fortios.vpn/ssl/web.Portal
Explore with Pulumi AI
Portal.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";
const trname = new fortios.vpn.ssl.web.Portal("trname", {
allowUserAccess: "web ftp smb sftp telnet ssh vnc rdp ping citrix portforward",
autoConnect: "disable",
customizeForticlientDownloadUrl: "disable",
displayBookmark: "enable",
displayConnectionTools: "enable",
displayHistory: "enable",
displayStatus: "enable",
dnsServer1: "0.0.0.0",
dnsServer2: "0.0.0.0",
exclusiveRouting: "disable",
forticlientDownload: "enable",
forticlientDownloadMethod: "direct",
heading: "SSL-VPN Portal",
hideSsoCredential: "enable",
hostCheck: "none",
ipMode: "range",
ipPools: [{
name: "SSLVPN_TUNNEL_ADDR1",
}],
ipv6DnsServer1: "::",
ipv6DnsServer2: "::",
ipv6ExclusiveRouting: "disable",
ipv6Pools: [{
name: "SSLVPN_TUNNEL_IPv6_ADDR1",
}],
ipv6ServiceRestriction: "disable",
ipv6SplitTunneling: "enable",
ipv6TunnelMode: "enable",
ipv6WinsServer1: "::",
ipv6WinsServer2: "::",
keepAlive: "disable",
limitUserLogins: "disable",
macAddrAction: "allow",
macAddrCheck: "disable",
osCheck: "disable",
savePassword: "disable",
serviceRestriction: "disable",
skipCheckForBrowser: "enable",
skipCheckForUnsupportedOs: "enable",
smbNtlmv1Auth: "disable",
smbv1: "disable",
splitTunneling: "enable",
theme: "blue",
tunnelMode: "enable",
userBookmark: "enable",
userGroupBookmark: "enable",
webMode: "disable",
winsServer1: "0.0.0.0",
winsServer2: "0.0.0.0",
});
import pulumi
import pulumiverse_fortios as fortios
trname = fortios.vpn.ssl.web.Portal("trname",
allow_user_access="web ftp smb sftp telnet ssh vnc rdp ping citrix portforward",
auto_connect="disable",
customize_forticlient_download_url="disable",
display_bookmark="enable",
display_connection_tools="enable",
display_history="enable",
display_status="enable",
dns_server1="0.0.0.0",
dns_server2="0.0.0.0",
exclusive_routing="disable",
forticlient_download="enable",
forticlient_download_method="direct",
heading="SSL-VPN Portal",
hide_sso_credential="enable",
host_check="none",
ip_mode="range",
ip_pools=[fortios.vpn.ssl.web.PortalIpPoolArgs(
name="SSLVPN_TUNNEL_ADDR1",
)],
ipv6_dns_server1="::",
ipv6_dns_server2="::",
ipv6_exclusive_routing="disable",
ipv6_pools=[fortios.vpn.ssl.web.PortalIpv6PoolArgs(
name="SSLVPN_TUNNEL_IPv6_ADDR1",
)],
ipv6_service_restriction="disable",
ipv6_split_tunneling="enable",
ipv6_tunnel_mode="enable",
ipv6_wins_server1="::",
ipv6_wins_server2="::",
keep_alive="disable",
limit_user_logins="disable",
mac_addr_action="allow",
mac_addr_check="disable",
os_check="disable",
save_password="disable",
service_restriction="disable",
skip_check_for_browser="enable",
skip_check_for_unsupported_os="enable",
smb_ntlmv1_auth="disable",
smbv1="disable",
split_tunneling="enable",
theme="blue",
tunnel_mode="enable",
user_bookmark="enable",
user_group_bookmark="enable",
web_mode="disable",
wins_server1="0.0.0.0",
wins_server2="0.0.0.0")
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/vpn"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := vpn.NewPortal(ctx, "trname", &vpn.PortalArgs{
AllowUserAccess: pulumi.String("web ftp smb sftp telnet ssh vnc rdp ping citrix portforward"),
AutoConnect: pulumi.String("disable"),
CustomizeForticlientDownloadUrl: pulumi.String("disable"),
DisplayBookmark: pulumi.String("enable"),
DisplayConnectionTools: pulumi.String("enable"),
DisplayHistory: pulumi.String("enable"),
DisplayStatus: pulumi.String("enable"),
DnsServer1: pulumi.String("0.0.0.0"),
DnsServer2: pulumi.String("0.0.0.0"),
ExclusiveRouting: pulumi.String("disable"),
ForticlientDownload: pulumi.String("enable"),
ForticlientDownloadMethod: pulumi.String("direct"),
Heading: pulumi.String("SSL-VPN Portal"),
HideSsoCredential: pulumi.String("enable"),
HostCheck: pulumi.String("none"),
IpMode: pulumi.String("range"),
IpPools: ssl / web.PortalIpPoolArray{
&ssl / web.PortalIpPoolArgs{
Name: pulumi.String("SSLVPN_TUNNEL_ADDR1"),
},
},
Ipv6DnsServer1: pulumi.String("::"),
Ipv6DnsServer2: pulumi.String("::"),
Ipv6ExclusiveRouting: pulumi.String("disable"),
Ipv6Pools: ssl / web.PortalIpv6PoolArray{
&ssl / web.PortalIpv6PoolArgs{
Name: pulumi.String("SSLVPN_TUNNEL_IPv6_ADDR1"),
},
},
Ipv6ServiceRestriction: pulumi.String("disable"),
Ipv6SplitTunneling: pulumi.String("enable"),
Ipv6TunnelMode: pulumi.String("enable"),
Ipv6WinsServer1: pulumi.String("::"),
Ipv6WinsServer2: pulumi.String("::"),
KeepAlive: pulumi.String("disable"),
LimitUserLogins: pulumi.String("disable"),
MacAddrAction: pulumi.String("allow"),
MacAddrCheck: pulumi.String("disable"),
OsCheck: pulumi.String("disable"),
SavePassword: pulumi.String("disable"),
ServiceRestriction: pulumi.String("disable"),
SkipCheckForBrowser: pulumi.String("enable"),
SkipCheckForUnsupportedOs: pulumi.String("enable"),
SmbNtlmv1Auth: pulumi.String("disable"),
Smbv1: pulumi.String("disable"),
SplitTunneling: pulumi.String("enable"),
Theme: pulumi.String("blue"),
TunnelMode: pulumi.String("enable"),
UserBookmark: pulumi.String("enable"),
UserGroupBookmark: pulumi.String("enable"),
WebMode: pulumi.String("disable"),
WinsServer1: pulumi.String("0.0.0.0"),
WinsServer2: pulumi.String("0.0.0.0"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;
return await Deployment.RunAsync(() =>
{
var trname = new Fortios.Vpn.Ssl.Web.Portal("trname", new()
{
AllowUserAccess = "web ftp smb sftp telnet ssh vnc rdp ping citrix portforward",
AutoConnect = "disable",
CustomizeForticlientDownloadUrl = "disable",
DisplayBookmark = "enable",
DisplayConnectionTools = "enable",
DisplayHistory = "enable",
DisplayStatus = "enable",
DnsServer1 = "0.0.0.0",
DnsServer2 = "0.0.0.0",
ExclusiveRouting = "disable",
ForticlientDownload = "enable",
ForticlientDownloadMethod = "direct",
Heading = "SSL-VPN Portal",
HideSsoCredential = "enable",
HostCheck = "none",
IpMode = "range",
IpPools = new[]
{
new Fortios.Vpn.Ssl.Web.Inputs.PortalIpPoolArgs
{
Name = "SSLVPN_TUNNEL_ADDR1",
},
},
Ipv6DnsServer1 = "::",
Ipv6DnsServer2 = "::",
Ipv6ExclusiveRouting = "disable",
Ipv6Pools = new[]
{
new Fortios.Vpn.Ssl.Web.Inputs.PortalIpv6PoolArgs
{
Name = "SSLVPN_TUNNEL_IPv6_ADDR1",
},
},
Ipv6ServiceRestriction = "disable",
Ipv6SplitTunneling = "enable",
Ipv6TunnelMode = "enable",
Ipv6WinsServer1 = "::",
Ipv6WinsServer2 = "::",
KeepAlive = "disable",
LimitUserLogins = "disable",
MacAddrAction = "allow",
MacAddrCheck = "disable",
OsCheck = "disable",
SavePassword = "disable",
ServiceRestriction = "disable",
SkipCheckForBrowser = "enable",
SkipCheckForUnsupportedOs = "enable",
SmbNtlmv1Auth = "disable",
Smbv1 = "disable",
SplitTunneling = "enable",
Theme = "blue",
TunnelMode = "enable",
UserBookmark = "enable",
UserGroupBookmark = "enable",
WebMode = "disable",
