Docs Home
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse
fortios.wirelesscontroller.Widsprofile
Explore with Pulumi AI
Configure wireless intrusion detection system (WIDS) profiles.
Create Widsprofile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Widsprofile(name: string, args?: WidsprofileArgs, opts?: CustomResourceOptions);@overload
def Widsprofile(resource_name: str,
args: Optional[WidsprofileArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Widsprofile(resource_name: str,
opts: Optional[ResourceOptions] = None,
ap_auto_suppress: Optional[str] = None,
ap_bgscan_disable_day: Optional[str] = None,
ap_bgscan_disable_end: Optional[str] = None,
ap_bgscan_disable_schedules: Optional[Sequence[WidsprofileApBgscanDisableScheduleArgs]] = None,
ap_bgscan_disable_start: Optional[str] = None,
ap_bgscan_duration: Optional[int] = None,
ap_bgscan_idle: Optional[int] = None,
ap_bgscan_intv: Optional[int] = None,
ap_bgscan_period: Optional[int] = None,
ap_bgscan_report_intv: Optional[int] = None,
ap_fgscan_report_intv: Optional[int] = None,
ap_scan: Optional[str] = None,
ap_scan_channel_list2g5gs: Optional[Sequence[WidsprofileApScanChannelList2g5gArgs]] = None,
ap_scan_channel_list6gs: Optional[Sequence[WidsprofileApScanChannelList6gArgs]] = None,
ap_scan_passive: Optional[str] = None,
ap_scan_threshold: Optional[str] = None,
asleap_attack: Optional[str] = None,
assoc_flood_thresh: Optional[int] = None,
assoc_flood_time: Optional[int] = None,
assoc_frame_flood: Optional[str] = None,
auth_flood_thresh: Optional[int] = None,
auth_flood_time: Optional[int] = None,
auth_frame_flood: Optional[str] = None,
comment: Optional[str] = None,
deauth_broadcast: Optional[str] = None,
deauth_unknown_src_thresh: Optional[int] = None,
dynamic_sort_subtable: Optional[str] = None,
eapol_fail_flood: Optional[str] = None,
eapol_fail_intv: Optional[int] = None,
eapol_fail_thresh: Optional[int] = None,
eapol_logoff_flood: Optional[str] = None,
eapol_logoff_intv: Optional[int] = None,
eapol_logoff_thresh: Optional[int] = None,
eapol_pre_fail_flood: Optional[str] = None,
eapol_pre_fail_intv: Optional[int] = None,
eapol_pre_fail_thresh: Optional[int] = None,
eapol_pre_succ_flood: Optional[str] = None,
eapol_pre_succ_intv: Optional[int] = None,
eapol_pre_succ_thresh: Optional[int] = None,
eapol_start_flood: Optional[str] = None,
eapol_start_intv: Optional[int] = None,
eapol_start_thresh: Optional[int] = None,
eapol_succ_flood: Optional[str] = None,
eapol_succ_intv: Optional[int] = None,
eapol_succ_thresh: Optional[int] = None,
get_all_tables: Optional[str] = None,
invalid_mac_oui: Optional[str] = None,
long_duration_attack: Optional[str] = None,
long_duration_thresh: Optional[int] = None,
name: Optional[str] = None,
null_ssid_probe_resp: Optional[str] = None,
sensor_mode: Optional[str] = None,
spoofed_deauth: Optional[str] = None,
vdomparam: Optional[str] = None,
weak_wep_iv: Optional[str] = None,
wireless_bridge: Optional[str] = None)func NewWidsprofile(ctx *Context, name string, args *WidsprofileArgs, opts ...ResourceOption) (*Widsprofile, error)public Widsprofile(string name, WidsprofileArgs? args = null, CustomResourceOptions? opts = null)public Widsprofile(String name, WidsprofileArgs args)
public Widsprofile(String name, WidsprofileArgs args, CustomResourceOptions options)
type: fortios:wirelesscontroller:Widsprofile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args WidsprofileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args WidsprofileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args WidsprofileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args WidsprofileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. WidsprofileArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var widsprofileResource = new Fortios.Wirelesscontroller.Widsprofile("widsprofileResource", new()
{
ApAutoSuppress = "string",
ApBgscanDisableDay = "string",
ApBgscanDisableEnd = "string",
ApBgscanDisableSchedules = new[]
{
new Fortios.Wirelesscontroller.Inputs.WidsprofileApBgscanDisableScheduleArgs
{
Name = "string",
},
},
ApBgscanDisableStart = "string",
ApBgscanDuration = 0,
ApBgscanIdle = 0,
ApBgscanIntv = 0,
ApBgscanPeriod = 0,
ApBgscanReportIntv = 0,
ApFgscanReportIntv = 0,
ApScan = "string",
ApScanChannelList2g5gs = new[]
{
new Fortios.Wirelesscontroller.Inputs.WidsprofileApScanChannelList2g5gArgs
{
Chan = "string",
},
},
ApScanChannelList6gs = new[]
{
new Fortios.Wirelesscontroller.Inputs.WidsprofileApScanChannelList6gArgs
{
Chan = "string",
},
},
ApScanPassive = "string",
ApScanThreshold = "string",
AsleapAttack = "string",
AssocFloodThresh = 0,
AssocFloodTime = 0,
AssocFrameFlood = "string",
AuthFloodThresh = 0,
AuthFloodTime = 0,
AuthFrameFlood = "string",
Comment = "string",
DeauthBroadcast = "string",
DeauthUnknownSrcThresh = 0,
DynamicSortSubtable = "string",
EapolFailFlood = "string",
EapolFailIntv = 0,
EapolFailThresh = 0,
EapolLogoffFlood = "string",
EapolLogoffIntv = 0,
EapolLogoffThresh = 0,
EapolPreFailFlood = "string",
EapolPreFailIntv = 0,
EapolPreFailThresh = 0,
EapolPreSuccFlood = "string",
EapolPreSuccIntv = 0,
EapolPreSuccThresh = 0,
EapolStartFlood = "string",
EapolStartIntv = 0,
EapolStartThresh = 0,
EapolSuccFlood = "string",
EapolSuccIntv = 0,
EapolSuccThresh = 0,
GetAllTables = "string",
InvalidMacOui = "string",
LongDurationAttack = "string",
LongDurationThresh = 0,
Name = "string",
NullSsidProbeResp = "string",
SensorMode = "string",
SpoofedDeauth = "string",
Vdomparam = "string",
WeakWepIv = "string",
WirelessBridge = "string",
});
example, err := wirelesscontroller.NewWidsprofile(ctx, "widsprofileResource", &wirelesscontroller.WidsprofileArgs{
ApAutoSuppress: pulumi.String("string"),
ApBgscanDisableDay: pulumi.String("string"),
ApBgscanDisableEnd: pulumi.String("string"),
