": null
},
"vdom": "root"
}
},
"meta": {
"build": 1396,
"http_method": "POST",
"http_status": 405,
"name": "global",
"path": "system",
"serial": "FGVMEVAY_2X4PLE6",
"status": "error",
"vdom": "root",
"version": "v7.2.4"
},
"msg": "Error in repo"
}
PLAY RECAP *********************************************************************************************************************************************************************
demo-fgt-p01 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
---
- hosts: demo
gather_facts: no
connection: httpapi
collections:
- fortinet.fortios
vars:
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
vdom: "root"
ansible_network_os: fortinet.fortios.fortios
access_token: Nn6jxNf4ftHw5bmm4x9xtp9mN14zGm
tasks:
- name: System Global configuration
tags: global
fortios_system_global:
vdom: "{{ vdom }}"
access_token: "{{ access_token }}"
system_global:
#admintimeout: 400
timezone: 26
Hi @slazer2au ,
Could you check your ansible.netcommon version by input ansible-galaxy collection list | grep ansible.netcommon
405 error, we do have some issue with ansible.netcommon 5.0.0, so please make sure you are using 4.1.0.
Thanks, Maxx
Hi @slazer2au
I will go ahead to close this case, if you still have questions, feel free to reopen it or another case.
Thanks, Maxx
Since we upgraded a FortiGate to 7.2.4 we are getting HTTP 403 errors with all modules that change configuration.
Ansible version
Fortinet.FortiOS version
Host file
Playbook
Running the playbook ansible-playbook demo.yml -i hosts -vvv -t global
Running a debug on the FortiGate
Running the same playbook on a 6.4.11 and 7.0.9 Fortigate will result in the configuration being applied successfully.