WinsServer1 = "0.0.0.0",
WinsServer2 = "0.0.0.0",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.vpn.Portal;
import com.pulumi.fortios.vpn.PortalArgs;
import com.pulumi.fortios.vpn.inputs.PortalIpPoolArgs;
import com.pulumi.fortios.vpn.inputs.PortalIpv6PoolArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var trname = new Portal("trname", PortalArgs.builder()
.allowUserAccess("web ftp smb sftp telnet ssh vnc rdp ping citrix portforward")
.autoConnect("disable")
.customizeForticlientDownloadUrl("disable")
.displayBookmark("enable")
.displayConnectionTools("enable")
.displayHistory("enable")
.displayStatus("enable")
.dnsServer1("0.0.0.0")
.dnsServer2("0.0.0.0")
.exclusiveRouting("disable")
.forticlientDownload("enable")
.forticlientDownloadMethod("direct")
.heading("SSL-VPN Portal")
.hideSsoCredential("enable")
.hostCheck("none")
.ipMode("range")
.ipPools(PortalIpPoolArgs.builder()
.name("SSLVPN_TUNNEL_ADDR1")
.build())
.ipv6DnsServer1("::")
.ipv6DnsServer2("::")
.ipv6ExclusiveRouting("disable")
.ipv6Pools(PortalIpv6PoolArgs.builder()
.name("SSLVPN_TUNNEL_IPv6_ADDR1")
.build())
.ipv6ServiceRestriction("disable")
.ipv6SplitTunneling("enable")
.ipv6TunnelMode("enable")
.ipv6WinsServer1("::")
.ipv6WinsServer2("::")
.keepAlive("disable")
.limitUserLogins("disable")
.macAddrAction("allow")
.macAddrCheck("disable")
.osCheck("disable")
.savePassword("disable")
.serviceRestriction("disable")
.skipCheckForBrowser("enable")
.skipCheckForUnsupportedOs("enable")
.smbNtlmv1Auth("disable")
.smbv1("disable")
.splitTunneling("enable")
.theme("blue")
.tunnelMode("enable")
.userBookmark("enable")
.userGroupBookmark("enable")
.webMode("disable")
.winsServer1("0.0.0.0")
.winsServer2("0.0.0.0")
.build());
}
}
resources:
trname:
type: fortios:vpn/ssl/web:Portal
properties:
allowUserAccess: web ftp smb sftp telnet ssh vnc rdp ping citrix portforward
autoConnect: disable
customizeForticlientDownloadUrl: disable
displayBookmark: enable
displayConnectionTools: enable
displayHistory: enable
displayStatus: enable
dnsServer1: 0.0.0.0
dnsServer2: 0.0.0.0
exclusiveRouting: disable
forticlientDownload: enable
forticlientDownloadMethod: direct
heading: SSL-VPN Portal
hideSsoCredential: enable
hostCheck: none
ipMode: range
ipPools:
- name: SSLVPN_TUNNEL_ADDR1
ipv6DnsServer1: '::'
ipv6DnsServer2: '::'
ipv6ExclusiveRouting: disable
ipv6Pools:
- name: SSLVPN_TUNNEL_IPv6_ADDR1
ipv6ServiceRestriction: disable
ipv6SplitTunneling: enable
ipv6TunnelMode: enable
ipv6WinsServer1: '::'
ipv6WinsServer2: '::'
keepAlive: disable
limitUserLogins: disable
macAddrAction: allow
macAddrCheck: disable
osCheck: disable
savePassword: disable
serviceRestriction: disable
skipCheckForBrowser: enable
skipCheckForUnsupportedOs: enable
smbNtlmv1Auth: disable
smbv1: disable
splitTunneling: enable
theme: blue
tunnelMode: enable
userBookmark: enable
userGroupBookmark: enable
webMode: disable
winsServer1: 0.0.0.0
winsServer2: 0.0.0.0
Create Portal Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Portal(name: string, args?: PortalArgs, opts?: CustomResourceOptions);
@overload
def Portal(resource_name: str,
args: Optional[PortalArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Portal(resource_name: str,
opts: Optional[ResourceOptions] = None,
allow_user_access: Optional[str] = None,
auto_connect: Optional[str] = None,
bookmark_groups: Optional[Sequence[PortalBookmarkGroupArgs]] = None,
client_src_range: Optional[str] = None,
clipboard: Optional[str] = None,
custom_lang: Optional[str] = None,
customize_forticlient_download_url: Optional[str] = None,
default_protocol: Optional[str] = None,
default_window_height: Optional[int] = None,
default_window_width: Optional[int] = None,
dhcp6_ra_linkaddr: Optional[str] = None,
dhcp_ip_overlap: Optional[str] = None,
dhcp_ra_giaddr: Optional[str] = None,
display_bookmark: Optional[str] = None,
display_connection_tools: Optional[str] = None,
display_history: Optional[str] = None,
display_status: Optional[str] = None,
dns_server1: Optional[str] = None,
dns_server2: Optional[str] = None,
dns_suffix: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
exclusive_routing: Optional[str] = None,
focus_bookmark: Optional[str] = None,
forticlient_download: Optional[str] = None,
forticlient_download_method: Optional[str] = None,
get_all_tables: Optional[str] = None,
heading: Optional[str] = None,
hide_sso_credential: Optional[str] = None,
host_check: Optional[str] = None,
host_check_interval: Optional[int] = None,
host_check_policies: Optional[Sequence[PortalHostCheckPolicyArgs]] = None,
ip_mode: Optional[str] = None,
ip_pools: Optional[Sequence[PortalIpPoolArgs]] = None,
ipv6_dns_server1: Optional[str] = None,
ipv6_dns_server2: Optional[str] = None,
ipv6_exclusive_routing: Optional[str] = None,
ipv6_pools: Optional[Sequence[PortalIpv6PoolArgs]] = None,
ipv6_service_restriction: Optional[str] = None,
ipv6_split_tunneling: Optional[str] = None,
ipv6_split_tunneling_routing_addresses: Optional[Sequence[PortalIpv6SplitTunnelingRoutingAddressArgs]] = None,
ipv6_split_tunneling_routing_negate: Optional[str] = None,
ipv6_tunnel_mode: Optional[str] = None,
ipv6_wins_server1: Optional[str] = None,
ipv6_wins_server2: Optional[str] = None,
keep_alive: Optional[str] = None,
landing_page: Optional[PortalLandingPageArgs] = None,
landing_page_mode: Optional[str] = None,
limit_user_logins: Optional[str] = None,
mac_addr_action: Optional[str] = None,
mac_addr_check: Optional[str] = None,
mac_addr_check_rules: Optional[Sequence[PortalMacAddrCheckRuleArgs]] = None,
macos_forticlient_download_url: Optional[str] = None,
name: Optional[str] = None,
os_check: Optional[str] = None,
os_check_lists: Optional[Sequence[PortalOsCheckListArgs]] = None,
prefer_ipv6_dns: Optional[str] = None,
redir_url: Optional[str] = None,
rewrite_ip_uri_ui: Optional[str] = None,
save_password: Optional[str] = None,
service_restriction: Optional[str] = None,
skip_check_for_browser: Optional[str] = None,
skip_check_for_unsupported_os: Optional[str] = None,
smb_max_version: Optional[str] = None,
smb_min_version: Optional[str] = None,
smb_ntlmv1_auth: Optional[str] = None,
smbv1: Optional[str] = None,
split_dns: Optional[Sequence[PortalSplitDnArgs]] = None,
split_tunneling: Optional[str] = None,
split_tunneling_routing_addresses: Optional[Sequence[PortalSplitTunnelingRoutingAddressArgs]] = None,
split_tunneling_routing_negate: Optional[str] = None,
theme: Optional[str] = None,
transform_backward_slashes: Optional[str] = None,
tunnel_mode: Optional[str] = None,
use_sdwan: Optional[str] = None,
user_bookmark: Optional[str] = None,
user_group_bookmark: Optional[str] = None,
vdomparam: Optional[str] = None,
web_mode: Optional[str] = None,