ApBgscanDisableSchedules: wirelesscontroller.WidsprofileApBgscanDisableScheduleArray{
&wirelesscontroller.WidsprofileApBgscanDisableScheduleArgs{
Name: pulumi.String("string"),
},
},
ApBgscanDisableStart: pulumi.String("string"),
ApBgscanDuration: pulumi.Int(0),
ApBgscanIdle: pulumi.Int(0),
ApBgscanIntv: pulumi.Int(0),
ApBgscanPeriod: pulumi.Int(0),
ApBgscanReportIntv: pulumi.Int(0),
ApFgscanReportIntv: pulumi.Int(0),
ApScan: pulumi.String("string"),
ApScanChannelList2g5gs: wirelesscontroller.WidsprofileApScanChannelList2g5gArray{
&wirelesscontroller.WidsprofileApScanChannelList2g5gArgs{
Chan: pulumi.String("string"),
},
},
ApScanChannelList6gs: wirelesscontroller.WidsprofileApScanChannelList6gArray{
&wirelesscontroller.WidsprofileApScanChannelList6gArgs{
Chan: pulumi.String("string"),
},
},
ApScanPassive: pulumi.String("string"),
ApScanThreshold: pulumi.String("string"),
AsleapAttack: pulumi.String("string"),
AssocFloodThresh: pulumi.Int(0),
AssocFloodTime: pulumi.Int(0),
AssocFrameFlood: pulumi.String("string"),
AuthFloodThresh: pulumi.Int(0),
AuthFloodTime: pulumi.Int(0),
AuthFrameFlood: pulumi.String("string"),
Comment: pulumi.String("string"),
DeauthBroadcast: pulumi.String("string"),
DeauthUnknownSrcThresh: pulumi.Int(0),
DynamicSortSubtable: pulumi.String("string"),
EapolFailFlood: pulumi.String("string"),
EapolFailIntv: pulumi.Int(0),
EapolFailThresh: pulumi.Int(0),
EapolLogoffFlood: pulumi.String("string"),
EapolLogoffIntv: pulumi.Int(0),
EapolLogoffThresh: pulumi.Int(0),
EapolPreFailFlood: pulumi.String("string"),
EapolPreFailIntv: pulumi.Int(0),
EapolPreFailThresh: pulumi.Int(0),
EapolPreSuccFlood: pulumi.String("string"),
EapolPreSuccIntv: pulumi.Int(0),
EapolPreSuccThresh: pulumi.Int(0),
EapolStartFlood: pulumi.String("string"),
EapolStartIntv: pulumi.Int(0),
EapolStartThresh: pulumi.Int(0),
EapolSuccFlood: pulumi.String("string"),
EapolSuccIntv: pulumi.Int(0),
EapolSuccThresh: pulumi.Int(0),
GetAllTables: pulumi.String("string"),
InvalidMacOui: pulumi.String("string"),
LongDurationAttack: pulumi.String("string"),
LongDurationThresh: pulumi.Int(0),
Name: pulumi.String("string"),
NullSsidProbeResp: pulumi.String("string"),
SensorMode: pulumi.String("string"),
SpoofedDeauth: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
WeakWepIv: pulumi.String("string"),
WirelessBridge: pulumi.String("string"),
})
var widsprofileResource = new Widsprofile("widsprofileResource", WidsprofileArgs.builder()
.apAutoSuppress("string")
.apBgscanDisableDay("string")
.apBgscanDisableEnd("string")
.apBgscanDisableSchedules(WidsprofileApBgscanDisableScheduleArgs.builder()
.name("string")
.build())
.apBgscanDisableStart("string")
.apBgscanDuration(0)
.apBgscanIdle(0)
.apBgscanIntv(0)
.apBgscanPeriod(0)
.apBgscanReportIntv(0)
.apFgscanReportIntv(0)
.apScan("string")
.apScanChannelList2g5gs(WidsprofileApScanChannelList2g5gArgs.builder()
.chan("string")
.build())
.apScanChannelList6gs(WidsprofileApScanChannelList6gArgs.builder()
.chan("string")
.build())
.apScanPassive("string")
.apScanThreshold("string")
.asleapAttack("string")
.assocFloodThresh(0)
.assocFloodTime(0)
.assocFrameFlood("string")
.authFloodThresh(0)
.authFloodTime(0)
.authFrameFlood("string")
.comment("string")
.deauthBroadcast("string")
.deauthUnknownSrcThresh(0)
.dynamicSortSubtable("string")
.eapolFailFlood("string")
.eapolFailIntv(0)
.eapolFailThresh(0)
.eapolLogoffFlood("string")
.eapolLogoffIntv(0)
.eapolLogoffThresh(0)
.eapolPreFailFlood("string")
.eapolPreFailIntv(0)
.eapolPreFailThresh(0)
.eapolPreSuccFlood("string")
.eapolPreSuccIntv(0)
.eapolPreSuccThresh(0)
.eapolStartFlood("string")
.eapolStartIntv(0)
.eapolStartThresh(0)
.eapolSuccFlood("string")
.eapolSuccIntv(0)
.eapolSuccThresh(0)
.getAllTables("string")
.invalidMacOui("string")
.longDurationAttack("string")
.longDurationThresh(0)
.name("string")
.nullSsidProbeResp("string")
.sensorMode("string")
.spoofedDeauth("string")
.vdomparam("string")
.weakWepIv("string")
.wirelessBridge("string")
.build());
widsprofile_resource = fortios.wirelesscontroller.Widsprofile("widsprofileResource",
ap_auto_suppress="string",
ap_bgscan_disable_day="string",
ap_bgscan_disable_end="string",
ap_bgscan_disable_schedules=[{
"name": "string",
}],
ap_bgscan_disable_start="string",
ap_bgscan_duration=0,
ap_bgscan_idle=0,
ap_bgscan_intv=0,
ap_bgscan_period=0,
ap_bgscan_report_intv=0,
ap_fgscan_report_intv=0,
ap_scan="string",
ap_scan_channel_list2g5gs=[{
"chan": "string",
}],
ap_scan_channel_list6gs=[{
"chan": "string",
}],
ap_scan_passive="string",
ap_scan_threshold="string",
asleap_attack="string",
assoc_flood_thresh=0,
assoc_flood_time=0,
assoc_frame_flood="string",
auth_flood_thresh=0,
auth_flood_time=0,
auth_frame_flood="string",
comment="string",
deauth_broadcast="string",
deauth_unknown_src_thresh=0,
dynamic_sort_subtable="string",
eapol_fail_flood="string",
eapol_fail_intv=0,
eapol_fail_thresh=0,
eapol_logoff_flood="string",
eapol_logoff_intv=0,
eapol_logoff_thresh=0,
eapol_pre_fail_flood="string",
eapol_pre_fail_intv=0,
eapol_pre_fail_thresh=0,
eapol_pre_succ_flood="string",
eapol_pre_succ_intv=0,
eapol_pre_succ_thresh=0,
eapol_start_flood="string",
eapol_start_intv=0,
eapol_start_thresh=0,
eapol_succ_flood="string",
eapol_succ_intv=0,
eapol_succ_thresh=0,
get_all_tables="string",
invalid_mac_oui="string",
long_duration_attack="string",
long_duration_thresh=0,
name="string",
null_ssid_probe_resp="string",
sensor_mode="string",
spoofed_deauth="string",
vdomparam="string",
weak_wep_iv="string",
wireless_bridge="string")
const widsprofileResource = new fortios.wirelesscontroller.Widsprofile("widsprofileResource", {
apAutoSuppress: "string",
apBgscanDisableDay: "string",
apBgscanDisableEnd: "string",
apBgscanDisableSchedules: [{
name: "string",
}],
apBgscanDisableStart: "string",
apBgscanDuration: 0,
apBgscanIdle: 0,
apBgscanIntv: 0,
apBgscanPeriod: 0,
