addRaVpnConnectionProfile
The addRaVpnConnectionProfile operation handles configuration related to RaVpnConnectionProfile model.
Description
This API call is not allowed on the standby unit in an HA pair.
Data Parameters
| Parameter | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| name | True | string | name of RaVpnConnectionProfile | |||
| enableExternalBrowser | True | boolean | Boolean value, TRUE or FALSE, that indicates whether the VPN client will use the client system's default browser (external to the VPN client), rather than the embedded browser. The default, FALSE, indicates that the VPN client should use its own embedded browser for client authentication. This option is used for SAML primary authentication only. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| defaultGroupPolicy | True | object | Group policy used in RA VPN connection profile Field level constraints: cannot be null. (Note: Additional constraints might exist) Allowed types are: [RaVpnGroupPolicy] |
|||
| authenticationIdentitySource | False | object | authenticationIdentitySource for RA VPN Allowed types are: [ActiveDirectoryRealm, DuoLDAPIdentitySource, IdentitySourceBase, LDAPRealm, LocalIdentitySource, RadiusIdentitySource, RadiusIdentitySourceGroup, RealmSequence, SAMLServer, SpecialRealm] |
|||
| authorizationIdentitySource | False | object | authorizationIdentitySource used in RA VPN connection profile Allowed types are: [ActiveDirectoryRealm, DuoLDAPIdentitySource, IdentitySourceBase, LDAPRealm, LocalIdentitySource, RadiusIdentitySource, RadiusIdentitySourceGroup, RealmSequence, SAMLServer, SpecialRealm] |
|||
| accountingIdentitySource | False | object | accounting identity source used in RA VPN connection profile Allowed types are: [ActiveDirectoryRealm, DuoLDAPIdentitySource, IdentitySourceBase, LDAPRealm, LocalIdentitySource, RadiusIdentitySource, RadiusIdentitySourceGroup, RealmSequence, SAMLServer, SpecialRealm] |
|||
| fallbackLocalIdentitySource | False | object | fallbackLocalIdentitySource for RA VPN Allowed types are: [LocalIdentitySource] |
|||
| authMethod | True | string | authentication method for RA VPN connection profile, values are AAA, CLIENT_CERTIFICATE, AAA_AND_CLIENT_CERTIFICATE and SAML Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| certificateUsernameSettings | False | object | Used as nestedEntity inside RA VPN | |||
| secondaryAuthenticationSettings | False | object | Referrenced nested entity in RA VPN, which is used to configure secondary authentication for RA | |||
| stripGroupFromUsername | True | boolean | A Boolean value, TRUE or FALSE, where FALSE is the default. The TRUE,value would remove the group details from the username. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| stripRealmFromUsername | True | boolean | A Boolean value, TRUE or FALSE, where FALSE is the default. The TRUE,value would remove the realm details from the username. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| ipv4LocalAddressPool | False | [object] | IPV4 local addresspool used in RA vpn connection profile Allowed types are: [NetworkObject] |
|||
| ipv6LocalAddressPool | False | [object] | IPV6 local addresspool used in RA vpn connection profile Allowed types are: [NetworkObject] |
|||
| dhcpServersForAddressAssignment | False | [object] | dhcpServersForAddressAssignment used in RA VPN connection profile Allowed types are: [NetworkObject] |
|||
| groupAlias | False | [string] | groupAlias for RaVpnConnectionProfile | |||
| groupUrl | False | [string] | groupUrl for RaVpnConnectionProfile | |||
| enablePasswordManagement | False | boolean | Allows the user to change the password, if the password is expired. Default is False. Valid only with LDAP | |||
| notifyUserOnPasswordExpiryDay | False | boolean | Notify ahead of the password expiry or on the day the password expires. Default is False. Valid only with LDAP | |||
| passwordExpirationNotificationPeriod | False | integer | Number of days to notify password expiry. Range is 1-180 days. Default is 14 days. | |||
| type | True | string | ravpnconnectionprofile | |||
Path Parameters
| Parameter | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| parentId | True | string | ||||
Example
- name: Execute 'addRaVpnConnectionProfile' operation
ftd_configuration:
operation: "addRaVpnConnectionProfile"
data:
name: "{{ name }}"
enableExternalBrowser: "{{ enable_external_browser }}"
defaultGroupPolicy: "{{ default_group_policy }}"
authenticationIdentitySource: "{{ authentication_identity_source }}"
authorizationIdentitySource: "{{ authorization_identity_source }}"
accountingIdentitySource: "{{ accounting_identity_source }}"
fallbackLocalIdentitySource: "{{ fallback_local_identity_source }}"
authMethod: "{{ auth_method }}"
certificateUsernameSettings: "{{ certificate_username_settings }}"
secondaryAuthenticationSettings: "{{ secondary_authentication_settings }}"
stripGroupFromUsername: "{{ strip_group_from_username }}"
stripRealmFromUsername: "{{ strip_realm_from_username }}"
ipv4LocalAddressPool: "{{ ipv4_local_address_pool }}"
ipv6LocalAddressPool: "{{ ipv6_local_address_pool }}"
dhcpServersForAddressAssignment: "{{ dhcp_servers_for_address_assignment }}"
groupAlias: "{{ group_alias }}"
groupUrl: "{{ group_url }}"
enablePasswordManagement: "{{ enable_password_management }}"
notifyUserOnPasswordExpiryDay: "{{ notify_user_on_password_expiry_day }}"
passwordExpirationNotificationPeriod: "{{ password_expiration_notification_period }}"
type: "{{ type }}"
path_params:
parentId: "{{ parent_id }}"