windows_forticlient_download_url: Optional[str] = None,
wins_server1: Optional[str] = None,
wins_server2: Optional[str] = None)
func NewPortal(ctx *Context, name string, args *PortalArgs, opts ...ResourceOption) (*Portal, error)
public Portal(string name, PortalArgs? args = null, CustomResourceOptions? opts = null)
public Portal(String name, PortalArgs args)
public Portal(String name, PortalArgs args, CustomResourceOptions options)
type: fortios:vpn/ssl/web/portal:Portal
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PortalArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PortalArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PortalArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PortalArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PortalArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Portal Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Portal resource accepts the following input properties:
- Allow
User stringAccess - Allow user access to SSL-VPN applications.
- Auto
Connect string - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - Bookmark
Groups List<Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Bookmark Group> - Portal bookmark group. The structure of
bookmark_group
block is documented below. - Client
Src stringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - Clipboard string
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - Custom
Lang string - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- Customize
Forticlient stringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - Default
Protocol string - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - Default
Window intHeight - Screen height (range from 0 - 65535, default = 768).
- Default
Window intWidth - Screen width (range from 0 - 65535, default = 1024).
- Dhcp6Ra
Linkaddr string - Relay agent IPv6 link address to use in DHCP6 requests.
- Dhcp
Ip stringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - Dhcp
Ra stringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- Display
Bookmark string - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - Display
Connection stringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - Display
History string - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - Display
Status string - Enable to display the web portal status widget. Valid values:
enable
,disable
. - Dns
Server1 string - IPv4 DNS server 1.
- Dns
Server2 string - IPv4 DNS server 2.
- Dns
Suffix string - DNS suffix.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Exclusive
Routing string - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - Focus
Bookmark string - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - Forticlient
Download string - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - Forticlient
Download stringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Heading string
- Web portal heading message.
- Hide
Sso stringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - Host
Check string - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - Host
Check intInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- Host
Check List<Pulumiverse.Policies Fortios. Vpn. Ssl. Web. Inputs. Portal Host Check Policy> - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - Ip
Mode string - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- Ip
Pools List<Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Ip Pool> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - Ipv6Dns
Server1 string - IPv6 DNS server 1.
- Ipv6Dns
Server2 string - IPv6 DNS server 2.
- Ipv6Exclusive
Routing string - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - Ipv6Pools
List<Pulumiverse.
Fortios. Vpn. Ssl. Web. Inputs. Portal Ipv6Pool> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - Ipv6Service
Restriction string - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - Ipv6Split
Tunneling string - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - Ipv6Split
Tunneling List<Pulumiverse.Routing Addresses Fortios. Vpn. Ssl. Web. Inputs. Portal Ipv6Split Tunneling Routing Address> - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - Ipv6Split
Tunneling stringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - Ipv6Tunnel
Mode string - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - Ipv6Wins
Server1 string - IPv6 WINS server 1.
- Ipv6Wins
Server2 string - IPv6 WINS server 2.
- Keep
Alive string - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - Landing
Page Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Landing Page - Landing page options. The structure of
landing_page
block is documented below. - Landing
Page stringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - Limit
User stringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - Mac
Addr stringAction - Client MAC address action. Valid values:
allow
,deny
. - Mac
Addr stringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - Mac
Addr List<Pulumiverse.Check Rules Fortios. Vpn. Ssl. Web. Inputs. Portal Mac Addr Check Rule> - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - Macos
Forticlient stringDownload Url - Download URL for Mac FortiClient.
- Name string
- Portal name.
- Os
Check string - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - Os
Check List<Pulumiverse.Lists Fortios. Vpn. Ssl. Web. Inputs. Portal Os Check List> - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - Prefer
Ipv6Dns string - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - Redir
Url string - Client login redirect URL.
- Rewrite
Ip stringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - Save
Password string - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - Service
Restriction string - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - Skip
Check stringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - Skip
Check stringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - Smb
Max stringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - Smb
Min stringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - Smb
Ntlmv1Auth string - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - Smbv1 string
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - Split
Dns List<Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Split Dn> - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - Split
Tunneling string - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - Split
Tunneling List<Pulumiverse.Routing Addresses Fortios. Vpn. Ssl. Web. Inputs. Portal Split Tunneling Routing Address> - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - Split
Tunneling stringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - Theme string
- Web portal color scheme.