apBgscanReportIntv: 0,
apFgscanReportIntv: 0,
apScan: "string",
apScanChannelList2g5gs: [{
chan: "string",
}],
apScanChannelList6gs: [{
chan: "string",
}],
apScanPassive: "string",
apScanThreshold: "string",
asleapAttack: "string",
assocFloodThresh: 0,
assocFloodTime: 0,
assocFrameFlood: "string",
authFloodThresh: 0,
authFloodTime: 0,
authFrameFlood: "string",
comment: "string",
deauthBroadcast: "string",
deauthUnknownSrcThresh: 0,
dynamicSortSubtable: "string",
eapolFailFlood: "string",
eapolFailIntv: 0,
eapolFailThresh: 0,
eapolLogoffFlood: "string",
eapolLogoffIntv: 0,
eapolLogoffThresh: 0,
eapolPreFailFlood: "string",
eapolPreFailIntv: 0,
eapolPreFailThresh: 0,
eapolPreSuccFlood: "string",
eapolPreSuccIntv: 0,
eapolPreSuccThresh: 0,
eapolStartFlood: "string",
eapolStartIntv: 0,
eapolStartThresh: 0,
eapolSuccFlood: "string",
eapolSuccIntv: 0,
eapolSuccThresh: 0,
getAllTables: "string",
invalidMacOui: "string",
longDurationAttack: "string",
longDurationThresh: 0,
name: "string",
nullSsidProbeResp: "string",
sensorMode: "string",
spoofedDeauth: "string",
vdomparam: "string",
weakWepIv: "string",
wirelessBridge: "string",
});
type: fortios:wirelesscontroller:Widsprofile
properties:
apAutoSuppress: string
apBgscanDisableDay: string
apBgscanDisableEnd: string
apBgscanDisableSchedules:
- name: string
apBgscanDisableStart: string
apBgscanDuration: 0
apBgscanIdle: 0
apBgscanIntv: 0
apBgscanPeriod: 0
apBgscanReportIntv: 0
apFgscanReportIntv: 0
apScan: string
apScanChannelList2g5gs:
- chan: string
apScanChannelList6gs:
- chan: string
apScanPassive: string
apScanThreshold: string
asleapAttack: string
assocFloodThresh: 0
assocFloodTime: 0
assocFrameFlood: string
authFloodThresh: 0
authFloodTime: 0
authFrameFlood: string
comment: string
deauthBroadcast: string
deauthUnknownSrcThresh: 0
dynamicSortSubtable: string
eapolFailFlood: string
eapolFailIntv: 0
eapolFailThresh: 0
eapolLogoffFlood: string
eapolLogoffIntv: 0
eapolLogoffThresh: 0
eapolPreFailFlood: string
eapolPreFailIntv: 0
eapolPreFailThresh: 0
eapolPreSuccFlood: string
eapolPreSuccIntv: 0
eapolPreSuccThresh: 0
eapolStartFlood: string
eapolStartIntv: 0
eapolStartThresh: 0
eapolSuccFlood: string
eapolSuccIntv: 0
eapolSuccThresh: 0
getAllTables: string
invalidMacOui: string
longDurationAttack: string
longDurationThresh: 0
name: string
nullSsidProbeResp: string
sensorMode: string
spoofedDeauth: string
vdomparam: string
weakWepIv: string
wirelessBridge: string
Widsprofile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Widsprofile resource accepts the following input properties:
- Ap
Auto stringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - Ap
Bgscan stringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - Ap
Bgscan stringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- Ap
Bgscan List<Pulumiverse.Disable Schedules Fortios. Wirelesscontroller. Inputs. Widsprofile Ap Bgscan Disable Schedule> - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - Ap
Bgscan stringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- Ap
Bgscan intDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- Ap
Bgscan intIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- Ap
Bgscan intIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- Ap
Bgscan intPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- Ap
Bgscan intReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- Ap
Fgscan intReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- Ap
Scan string - Enable/disable rogue AP detection. Valid values:
disable,enable. - Ap
Scan List<Pulumiverse.Channel List2g5gs Fortios. Wirelesscontroller. Inputs. Widsprofile Ap Scan Channel List2g5g> - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - Ap
Scan List<Pulumiverse.Channel List6gs Fortios. Wirelesscontroller. Inputs. Widsprofile Ap Scan Channel List6g> - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - Ap
Scan stringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - Ap
Scan stringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- Asleap
Attack string - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - Assoc
Flood intThresh - The threshold value for association frame flooding.
- Assoc
Flood intTime - Number of seconds after which a station is considered not connected.
- Assoc
Frame stringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - Auth
Flood intThresh - The threshold value for authentication frame flooding.
- Auth
Flood intTime - Number of seconds after which a station is considered not connected.
- Auth
Frame stringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - Comment string
- Comment.
- Deauth
Broadcast string - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - Deauth
Unknown intSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Eapol
Fail stringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Fail intIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- Eapol
Fail intThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- Eapol
Logoff stringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Logoff intIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- Eapol
Logoff intThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- Eapol
Pre stringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - Eapol
Pre intFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- Eapol
Pre intFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- Eapol
Pre stringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - Eapol
Pre intSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- Eapol
Pre intSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- Eapol
Start stringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Start intIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- Eapol
Start intThresh - The threshold value for EAPOL-Start flooding in specified interval.