- Transform
Backward stringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - Tunnel
Mode string - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - Use
Sdwan string - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - User
Bookmark string - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - User
Group stringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Web
Mode string - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - Windows
Forticlient stringDownload Url - Download URL for Windows FortiClient.
- Wins
Server1 string - IPv4 WINS server 1.
- Wins
Server2 string - IPv4 WINS server 1.
- Allow
User stringAccess - Allow user access to SSL-VPN applications.
- Auto
Connect string - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - Bookmark
Groups []PortalBookmark Group Args - Portal bookmark group. The structure of
bookmark_group
block is documented below. - Client
Src stringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - Clipboard string
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - Custom
Lang string - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- Customize
Forticlient stringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - Default
Protocol string - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - Default
Window intHeight - Screen height (range from 0 - 65535, default = 768).
- Default
Window intWidth - Screen width (range from 0 - 65535, default = 1024).
- Dhcp6Ra
Linkaddr string - Relay agent IPv6 link address to use in DHCP6 requests.
- Dhcp
Ip stringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - Dhcp
Ra stringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- Display
Bookmark string - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - Display
Connection stringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - Display
History string - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - Display
Status string - Enable to display the web portal status widget. Valid values:
enable
,disable
. - Dns
Server1 string - IPv4 DNS server 1.
- Dns
Server2 string - IPv4 DNS server 2.
- Dns
Suffix string - DNS suffix.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Exclusive
Routing string - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - Focus
Bookmark string - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - Forticlient
Download string - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - Forticlient
Download stringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Heading string
- Web portal heading message.
- Hide
Sso stringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - Host
Check string - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - Host
Check intInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- Host
Check []PortalPolicies Host Check Policy Args - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - Ip
Mode string - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- Ip
Pools []PortalIp Pool Args - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - Ipv6Dns
Server1 string - IPv6 DNS server 1.
- Ipv6Dns
Server2 string - IPv6 DNS server 2.
- Ipv6Exclusive
Routing string - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - Ipv6Pools
[]Portal
Ipv6Pool Args - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - Ipv6Service
Restriction string - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - Ipv6Split
Tunneling string - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - Ipv6Split
Tunneling []PortalRouting Addresses Ipv6Split Tunneling Routing Address Args - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - Ipv6Split
Tunneling stringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - Ipv6Tunnel
Mode string - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - Ipv6Wins
Server1 string - IPv6 WINS server 1.
- Ipv6Wins
Server2 string - IPv6 WINS server 2.
- Keep
Alive string - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - Landing
Page PortalLanding Page Args - Landing page options. The structure of
landing_page
block is documented below. - Landing
Page stringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - Limit
User stringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - Mac
Addr stringAction - Client MAC address action. Valid values:
allow
,deny
. - Mac
Addr stringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - Mac
Addr []PortalCheck Rules Mac Addr Check Rule Args - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - Macos
Forticlient stringDownload Url - Download URL for Mac FortiClient.
- Name string
- Portal name.
- Os
Check string - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - Os
Check []PortalLists Os Check List Args - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - Prefer
Ipv6Dns string - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - Redir
Url string - Client login redirect URL.
- Rewrite
Ip stringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - Save
Password string - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - Service
Restriction string - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - Skip
Check stringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - Skip
Check stringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - Smb
Max stringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - Smb
Min stringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - Smb
Ntlmv1Auth string - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - Smbv1 string
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - Split
Dns []PortalSplit Dn Args - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - Split
Tunneling string - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - Split
Tunneling []PortalRouting Addresses Split Tunneling Routing Address Args - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - Split
Tunneling stringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - Theme string
- Web portal color scheme.
- Transform
Backward stringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - Tunnel
Mode string - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - Use
Sdwan string - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - User
Bookmark string - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - User
Group stringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Web
Mode string - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - Windows
Forticlient stringDownload Url - Download URL for Windows FortiClient.
- Wins
Server1 string - IPv4 WINS server 1.
- Wins
Server2 string - IPv4 WINS server 1.
- allow
User StringAccess - Allow user access to SSL-VPN applications.
- auto
Connect String - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - bookmark
Groups List<PortalBookmark Group> - Portal bookmark group. The structure of
bookmark_group
block is documented below. - client
Src StringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - clipboard String
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - custom
Lang String - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- customize
Forticlient StringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - default
Protocol String - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - default
Window IntegerHeight - Screen height (range from 0 - 65535, default = 768).
- default
Window IntegerWidth - Screen width (range from 0 - 65535, default = 1024).
- dhcp6Ra
Linkaddr String - Relay agent IPv6 link address to use in DHCP6 requests.
- dhcp
Ip StringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - dhcp
Ra StringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- display
Bookmark String - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - display
Connection StringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - display
History String - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - display
Status String - Enable to display the web portal status widget. Valid values:
enable
,disable
. - dns
Server1 String - IPv4 DNS server 1.
- dns
Server2 String - IPv4 DNS server 2.
- dns
Suffix String - DNS suffix.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- exclusive
Routing String - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - focus
Bookmark String - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - forticlient
Download String - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - forticlient
Download StringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- heading String
- Web portal heading message.
- hide
Sso StringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - host
Check String - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - host
Check IntegerInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- host
Check List<PortalPolicies Host Check Policy> - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - ip
Mode String - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- ip
Pools List<PortalIp Pool> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - ipv6Dns
Server1 String - IPv6 DNS server 1.
- ipv6Dns
Server2 String - IPv6 DNS server 2.
- ipv6Exclusive
Routing String - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - ipv6Pools
List<Portal
Ipv6Pool> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - ipv6Service
Restriction String - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - ipv6Split
Tunneling String - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - ipv6Split
Tunneling List<PortalRouting Addresses Ipv6Split Tunneling Routing Address> - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - ipv6Split
Tunneling StringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - ipv6Tunnel
Mode String - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - ipv6Wins
Server1 String - IPv6 WINS server 1.
- ipv6Wins
Server2 String - IPv6 WINS server 2.
- keep
Alive String - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - landing
Page PortalLanding Page - Landing page options. The structure of
landing_page
block is documented below. - landing
Page StringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - limit
User StringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - mac
Addr StringAction - Client MAC address action. Valid values:
allow
,deny
. - mac
Addr StringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - mac
Addr List<PortalCheck Rules Mac Addr Check Rule> - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - macos
Forticlient StringDownload Url - Download URL for Mac FortiClient.
- name String
- Portal name.
- os
Check String - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - os
Check List<PortalLists Os Check List> - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - prefer
Ipv6Dns String - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - redir
Url String - Client login redirect URL.
- rewrite
Ip StringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - save
Password String - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - service
Restriction String - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - skip
Check StringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - skip
Check StringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - smb
Max StringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Min StringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Ntlmv1Auth String - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - smbv1 String
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - split
Dns List<PortalSplit Dn> - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - split
Tunneling String - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - split
Tunneling List<PortalRouting Addresses Split Tunneling Routing Address> - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - split
Tunneling StringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - theme String
- Web portal color scheme.