- Eapol
Succ stringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Succ intIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- Eapol
Succ intThresh - The threshold value for EAPOL-Success flooding in specified interval.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Invalid
Mac stringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - Long
Duration stringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - Long
Duration intThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- Name
Changes to this property will trigger replacement. - WIDS profile name.
- Null
Ssid stringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - Sensor
Mode string - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - Spoofed
Deauth string - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - Vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- Weak
Wep stringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - Wireless
Bridge string - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- Ap
Auto stringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - Ap
Bgscan stringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - Ap
Bgscan stringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- Ap
Bgscan []WidsprofileDisable Schedules Ap Bgscan Disable Schedule Args - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - Ap
Bgscan stringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- Ap
Bgscan intDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- Ap
Bgscan intIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- Ap
Bgscan intIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- Ap
Bgscan intPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- Ap
Bgscan intReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- Ap
Fgscan intReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- Ap
Scan string - Enable/disable rogue AP detection. Valid values:
disable,enable. - Ap
Scan []WidsprofileChannel List2g5gs Ap Scan Channel List2g5g Args - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - Ap
Scan []WidsprofileChannel List6gs Ap Scan Channel List6g Args - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - Ap
Scan stringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - Ap
Scan stringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- Asleap
Attack string - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - Assoc
Flood intThresh - The threshold value for association frame flooding.
- Assoc
Flood intTime - Number of seconds after which a station is considered not connected.
- Assoc
Frame stringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - Auth
Flood intThresh - The threshold value for authentication frame flooding.
- Auth
Flood intTime - Number of seconds after which a station is considered not connected.
- Auth
Frame stringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - Comment string
- Comment.
- Deauth
Broadcast string - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - Deauth
Unknown intSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Eapol
Fail stringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Fail intIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- Eapol
Fail intThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- Eapol
Logoff stringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Logoff intIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- Eapol
Logoff intThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- Eapol
Pre stringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - Eapol
Pre intFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- Eapol
Pre intFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- Eapol
Pre stringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - Eapol
Pre intSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- Eapol
Pre intSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- Eapol
Start stringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Start intIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- Eapol
Start intThresh - The threshold value for EAPOL-Start flooding in specified interval.
- Eapol
Succ stringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Succ intIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- Eapol
Succ intThresh - The threshold value for EAPOL-Success flooding in specified interval.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Invalid
Mac stringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - Long
Duration stringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - Long
Duration intThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- Name
- WIDS profile name.
- Null
Ssid stringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - Sensor
Mode string - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - Spoofed
Deauth string - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - Vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- Weak
Wep stringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - Wireless
Bridge string - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- ap
Auto StringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - ap
Bgscan StringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - ap
Bgscan StringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan List<WidsprofileDisable Schedules Ap Bgscan Disable Schedule> - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - ap
Bgscan StringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan IntegerDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- ap
Bgscan IntegerIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- ap
Bgscan IntegerIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- ap
Bgscan IntegerPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- ap
Bgscan IntegerReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- ap
Fgscan IntegerReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- ap
Scan String - Enable/disable rogue AP detection. Valid values:
disable,enable. - ap
Scan List<WidsprofileChannel List2g5gs Ap Scan Channel List2g5g> - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - ap
Scan List<WidsprofileChannel List6gs Ap Scan Channel List6g> - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - ap
Scan StringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - ap
Scan StringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- asleap
Attack String - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - assoc
Flood IntegerThresh - The threshold value for association frame flooding.
- assoc
Flood IntegerTime - Number of seconds after which a station is considered not connected.
- assoc
Frame StringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - auth
Flood IntegerThresh - The threshold value for authentication frame flooding.
- auth
Flood IntegerTime - Number of seconds after which a station is considered not connected.
- auth
Frame StringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - comment String
- Comment.
- deauth
Broadcast String - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - deauth
Unknown IntegerSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- eapol
Fail StringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Fail IntegerIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Fail IntegerThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- eapol
Logoff StringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Logoff IntegerIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- eapol
Logoff IntegerThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- eapol
Pre StringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre IntegerFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Pre IntegerFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- eapol
Pre StringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre IntegerSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- eapol
Pre IntegerSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- eapol
Start StringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Start IntegerIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- eapol
Start IntegerThresh - The threshold value for EAPOL-Start flooding in specified interval.
- eapol
Succ StringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Succ IntegerIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- eapol
Succ IntegerThresh - The threshold value for EAPOL-Success flooding in specified interval.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- invalid
Mac StringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - long
Duration StringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - long
Duration IntegerThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- name
- WIDS profile name.
- null
Ssid StringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - sensor
Mode String - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - spoofed
Deauth String - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- weak
Wep StringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - wireless
Bridge String - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- ap
Auto stringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - ap
Bgscan stringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - ap
Bgscan stringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan WidsprofileDisable Schedules Ap Bgscan Disable Schedule[] - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - ap
Bgscan stringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan numberDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- ap
Bgscan numberIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- ap
Bgscan numberIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- ap
Bgscan numberPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- ap
Bgscan numberReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- ap
Fgscan numberReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- ap
Scan string - Enable/disable rogue AP detection. Valid values:
disable,enable. - ap
Scan WidsprofileChannel List2g5gs Ap Scan Channel List2g5g[] - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - ap
Scan WidsprofileChannel List6gs Ap Scan Channel List6g[] - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - ap
Scan stringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - ap
Scan stringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- asleap
Attack string - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - assoc
Flood numberThresh - The threshold value for association frame flooding.
- assoc
Flood numberTime - Number of seconds after which a station is considered not connected.
- assoc
Frame stringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - auth
Flood numberThresh - The threshold value for authentication frame flooding.
- auth
Flood numberTime - Number of seconds after which a station is considered not connected.
- auth
Frame stringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - comment string
- Comment.
- deauth
Broadcast string - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - deauth
Unknown numberSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- eapol
Fail stringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Fail numberIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Fail numberThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- eapol
Logoff stringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Logoff numberIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- eapol
Logoff numberThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- eapol
Pre stringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre numberFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Pre numberFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- eapol
Pre stringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre numberSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- eapol
Pre numberSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- eapol
Start stringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Start numberIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- eapol
Start numberThresh - The threshold value for EAPOL-Start flooding in specified interval.
- eapol
Succ stringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Succ numberIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- eapol
Succ numberThresh - The threshold value for EAPOL-Success flooding in specified interval.
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- invalid
Mac stringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - long
Duration stringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - long
Duration numberThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- name
- WIDS profile name.