- transform
Backward StringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - tunnel
Mode String - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - use
Sdwan String - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - user
Bookmark String - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - user
Group StringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- web
Mode String - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - windows
Forticlient StringDownload Url - Download URL for Windows FortiClient.
- wins
Server1 String - IPv4 WINS server 1.
- wins
Server2 String - IPv4 WINS server 1.
- allow
User stringAccess - Allow user access to SSL-VPN applications.
- auto
Connect string - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - bookmark
Groups PortalBookmark Group[] - Portal bookmark group. The structure of
bookmark_group
block is documented below. - client
Src stringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - clipboard string
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - custom
Lang string - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- customize
Forticlient stringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - default
Protocol string - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - default
Window numberHeight - Screen height (range from 0 - 65535, default = 768).
- default
Window numberWidth - Screen width (range from 0 - 65535, default = 1024).
- dhcp6Ra
Linkaddr string - Relay agent IPv6 link address to use in DHCP6 requests.
- dhcp
Ip stringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - dhcp
Ra stringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- display
Bookmark string - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - display
Connection stringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - display
History string - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - display
Status string - Enable to display the web portal status widget. Valid values:
enable
,disable
. - dns
Server1 string - IPv4 DNS server 1.
- dns
Server2 string - IPv4 DNS server 2.
- dns
Suffix string - DNS suffix.
- dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- exclusive
Routing string - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - focus
Bookmark string - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - forticlient
Download string - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - forticlient
Download stringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- heading string
- Web portal heading message.
- hide
Sso stringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - host
Check string - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - host
Check numberInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- host
Check PortalPolicies Host Check Policy[] - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - ip
Mode string - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- ip
Pools PortalIp Pool[] - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - ipv6Dns
Server1 string - IPv6 DNS server 1.
- ipv6Dns
Server2 string - IPv6 DNS server 2.
- ipv6Exclusive
Routing string - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - ipv6Pools
Portal
Ipv6Pool[] - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - ipv6Service
Restriction string - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - ipv6Split
Tunneling string - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - ipv6Split
Tunneling PortalRouting Addresses Ipv6Split Tunneling Routing Address[] - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - ipv6Split
Tunneling stringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - ipv6Tunnel
Mode string - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - ipv6Wins
Server1 string - IPv6 WINS server 1.
- ipv6Wins
Server2 string - IPv6 WINS server 2.
- keep
Alive string - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - landing
Page PortalLanding Page - Landing page options. The structure of
landing_page
block is documented below. - landing
Page stringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - limit
User stringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - mac
Addr stringAction - Client MAC address action. Valid values:
allow
,deny
. - mac
Addr stringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - mac
Addr PortalCheck Rules Mac Addr Check Rule[] - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - macos
Forticlient stringDownload Url - Download URL for Mac FortiClient.
- name string
- Portal name.
- os
Check string - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - os
Check PortalLists Os Check List[] - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - prefer
Ipv6Dns string - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - redir
Url string - Client login redirect URL.
- rewrite
Ip stringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - save
Password string - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - service
Restriction string - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - skip
Check stringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - skip
Check stringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - smb
Max stringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Min stringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Ntlmv1Auth string - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - smbv1 string
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - split
Dns PortalSplit Dn[] - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - split
Tunneling string - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - split
Tunneling PortalRouting Addresses Split Tunneling Routing Address[] - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - split
Tunneling stringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - theme string
- Web portal color scheme.
- transform
Backward stringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - tunnel
Mode string - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - use
Sdwan string - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - user
Bookmark string - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - user
Group stringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- web
Mode string - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - windows
Forticlient stringDownload Url - Download URL for Windows FortiClient.
- wins
Server1 string - IPv4 WINS server 1.
- wins
Server2 string - IPv4 WINS server 1.
- allow_
user_ straccess - Allow user access to SSL-VPN applications.
- auto_
connect str - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - bookmark_
groups Sequence[PortalBookmark Group Args] - Portal bookmark group. The structure of
bookmark_group
block is documented below. - client_
src_ strrange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - clipboard str
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - custom_
lang str - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- customize_
forticlient_ strdownload_ url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - default_
protocol str - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - default_
window_ intheight - Screen height (range from 0 - 65535, default = 768).
- default_
window_ intwidth - Screen width (range from 0 - 65535, default = 1024).
- dhcp6_
ra_ strlinkaddr - Relay agent IPv6 link address to use in DHCP6 requests.
- dhcp_
ip_ stroverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - dhcp_
ra_ strgiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- display_
bookmark str - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - display_
connection_ strtools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - display_
history str - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - display_
status str - Enable to display the web portal status widget. Valid values:
enable
,disable
. - dns_
server1 str - IPv4 DNS server 1.
- dns_
server2 str - IPv4 DNS server 2.
- dns_
suffix str - DNS suffix.
- dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- exclusive_
routing str - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - focus_
bookmark str - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - forticlient_
download str - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - forticlient_
download_ strmethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- heading str
- Web portal heading message.
- hide_
sso_ strcredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - host_
check str - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - host_
check_ intinterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- host_
check_ Sequence[Portalpolicies Host Check Policy Args] - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - ip_
mode str - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- ip_
pools Sequence[PortalIp Pool Args] - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - ipv6_
dns_ strserver1 - IPv6 DNS server 1.
- ipv6_
dns_ strserver2 - IPv6 DNS server 2.
- ipv6_
exclusive_ strrouting - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - ipv6_
pools Sequence[PortalIpv6Pool Args] - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - ipv6_
service_ strrestriction - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - ipv6_
split_ strtunneling - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - ipv6_
split_ Sequence[Portaltunneling_ routing_ addresses Ipv6Split Tunneling Routing Address Args] - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - ipv6_
split_ strtunneling_ routing_ negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - ipv6_
tunnel_ strmode - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - ipv6_
wins_ strserver1 - IPv6 WINS server 1.
- ipv6_
wins_ strserver2 - IPv6 WINS server 2.
- keep_
alive str - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - landing_
page PortalLanding Page Args - Landing page options. The structure of
landing_page
block is documented below. - landing_
page_ strmode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - limit_
user_ strlogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - mac_
addr_ straction - Client MAC address action. Valid values:
allow
,deny
. - mac_
addr_ strcheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - mac_
addr_ Sequence[Portalcheck_ rules Mac Addr Check Rule Args] - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - macos_
forticlient_ strdownload_ url - Download URL for Mac FortiClient.
- name str
- Portal name.
- os_
check str - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - os_
check_ Sequence[Portallists Os Check List Args] - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - prefer_
ipv6_ strdns - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - redir_
url str - Client login redirect URL.
- rewrite_
ip_ struri_ ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - save_
password str - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - service_
restriction str - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - skip_
check_ strfor_ browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - skip_
check_ strfor_ unsupported_ os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - smb_
max_ strversion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb_
min_ strversion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb_
ntlmv1_ strauth - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - smbv1 str
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - split_
dns Sequence[PortalSplit Dn Args] - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - split_
tunneling str - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - split_
tunneling_ Sequence[Portalrouting_ addresses Split Tunneling Routing Address Args] - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - split_
tunneling_ strrouting_ negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - theme str
- Web portal color scheme.
- transform_
backward_ strslashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - tunnel_
mode str - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - use_
sdwan str - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - user_
bookmark str - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - user_
group_ strbookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- web_
mode str - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - windows_
forticlient_ strdownload_ url - Download URL for Windows FortiClient.
- wins_
server1 str - IPv4 WINS server 1.
- wins_
server2 str - IPv4 WINS server 1.
- allow
User StringAccess - Allow user access to SSL-VPN applications.
- auto
Connect String - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - bookmark
Groups List<Property Map> - Portal bookmark group. The structure of
bookmark_group
block is documented below. - client
Src StringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - clipboard String
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - custom
Lang String - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- customize
Forticlient StringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - default
Protocol String - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - default
Window NumberHeight - Screen height (range from 0 - 65535, default = 768).
- default
Window NumberWidth - Screen width (range from 0 - 65535, default = 1024).
- dhcp6Ra
Linkaddr String - Relay agent IPv6 link address to use in DHCP6 requests.
- dhcp
Ip StringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - dhcp
Ra StringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- display
Bookmark String - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - display
Connection StringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - display
History String - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - display
Status String - Enable to display the web portal status widget. Valid values:
enable
,disable
. - dns
Server1 String - IPv4 DNS server 1.
- dns
Server2 String - IPv4 DNS server 2.
- dns
Suffix String - DNS suffix.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- exclusive
Routing String - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - focus
Bookmark String - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - forticlient
Download String - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - forticlient
Download StringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- heading String
- Web portal heading message.
- hide
Sso StringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - host
Check String - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - host
Check NumberInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- host
Check List<Property Map>Policies - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - ip
Mode String - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- ip
Pools List<Property Map> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - ipv6Dns
Server1 String - IPv6 DNS server 1.
- ipv6Dns
Server2 String - IPv6 DNS server 2.
- ipv6Exclusive
Routing String - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - ipv6Pools List<Property Map>
- IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - ipv6Service
Restriction String - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - ipv6Split
Tunneling String - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - ipv6Split
Tunneling List<Property Map>Routing Addresses - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - ipv6Split
Tunneling StringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - ipv6Tunnel
Mode String - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - ipv6Wins
Server1 String - IPv6 WINS server 1.
- ipv6Wins
Server2 String - IPv6 WINS server 2.
- keep
Alive String - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - landing
Page Property Map - Landing page options. The structure of
landing_page
block is documented below. - landing
Page StringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - limit
User StringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - mac
Addr StringAction - Client MAC address action. Valid values:
allow
,deny
. - mac
Addr StringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - mac
Addr List<Property Map>Check Rules - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - macos
Forticlient StringDownload Url - Download URL for Mac FortiClient.
- name String
- Portal name.
- os
Check String - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - os
Check List<Property Map>Lists - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - prefer
Ipv6Dns String - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - redir
Url String - Client login redirect URL.
- rewrite
Ip StringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - save
Password String - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - service
Restriction String - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - skip
Check StringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - skip
Check StringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - smb
Max StringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Min StringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Ntlmv1Auth String - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - smbv1 String
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - split
Dns List<Property Map> - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - split
Tunneling String - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - split
Tunneling List<Property Map>Routing Addresses - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - split
Tunneling StringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - theme String
- Web portal color scheme.
- transform
Backward StringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - tunnel
Mode String - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - use
Sdwan String - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - user
Bookmark String - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - user
Group StringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- web
Mode String - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - windows
Forticlient StringDownload Url - Download URL for Windows FortiClient.
- wins
Server1 String - IPv4 WINS server 1.
- wins
Server2 String - IPv4 WINS server 1.
Outputs
All input properties are implicitly available as output properties. Additionally, the Portal resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Portal Resource
Get an existing Portal resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: PortalState, opts?: CustomResourceOptions): Portal
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allow_user_access: Optional[str] = None,
auto_connect: Optional[str] = None,
bookmark_groups: Optional[Sequence[PortalBookmarkGroupArgs]] = None,
client_src_range: Optional[str] = None,
clipboard: Optional[str] = None,
custom_lang: Optional[str] = None,
customize_forticlient_download_url: Optional[str] = None,
default_protocol: Optional[str] = None,
default_window_height: Optional[int] = None,
default_window_width: Optional[int] = None,
dhcp6_ra_linkaddr: Optional[str] = None,
dhcp_ip_overlap: Optional[str] = None,
dhcp_ra_giaddr: Optional[str] = None,
display_bookmark: Optional[str] = None,
display_connection_tools: Optional[str] = None,
display_history: Optional[str] = None,
display_status: Optional[str] = None,
dns_server1: Optional[str] = None,
dns_server2: Optional[str] = None,
dns_suffix: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
exclusive_routing: Optional[str] = None,
focus_bookmark: Optional[str] = None,
forticlient_download: Optional[str] = None,
forticlient_download_method: Optional[str] = None,
get_all_tables: Optional[str] = None,
heading: Optional[str] = None,
hide_sso_credential: Optional[str] = None,
host_check: Optional[str] = None,
host_check_interval: Optional[int] = None,
host_check_policies: Optional[Sequence[PortalHostCheckPolicyArgs]] = None,
ip_mode: Optional[str] = None,
ip_pools: Optional[Sequence[PortalIpPoolArgs]] = None,
ipv6_dns_server1: Optional[str] = None,
ipv6_dns_server2: Optional[str] = None,
ipv6_exclusive_routing: Optional[str] = None,
ipv6_pools: Optional[Sequence[PortalIpv6PoolArgs]] = None,
ipv6_service_restriction: Optional[str] = None,
ipv6_split_tunneling: Optional[str] = None,
ipv6_split_tunneling_routing_addresses: Optional[Sequence[PortalIpv6SplitTunnelingRoutingAddressArgs]] = None,
ipv6_split_tunneling_routing_negate: Optional[str] = None,
ipv6_tunnel_mode: Optional[str] = None,
ipv6_wins_server1: Optional[str] = None,
ipv6_wins_server2: Optional[str] = None,
keep_alive: Optional[str] = None,
landing_page: Optional[PortalLandingPageArgs] = None,
landing_page_mode: Optional[str] = None,
limit_user_logins: Optional[str] = None,
mac_addr_action: Optional[str] = None,
mac_addr_check: Optional[str] = None,
mac_addr_check_rules: Optional[Sequence[PortalMacAddrCheckRuleArgs]] = None,
macos_forticlient_download_url: Optional[str] = None,
name: Optional[str] = None,
os_check: Optional[str] = None,
os_check_lists: Optional[Sequence[PortalOsCheckListArgs]] = None,
prefer_ipv6_dns: Optional[str] = None,
redir_url: Optional[str] = None,
rewrite_ip_uri_ui: Optional[str] = None,
save_password: Optional[str] = None,
service_restriction: Optional[str] = None,
skip_check_for_browser: Optional[str] = None,
skip_check_for_unsupported_os: Optional[str] = None,
smb_max_version: Optional[str] = None,
smb_min_version: Optional[str] = None,
smb_ntlmv1_auth: Optional[str] = None,
smbv1: Optional[str] = None,
split_dns: Optional[Sequence[PortalSplitDnArgs]] = None,
split_tunneling: Optional[str] = None,
split_tunneling_routing_addresses: Optional[Sequence[PortalSplitTunnelingRoutingAddressArgs]] = None,
split_tunneling_routing_negate: Optional[str] = None,
theme: Optional[str] = None,
transform_backward_slashes: Optional[str] = None,
tunnel_mode: Optional[str] = None,
use_sdwan: Optional[str] = None,
user_bookmark: Optional[str] = None,
user_group_bookmark: Optional[str] = None,
vdomparam: Optional[str] = None,
web_mode: Optional[str] = None,
windows_forticlient_download_url: Optional[str] = None,
wins_server1: Optional[str] = None,
wins_server2: Optional[str] = None) -> Portal
func GetPortal(ctx *Context, name string, id IDInput, state *PortalState, opts ...ResourceOption) (*Portal, error)
public static Portal Get(string name, Input<string> id, PortalState? state, CustomResourceOptions? opts = null)
public static Portal get(String name, Output<String> id, PortalState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allow
User stringAccess - Allow user access to SSL-VPN applications.