- null
Ssid stringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - sensor
Mode string - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - spoofed
Deauth string - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- weak
Wep stringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - wireless
Bridge string - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- ap_
auto_ strsuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - ap_
bgscan_ strdisable_ day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - ap_
bgscan_ strdisable_ end - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap_
bgscan_ Sequence[Widsprofiledisable_ schedules Ap Bgscan Disable Schedule Args] - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - ap_
bgscan_ strdisable_ start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap_
bgscan_ intduration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- ap_
bgscan_ intidle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- ap_
bgscan_ intintv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- ap_
bgscan_ intperiod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- ap_
bgscan_ intreport_ intv - Period between background scan reports (15 - 600 sec, default = 30).
- ap_
fgscan_ intreport_ intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- ap_
scan str - Enable/disable rogue AP detection. Valid values:
disable,enable. - ap_
scan_ Sequence[Widsprofilechannel_ list2g5gs Ap Scan Channel List2g5g Args] - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - ap_
scan_ Sequence[Widsprofilechannel_ list6gs Ap Scan Channel List6g Args] - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - ap_
scan_ strpassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - ap_
scan_ strthreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- asleap_
attack str - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - assoc_
flood_ intthresh - The threshold value for association frame flooding.
- assoc_
flood_ inttime - Number of seconds after which a station is considered not connected.
- assoc_
frame_ strflood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - auth_
flood_ intthresh - The threshold value for authentication frame flooding.
- auth_
flood_ inttime - Number of seconds after which a station is considered not connected.
- auth_
frame_ strflood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - comment str
- Comment.
- deauth_
broadcast str - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - deauth_
unknown_ intsrc_ thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- eapol_
fail_ strflood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol_
fail_ intintv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- eapol_
fail_ intthresh - The threshold value for EAPOL-Failure flooding in specified interval.
- eapol_
logoff_ strflood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol_
logoff_ intintv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- eapol_
logoff_ intthresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- eapol_
pre_ strfail_ flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol_
pre_ intfail_ intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- eapol_
pre_ intfail_ thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- eapol_
pre_ strsucc_ flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol_
pre_ intsucc_ intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- eapol_
pre_ intsucc_ thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- eapol_
start_ strflood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol_
start_ intintv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- eapol_
start_ intthresh - The threshold value for EAPOL-Start flooding in specified interval.
- eapol_
succ_ strflood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol_
succ_ intintv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- eapol_
succ_ intthresh - The threshold value for EAPOL-Success flooding in specified interval.
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- invalid_
mac_ stroui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - long_
duration_ strattack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - long_
duration_ intthresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- name
- WIDS profile name.
- null_
ssid_ strprobe_ resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - sensor_
mode str - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - spoofed_
deauth str - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- weak_
wep_ striv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - wireless_
bridge str - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- ap
Auto StringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - ap
Bgscan StringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - ap
Bgscan StringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan List<Property Map>Disable Schedules - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - ap
Bgscan StringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan NumberDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- ap
Bgscan NumberIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- ap
Bgscan NumberIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- ap
Bgscan NumberPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- ap
Bgscan NumberReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- ap
Fgscan NumberReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- ap
Scan String - Enable/disable rogue AP detection. Valid values:
disable,enable. - ap
Scan List<Property Map>Channel List2g5gs - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - ap
Scan List<Property Map>Channel List6gs - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - ap
Scan StringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - ap
Scan StringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- asleap
Attack String - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - assoc
Flood NumberThresh - The threshold value for association frame flooding.
- assoc
Flood NumberTime - Number of seconds after which a station is considered not connected.
- assoc
Frame StringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - auth
Flood NumberThresh - The threshold value for authentication frame flooding.
- auth
Flood NumberTime - Number of seconds after which a station is considered not connected.
- auth
Frame StringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - comment String
- Comment.
- deauth
Broadcast String - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - deauth
Unknown NumberSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- eapol
Fail StringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Fail NumberIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Fail NumberThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- eapol
Logoff StringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Logoff NumberIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- eapol
Logoff NumberThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- eapol
Pre StringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre NumberFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Pre NumberFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- eapol
Pre StringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre NumberSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- eapol
Pre NumberSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- eapol
Start StringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Start NumberIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- eapol
Start NumberThresh - The threshold value for EAPOL-Start flooding in specified interval.
- eapol
Succ StringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Succ NumberIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- eapol
Succ NumberThresh - The threshold value for EAPOL-Success flooding in specified interval.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- invalid
Mac StringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - long
Duration StringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - long
Duration NumberThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- name
- WIDS profile name.
- null
Ssid StringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - sensor
Mode String - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - spoofed
Deauth String - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- weak
Wep StringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - wireless
Bridge String - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
Outputs
All input properties are implicitly available as output properties. Additionally, the Widsprofile resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Widsprofile Resource
Get an existing Widsprofile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: WidsprofileState, opts?: CustomResourceOptions): Widsprofile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
ap_auto_suppress: Optional[str] = None,
ap_bgscan_disable_day: Optional[str] = None,
ap_bgscan_disable_end: Optional[str] = None,
ap_bgscan_disable_schedules: Optional[Sequence[WidsprofileApBgscanDisableScheduleArgs]] = None,
ap_bgscan_disable_start: Optional[str] = None,
ap_bgscan_duration: Optional[int] = None,
ap_bgscan_idle: Optional[int] = None,
ap_bgscan_intv: Optional[int] = None,
ap_bgscan_period: Optional[int] = None,
ap_bgscan_report_intv: Optional[int] = None,
ap_fgscan_report_intv: Optional[int] = None,
ap_scan: Optional[str] = None,
ap_scan_channel_list2g5gs: Optional[Sequence[WidsprofileApScanChannelList2g5gArgs]] = None,
ap_scan_channel_list6gs: Optional[Sequence[WidsprofileApScanChannelList6gArgs]] = None,
ap_scan_passive: Optional[str] = None,
ap_scan_threshold: Optional[str] = None,
asleap_attack: Optional[str] = None,
assoc_flood_thresh: Optional[int] = None,
assoc_flood_time: Optional[int] = None,
assoc_frame_flood: Optional[str] = None,
auth_flood_thresh: Optional[int] = None,
auth_flood_time: Optional[int] = None,
auth_frame_flood: Optional[str] = None,
comment: Optional[str] = None,
deauth_broadcast: Optional[str] = None,
deauth_unknown_src_thresh: Optional[int] = None,
dynamic_sort_subtable: Optional[str] = None,
eapol_fail_flood: Optional[str] = None,
eapol_fail_intv: Optional[int] = None,
eapol_fail_thresh: Optional[int] = None,
eapol_logoff_flood: Optional[str] = None,
eapol_logoff_intv: Optional[int] = None,
eapol_logoff_thresh: Optional[int] = None,
eapol_pre_fail_flood: Optional[str] = None,
eapol_pre_fail_intv: Optional[int] = None,
eapol_pre_fail_thresh: Optional[int] = None,
eapol_pre_succ_flood: Optional[str] = None,
eapol_pre_succ_intv: Optional[int] = None,
eapol_pre_succ_thresh: Optional[int] = None,
eapol_start_flood: Optional[str] = None,