- Auto
Connect string - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - Bookmark
Groups List<Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Bookmark Group> - Portal bookmark group. The structure of
bookmark_group
block is documented below. - Client
Src stringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - Clipboard string
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - Custom
Lang string - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- Customize
Forticlient stringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - Default
Protocol string - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - Default
Window intHeight - Screen height (range from 0 - 65535, default = 768).
- Default
Window intWidth - Screen width (range from 0 - 65535, default = 1024).
- Dhcp6Ra
Linkaddr string - Relay agent IPv6 link address to use in DHCP6 requests.
- Dhcp
Ip stringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - Dhcp
Ra stringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- Display
Bookmark string - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - Display
Connection stringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - Display
History string - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - Display
Status string - Enable to display the web portal status widget. Valid values:
enable
,disable
. - Dns
Server1 string - IPv4 DNS server 1.
- Dns
Server2 string - IPv4 DNS server 2.
- Dns
Suffix string - DNS suffix.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Exclusive
Routing string - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - Focus
Bookmark string - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - Forticlient
Download string - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - Forticlient
Download stringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Heading string
- Web portal heading message.
- Hide
Sso stringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - Host
Check string - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - Host
Check intInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- Host
Check List<Pulumiverse.Policies Fortios. Vpn. Ssl. Web. Inputs. Portal Host Check Policy> - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - Ip
Mode string - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- Ip
Pools List<Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Ip Pool> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - Ipv6Dns
Server1 string - IPv6 DNS server 1.
- Ipv6Dns
Server2 string - IPv6 DNS server 2.
- Ipv6Exclusive
Routing string - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - Ipv6Pools
List<Pulumiverse.
Fortios. Vpn. Ssl. Web. Inputs. Portal Ipv6Pool> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - Ipv6Service
Restriction string - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - Ipv6Split
Tunneling string - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - Ipv6Split
Tunneling List<Pulumiverse.Routing Addresses Fortios. Vpn. Ssl. Web. Inputs. Portal Ipv6Split Tunneling Routing Address> - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - Ipv6Split
Tunneling stringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - Ipv6Tunnel
Mode string - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - Ipv6Wins
Server1 string - IPv6 WINS server 1.
- Ipv6Wins
Server2 string - IPv6 WINS server 2.
- Keep
Alive string - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - Landing
Page Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Landing Page - Landing page options. The structure of
landing_page
block is documented below. - Landing
Page stringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - Limit
User stringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - Mac
Addr stringAction - Client MAC address action. Valid values:
allow
,deny
. - Mac
Addr stringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - Mac
Addr List<Pulumiverse.Check Rules Fortios. Vpn. Ssl. Web. Inputs. Portal Mac Addr Check Rule> - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - Macos
Forticlient stringDownload Url - Download URL for Mac FortiClient.
- Name string
- Portal name.
- Os
Check string - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - Os
Check List<Pulumiverse.Lists Fortios. Vpn. Ssl. Web. Inputs. Portal Os Check List> - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - Prefer
Ipv6Dns string - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - Redir
Url string - Client login redirect URL.
- Rewrite
Ip stringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - Save
Password string - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - Service
Restriction string - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - Skip
Check stringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - Skip
Check stringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - Smb
Max stringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - Smb
Min stringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - Smb
Ntlmv1Auth string - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - Smbv1 string
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - Split
Dns List<Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Split Dn> - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - Split
Tunneling string - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - Split
Tunneling List<Pulumiverse.Routing Addresses Fortios. Vpn. Ssl. Web. Inputs. Portal Split Tunneling Routing Address> - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - Split
Tunneling stringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - Theme string
- Web portal color scheme.
- Transform
Backward stringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - Tunnel
Mode string - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - Use
Sdwan string - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - User
Bookmark string - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - User
Group stringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Web
Mode string - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - Windows
Forticlient stringDownload Url - Download URL for Windows FortiClient.
- Wins
Server1 string - IPv4 WINS server 1.
- Wins
Server2 string - IPv4 WINS server 1.
- Allow
User stringAccess - Allow user access to SSL-VPN applications.
- Auto
Connect string - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - Bookmark
Groups []PortalBookmark Group Args - Portal bookmark group. The structure of
bookmark_group
block is documented below. - Client
Src stringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - Clipboard string
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - Custom
Lang string - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- Customize
Forticlient stringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - Default
Protocol string - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - Default
Window intHeight - Screen height (range from 0 - 65535, default = 768).
- Default
Window intWidth - Screen width (range from 0 - 65535, default = 1024).
- Dhcp6Ra
Linkaddr string - Relay agent IPv6 link address to use in DHCP6 requests.
- Dhcp
Ip stringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - Dhcp
Ra stringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- Display
Bookmark string - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - Display
Connection stringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - Display
History string - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - Display
Status string - Enable to display the web portal status widget. Valid values:
enable
,disable
. - Dns
Server1 string - IPv4 DNS server 1.
- Dns
Server2 string - IPv4 DNS server 2.
- Dns
Suffix string - DNS suffix.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Exclusive
Routing string - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - Focus
Bookmark string - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - Forticlient
Download string - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - Forticlient
Download stringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Heading string
- Web portal heading message.
- Hide
Sso stringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - Host
Check string - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - Host
Check intInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- Host
Check []PortalPolicies Host Check Policy Args - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - Ip
Mode string - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- Ip
Pools []PortalIp Pool Args - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - Ipv6Dns
Server1 string - IPv6 DNS server 1.
- Ipv6Dns
Server2 string - IPv6 DNS server 2.