eapol_start_intv: Optional[int] = None,
eapol_start_thresh: Optional[int] = None,
eapol_succ_flood: Optional[str] = None,
eapol_succ_intv: Optional[int] = None,
eapol_succ_thresh: Optional[int] = None,
get_all_tables: Optional[str] = None,
invalid_mac_oui: Optional[str] = None,
long_duration_attack: Optional[str] = None,
long_duration_thresh: Optional[int] = None,
name: Optional[str] = None,
null_ssid_probe_resp: Optional[str] = None,
sensor_mode: Optional[str] = None,
spoofed_deauth: Optional[str] = None,
vdomparam: Optional[str] = None,
weak_wep_iv: Optional[str] = None,
wireless_bridge: Optional[str] = None) -> Widsprofilefunc GetWidsprofile(ctx *Context, name string, id IDInput, state *WidsprofileState, opts ...ResourceOption) (*Widsprofile, error)public static Widsprofile Get(string name, Input<string> id, WidsprofileState? state, CustomResourceOptions? opts = null)public static Widsprofile get(String name, Output<String> id, WidsprofileState state, CustomResourceOptions options)resources: _: type: fortios:wirelesscontroller:Widsprofile get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Ap
Auto stringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - Ap
Bgscan stringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - Ap
Bgscan stringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- Ap
Bgscan List<Pulumiverse.Disable Schedules Fortios. Wirelesscontroller. Inputs. Widsprofile Ap Bgscan Disable Schedule> - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - Ap
Bgscan stringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- Ap
Bgscan intDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- Ap
Bgscan intIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- Ap
Bgscan intIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- Ap
Bgscan intPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- Ap
Bgscan intReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- Ap
Fgscan intReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- Ap
Scan string - Enable/disable rogue AP detection. Valid values:
disable,enable. - Ap
Scan List<Pulumiverse.Channel List2g5gs Fortios. Wirelesscontroller. Inputs. Widsprofile Ap Scan Channel List2g5g> - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - Ap
Scan List<Pulumiverse.Channel List6gs Fortios. Wirelesscontroller. Inputs. Widsprofile Ap Scan Channel List6g> - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - Ap
Scan stringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - Ap
Scan stringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- Asleap
Attack string - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - Assoc
Flood intThresh - The threshold value for association frame flooding.
- Assoc
Flood intTime - Number of seconds after which a station is considered not connected.
- Assoc
Frame stringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - Auth
Flood intThresh - The threshold value for authentication frame flooding.
- Auth
Flood intTime - Number of seconds after which a station is considered not connected.
- Auth
Frame stringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - Comment string
- Comment.
- Deauth
Broadcast string - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - Deauth
Unknown intSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Eapol
Fail stringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Fail intIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- Eapol
Fail intThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- Eapol
Logoff stringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Logoff intIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- Eapol
Logoff intThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- Eapol
Pre stringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - Eapol
Pre intFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- Eapol
Pre intFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- Eapol
Pre stringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - Eapol
Pre intSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- Eapol
Pre intSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- Eapol
Start stringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Start intIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- Eapol
Start intThresh - The threshold value for EAPOL-Start flooding in specified interval.
- Eapol
Succ stringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Succ intIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- Eapol
Succ intThresh - The threshold value for EAPOL-Success flooding in specified interval.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Invalid
Mac stringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - Long
Duration stringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - Long
Duration intThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- Name
- WIDS profile name.
- Null
Ssid stringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - Sensor
Mode string - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - Spoofed
Deauth string - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - Vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- Weak
Wep stringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - Wireless
Bridge string - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- Ap
Auto stringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - Ap
Bgscan stringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - Ap
Bgscan stringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- Ap
Bgscan []WidsprofileDisable Schedules Ap Bgscan Disable Schedule Args - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - Ap
Bgscan stringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- Ap
Bgscan intDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- Ap
Bgscan intIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- Ap
Bgscan intIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- Ap
Bgscan intPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- Ap
Bgscan intReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- Ap
Fgscan intReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- Ap
Scan string - Enable/disable rogue AP detection. Valid values:
disable,enable. - Ap
Scan []WidsprofileChannel List2g5gs Ap Scan Channel List2g5g Args - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - Ap
Scan []WidsprofileChannel List6gs Ap Scan Channel List6g Args - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - Ap
Scan stringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - Ap
Scan stringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- Asleap
Attack string - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - Assoc
Flood intThresh - The threshold value for association frame flooding.
- Assoc
Flood intTime - Number of seconds after which a station is considered not connected.
- Assoc
Frame stringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - Auth
Flood intThresh - The threshold value for authentication frame flooding.
- Auth
Flood intTime - Number of seconds after which a station is considered not connected.
- Auth
Frame stringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - Comment string
- Comment.
- Deauth
Broadcast string - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - Deauth
Unknown intSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Eapol
Fail stringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Fail intIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- Eapol
Fail intThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- Eapol
Logoff stringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Logoff intIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- Eapol
Logoff intThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- Eapol
Pre stringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - Eapol
Pre intFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- Eapol
Pre intFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- Eapol
Pre stringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - Eapol
Pre intSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- Eapol
Pre intSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- Eapol
Start stringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Start intIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- Eapol
Start intThresh - The threshold value for EAPOL-Start flooding in specified interval.
- Eapol
Succ stringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - Eapol
Succ intIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- Eapol
Succ intThresh - The threshold value for EAPOL-Success flooding in specified interval.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Invalid
Mac stringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - Long
Duration stringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - Long
Duration intThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- Name
- WIDS profile name.
- Null
Ssid stringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - Sensor
Mode string - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - Spoofed
Deauth string - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - Vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- Weak
Wep stringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - Wireless
Bridge string - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- ap
Auto StringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - ap
Bgscan StringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - ap
Bgscan StringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan List<WidsprofileDisable Schedules Ap Bgscan Disable Schedule> - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - ap
Bgscan StringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan IntegerDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- ap
Bgscan IntegerIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- ap
Bgscan IntegerIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- ap
Bgscan IntegerPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- ap
Bgscan IntegerReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- ap
Fgscan IntegerReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- ap
Scan String - Enable/disable rogue AP detection. Valid values:
disable,enable. - ap
Scan List<WidsprofileChannel List2g5gs Ap Scan Channel List2g5g> - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - ap
Scan List<WidsprofileChannel List6gs Ap Scan Channel List6g> - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - ap
Scan StringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - ap
Scan StringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- asleap
Attack String - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - assoc
Flood IntegerThresh - The threshold value for association frame flooding.
- assoc
Flood IntegerTime - Number of seconds after which a station is considered not connected.
- assoc
Frame StringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - auth
Flood IntegerThresh - The threshold value for authentication frame flooding.
- auth
Flood IntegerTime - Number of seconds after which a station is considered not connected.
- auth
Frame StringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - comment String
- Comment.
- deauth
Broadcast String - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - deauth
Unknown IntegerSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- eapol
Fail StringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Fail IntegerIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Fail IntegerThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- eapol
Logoff StringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Logoff IntegerIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- eapol
Logoff IntegerThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- eapol
Pre StringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre IntegerFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Pre IntegerFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- eapol
Pre StringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre IntegerSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- eapol
Pre IntegerSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- eapol
Start StringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Start IntegerIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- eapol
Start IntegerThresh - The threshold value for EAPOL-Start flooding in specified interval.
- eapol
Succ StringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Succ IntegerIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- eapol
Succ IntegerThresh - The threshold value for EAPOL-Success flooding in specified interval.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- invalid
Mac StringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - long
Duration StringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - long
Duration IntegerThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- name
- WIDS profile name.
- null
Ssid StringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - sensor
Mode String - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - spoofed
Deauth String - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- weak
Wep StringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - wireless
Bridge String - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- ap
Auto stringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - ap
Bgscan stringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - ap
Bgscan stringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan WidsprofileDisable Schedules Ap Bgscan Disable Schedule[] - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - ap
Bgscan stringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan numberDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- ap
Bgscan numberIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- ap
Bgscan numberIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- ap
Bgscan numberPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- ap
Bgscan numberReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- ap
Fgscan numberReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- ap
Scan string - Enable/disable rogue AP detection. Valid values:
disable,enable. - ap
Scan WidsprofileChannel List2g5gs Ap Scan Channel List2g5g[] - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - ap
Scan WidsprofileChannel List6gs Ap Scan Channel List6g[] - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - ap
Scan stringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - ap
Scan stringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- asleap
Attack string - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - assoc
Flood numberThresh - The threshold value for association frame flooding.
- assoc
Flood numberTime - Number of seconds after which a station is considered not connected.
- assoc
Frame stringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - auth
Flood numberThresh - The threshold value for authentication frame flooding.
- auth
Flood numberTime - Number of seconds after which a station is considered not connected.
- auth
Frame stringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - comment string
- Comment.
- deauth
Broadcast string - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - deauth
Unknown numberSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- eapol
Fail stringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Fail numberIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Fail numberThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- eapol
Logoff stringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Logoff numberIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- eapol
Logoff numberThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- eapol
Pre stringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre numberFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Pre numberFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- eapol
Pre stringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre numberSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- eapol
Pre numberSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- eapol
Start stringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Start numberIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- eapol
Start numberThresh - The threshold value for EAPOL-Start flooding in specified interval.
- eapol
Succ stringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Succ numberIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- eapol
Succ numberThresh - The threshold value for EAPOL-Success flooding in specified interval.
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- invalid
Mac stringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - long
Duration stringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - long
Duration numberThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- name
- WIDS profile name.
- null
Ssid stringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - sensor
Mode string - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - spoofed
Deauth string - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- weak
Wep stringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - wireless
Bridge string - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- ap_
auto_ strsuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - ap_
bgscan_ strdisable_ day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - ap_
bgscan_ strdisable_ end - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap_
bgscan_ Sequence[Widsprofiledisable_ schedules Ap Bgscan Disable Schedule Args] - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - ap_
bgscan_ strdisable_ start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap_
bgscan_ intduration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- ap_
bgscan_ intidle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- ap_
bgscan_ intintv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- ap_
bgscan_ intperiod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- ap_
bgscan_ intreport_ intv - Period between background scan reports (15 - 600 sec, default = 30).
- ap_
fgscan_ intreport_ intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- ap_
scan str - Enable/disable rogue AP detection. Valid values:
disable,enable. - ap_
scan_ Sequence[Widsprofilechannel_ list2g5gs Ap Scan Channel List2g5g Args] - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - ap_
scan_ Sequence[Widsprofilechannel_ list6gs Ap Scan Channel List6g Args] - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - ap_
scan_ strpassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - ap_
scan_ strthreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- asleap_
attack str - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - assoc_
flood_ intthresh - The threshold value for association frame flooding.
- assoc_
flood_ inttime - Number of seconds after which a station is considered not connected.
- assoc_
frame_ strflood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - auth_
flood_ intthresh - The threshold value for authentication frame flooding.
- auth_
flood_ inttime - Number of seconds after which a station is considered not connected.
- auth_
frame_ strflood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - comment str
- Comment.
- deauth_
broadcast str - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - deauth_
unknown_ intsrc_ thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- eapol_
fail_ strflood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol_
fail_ intintv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- eapol_
fail_ intthresh - The threshold value for EAPOL-Failure flooding in specified interval.
- eapol_
logoff_ strflood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol_
logoff_ intintv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- eapol_
logoff_ intthresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- eapol_
pre_ strfail_ flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol_
pre_ intfail_ intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- eapol_
pre_ intfail_ thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- eapol_
pre_ strsucc_ flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol_
pre_ intsucc_ intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- eapol_
pre_ intsucc_ thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- eapol_
start_ strflood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol_
start_ intintv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- eapol_
start_ intthresh - The threshold value for EAPOL-Start flooding in specified interval.
- eapol_
succ_ strflood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol_
succ_ intintv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- eapol_
succ_ intthresh - The threshold value for EAPOL-Success flooding in specified interval.
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- invalid_
mac_ stroui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - long_
duration_ strattack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - long_
duration_ intthresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- name
- WIDS profile name.
- null_
ssid_ strprobe_ resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - sensor_
mode str - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - spoofed_
deauth str - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- weak_
wep_ striv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - wireless_
bridge str - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
- ap
Auto StringSuppress - Enable/disable on-wire rogue AP auto-suppression (default = disable). Valid values:
enable,disable. - ap
Bgscan StringDisable Day - Optionally turn off scanning for one or more days of the week. Separate the days with a space. By default, no days are set. Valid values:
sunday,monday,tuesday,wednesday,thursday,friday,saturday. - ap
Bgscan StringDisable End - End time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan List<Property Map>Disable Schedules - Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. The structure of
ap_bgscan_disable_schedulesblock is documented below. - ap
Bgscan StringDisable Start - Start time, using a 24-hour clock in the format of hh:mm, for disabling background scanning (default = 00:00).
- ap
Bgscan NumberDuration - Listen time on scanning a channel (10 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 20. On FortiOS versions >= 7.0.2: default = 30.
- ap
Bgscan NumberIdle - Wait time for channel inactivity before scanning this channel (0 - 1000 msec). On FortiOS versions 6.2.0-7.0.1: default = 0. On FortiOS versions >= 7.0.2: default = 20.
- ap
Bgscan NumberIntv - Period between successive channel scans (1 - 600 sec). On FortiOS versions 6.2.0-7.0.1: default = 1. On FortiOS versions >= 7.0.2: default = 3.
- ap
Bgscan NumberPeriod - Period between background scans (default = 600). On FortiOS versions 6.2.0-6.2.6: 60 - 3600 sec. On FortiOS versions 6.4.0-7.0.1: 10 - 3600 sec.
- ap
Bgscan NumberReport Intv - Period between background scan reports (15 - 600 sec, default = 30).
- ap
Fgscan NumberReport Intv - Period between foreground scan reports (15 - 600 sec, default = 15).
- ap
Scan String - Enable/disable rogue AP detection. Valid values:
disable,enable. - ap
Scan List<Property Map>Channel List2g5gs - Selected ap scan channel list for 2.4G and 5G bands. The structure of
ap_scan_channel_list_2g_5gblock is documented below. - ap
Scan List<Property Map>Channel List6gs - Selected ap scan channel list for 6G band. The structure of
ap_scan_channel_list_6gblock is documented below. - ap
Scan StringPassive - Enable/disable passive scanning. Enable means do not send probe request on any channels (default = disable). Valid values:
enable,disable. - ap
Scan StringThreshold - Minimum signal level/threshold in dBm required for the AP to report detected rogue AP (-95 to -20, default = -90).
- asleap
Attack String - Enable/disable asleap attack detection (default = disable). Valid values:
enable,disable. - assoc
Flood NumberThresh - The threshold value for association frame flooding.
- assoc
Flood NumberTime - Number of seconds after which a station is considered not connected.
- assoc
Frame StringFlood - Enable/disable association frame flooding detection (default = disable). Valid values:
enable,disable. - auth
Flood NumberThresh - The threshold value for authentication frame flooding.
- auth
Flood NumberTime - Number of seconds after which a station is considered not connected.
- auth
Frame StringFlood - Enable/disable authentication frame flooding detection (default = disable). Valid values:
enable,disable. - comment String
- Comment.
- deauth
Broadcast String - Enable/disable broadcasting de-authentication detection (default = disable). Valid values:
enable,disable. - deauth
Unknown NumberSrc Thresh - Threshold value per second to deauth unknown src for DoS attack (0: no limit).
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- eapol
Fail StringFlood - Enable/disable EAPOL-Failure flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Fail NumberIntv - The detection interval for EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Fail NumberThresh - The threshold value for EAPOL-Failure flooding in specified interval.
- eapol
Logoff StringFlood - Enable/disable EAPOL-Logoff flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Logoff NumberIntv - The detection interval for EAPOL-Logoff flooding (1 - 3600 sec).
- eapol
Logoff NumberThresh - The threshold value for EAPOL-Logoff flooding in specified interval.
- eapol
Pre StringFail Flood - Enable/disable premature EAPOL-Failure flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre NumberFail Intv - The detection interval for premature EAPOL-Failure flooding (1 - 3600 sec).
- eapol
Pre NumberFail Thresh - The threshold value for premature EAPOL-Failure flooding in specified interval.
- eapol
Pre StringSucc Flood - Enable/disable premature EAPOL-Success flooding (to STA) detection (default = disable). Valid values:
enable,disable. - eapol
Pre NumberSucc Intv - The detection interval for premature EAPOL-Success flooding (1 - 3600 sec).
- eapol
Pre NumberSucc Thresh - The threshold value for premature EAPOL-Success flooding in specified interval.
- eapol
Start StringFlood - Enable/disable EAPOL-Start flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Start NumberIntv - The detection interval for EAPOL-Start flooding (1 - 3600 sec).
- eapol
Start NumberThresh - The threshold value for EAPOL-Start flooding in specified interval.
- eapol
Succ StringFlood - Enable/disable EAPOL-Success flooding (to AP) detection (default = disable). Valid values:
enable,disable. - eapol
Succ NumberIntv - The detection interval for EAPOL-Success flooding (1 - 3600 sec).
- eapol
Succ NumberThresh - The threshold value for EAPOL-Success flooding in specified interval.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- invalid
Mac StringOui - Enable/disable invalid MAC OUI detection. Valid values:
enable,disable. - long
Duration StringAttack - Enable/disable long duration attack detection based on user configured threshold (default = disable). Valid values:
enable,disable. - long
Duration NumberThresh - Threshold value for long duration attack detection (1000 - 32767 usec, default = 8200).
- name
- WIDS profile name.
- null
Ssid StringProbe Resp - Enable/disable null SSID probe response detection (default = disable). Valid values:
enable,disable. - sensor
Mode String - Scan nearby WiFi stations (default = disable). Valid values:
disable,foreign,both. - spoofed
Deauth String - Enable/disable spoofed de-authentication attack detection (default = disable). Valid values:
enable,disable. - vdomparam
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
The
ap_scan_channel_list_2g_5gblock supports:- weak
Wep StringIv - Enable/disable weak WEP IV (Initialization Vector) detection (default = disable). Valid values:
enable,disable. - wireless
Bridge String - Enable/disable wireless bridge detection (default = disable). Valid values:
enable,disable.
Supporting Types
WidsprofileApBgscanDisableSchedule, WidsprofileApBgscanDisableScheduleArgs
, WidsprofileApBgscanDisableScheduleArgs
- Name string
- Schedule name.
- Name string
- Schedule name.
- name String
- Schedule name.
- name string
- Schedule name.
- name str
- Schedule name.
- name String
- Schedule name.
WidsprofileApScanChannelList2g5g, WidsprofileApScanChannelList2g5gArgs
, WidsprofileApScanChannelList2g5gArgs
- Chan string
- Channel 6g number.
- Chan string
- Channel 6g number.
- chan String
- Channel 6g number.
- chan string
- Channel 6g number.
- chan str
- Channel 6g number.
- chan String
- Channel 6g number.
WidsprofileApScanChannelList6g, WidsprofileApScanChannelList6gArgs
, WidsprofileApScanChannelList6gArgs
- Chan string
- Channel 6g number.
- Chan string
- Channel 6g number.
- chan String
- Channel 6g number.
- chan string
- Channel 6g number.
- chan str
- Channel 6g number.
- chan String
- Channel 6g number.
Import
WirelessController WidsProfile can be imported using any of these accepted formats:
$ pulumi import fortios:wirelesscontroller/widsprofile:Widsprofile labelname {{name}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:wirelesscontroller/widsprofile:Widsprofile labelname {{name}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortiosTerraform Provider.