- Ipv6Exclusive
Routing string - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - Ipv6Pools
[]Portal
Ipv6Pool Args - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - Ipv6Service
Restriction string - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - Ipv6Split
Tunneling string - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - Ipv6Split
Tunneling []PortalRouting Addresses Ipv6Split Tunneling Routing Address Args - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - Ipv6Split
Tunneling stringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - Ipv6Tunnel
Mode string - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - Ipv6Wins
Server1 string - IPv6 WINS server 1.
- Ipv6Wins
Server2 string - IPv6 WINS server 2.
- Keep
Alive string - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - Landing
Page PortalLanding Page Args - Landing page options. The structure of
landing_page
block is documented below. - Landing
Page stringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - Limit
User stringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - Mac
Addr stringAction - Client MAC address action. Valid values:
allow
,deny
. - Mac
Addr stringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - Mac
Addr []PortalCheck Rules Mac Addr Check Rule Args - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - Macos
Forticlient stringDownload Url - Download URL for Mac FortiClient.
- Name string
- Portal name.
- Os
Check string - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - Os
Check []PortalLists Os Check List Args - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - Prefer
Ipv6Dns string - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - Redir
Url string - Client login redirect URL.
- Rewrite
Ip stringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - Save
Password string - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - Service
Restriction string - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - Skip
Check stringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - Skip
Check stringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - Smb
Max stringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - Smb
Min stringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - Smb
Ntlmv1Auth string - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - Smbv1 string
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - Split
Dns []PortalSplit Dn Args - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - Split
Tunneling string - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - Split
Tunneling []PortalRouting Addresses Split Tunneling Routing Address Args - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - Split
Tunneling stringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - Theme string
- Web portal color scheme.
- Transform
Backward stringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - Tunnel
Mode string - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - Use
Sdwan string - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - User
Bookmark string - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - User
Group stringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Web
Mode string - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - Windows
Forticlient stringDownload Url - Download URL for Windows FortiClient.
- Wins
Server1 string - IPv4 WINS server 1.
- Wins
Server2 string - IPv4 WINS server 1.
- allow
User StringAccess - Allow user access to SSL-VPN applications.
- auto
Connect String - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - bookmark
Groups List<PortalBookmark Group> - Portal bookmark group. The structure of
bookmark_group
block is documented below. - client
Src StringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - clipboard String
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - custom
Lang String - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- customize
Forticlient StringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - default
Protocol String - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - default
Window IntegerHeight - Screen height (range from 0 - 65535, default = 768).
- default
Window IntegerWidth - Screen width (range from 0 - 65535, default = 1024).
- dhcp6Ra
Linkaddr String - Relay agent IPv6 link address to use in DHCP6 requests.
- dhcp
Ip StringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - dhcp
Ra StringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- display
Bookmark String - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - display
Connection StringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - display
History String - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - display
Status String - Enable to display the web portal status widget. Valid values:
enable
,disable
. - dns
Server1 String - IPv4 DNS server 1.
- dns
Server2 String - IPv4 DNS server 2.
- dns
Suffix String - DNS suffix.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- exclusive
Routing String - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - focus
Bookmark String - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - forticlient
Download String - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - forticlient
Download StringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- heading String
- Web portal heading message.
- hide
Sso StringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - host
Check String - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - host
Check IntegerInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- host
Check List<PortalPolicies Host Check Policy> - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - ip
Mode String - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- ip
Pools List<PortalIp Pool> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - ipv6Dns
Server1 String - IPv6 DNS server 1.
- ipv6Dns
Server2 String - IPv6 DNS server 2.
- ipv6Exclusive
Routing String - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - ipv6Pools
List<Portal
Ipv6Pool> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - ipv6Service
Restriction String - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - ipv6Split
Tunneling String - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - ipv6Split
Tunneling List<PortalRouting Addresses Ipv6Split Tunneling Routing Address> - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - ipv6Split
Tunneling StringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - ipv6Tunnel
Mode String - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - ipv6Wins
Server1 String - IPv6 WINS server 1.
- ipv6Wins
Server2 String - IPv6 WINS server 2.
- keep
Alive String - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - landing
Page PortalLanding Page - Landing page options. The structure of
landing_page
block is documented below. - landing
Page StringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - limit
User StringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - mac
Addr StringAction - Client MAC address action. Valid values:
allow
,deny
. - mac
Addr StringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - mac
Addr List<PortalCheck Rules Mac Addr Check Rule> - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - macos
Forticlient StringDownload Url - Download URL for Mac FortiClient.
- name String
- Portal name.
- os
Check String - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - os
Check List<PortalLists Os Check List> - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - prefer
Ipv6Dns String - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - redir
Url String - Client login redirect URL.
- rewrite
Ip StringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - save
Password String - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - service
Restriction String - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - skip
Check StringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - skip
Check StringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - smb
Max StringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Min StringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Ntlmv1Auth String - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - smbv1 String
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - split
Dns List<PortalSplit Dn> - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - split
Tunneling String - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - split
Tunneling List<PortalRouting Addresses Split Tunneling Routing Address> - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - split
Tunneling StringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - theme String
- Web portal color scheme.
- transform
Backward StringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - tunnel
Mode String - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - use
Sdwan String - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - user
Bookmark String - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - user
Group StringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- web
Mode String - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - windows
Forticlient StringDownload Url - Download URL for Windows FortiClient.
- wins
Server1 String - IPv4 WINS server 1.
- wins
Server2 String - IPv4 WINS server 1.
- allow
User stringAccess - Allow user access to SSL-VPN applications.
- auto
Connect string - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - bookmark
Groups PortalBookmark Group[] - Portal bookmark group. The structure of
bookmark_group
block is documented below. - client
Src stringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - clipboard string
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - custom
Lang string - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- customize
Forticlient stringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - default
Protocol string - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - default
Window numberHeight - Screen height (range from 0 - 65535, default = 768).
- default
Window numberWidth - Screen width (range from 0 - 65535, default = 1024).
- dhcp6Ra
Linkaddr string - Relay agent IPv6 link address to use in DHCP6 requests.
- dhcp
Ip stringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - dhcp
Ra stringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- display
Bookmark string - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - display
Connection stringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - display
History string - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - display
Status string - Enable to display the web portal status widget. Valid values:
enable
,disable
. - dns
Server1 string - IPv4 DNS server 1.
- dns
Server2 string - IPv4 DNS server 2.
- dns
Suffix string - DNS suffix.
- dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- exclusive
Routing string - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - focus
Bookmark string - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - forticlient
Download string - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - forticlient
Download stringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- heading string
- Web portal heading message.
- hide
Sso stringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - host
Check string - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - host
Check numberInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- host
Check PortalPolicies Host Check Policy[] - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - ip
Mode string - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- ip
Pools PortalIp Pool[] - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - ipv6Dns
Server1 string - IPv6 DNS server 1.
- ipv6Dns
Server2 string - IPv6 DNS server 2.
- ipv6Exclusive
Routing string - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - ipv6Pools
Portal
Ipv6Pool[] - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - ipv6Service
Restriction string - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - ipv6Split
Tunneling string - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - ipv6Split
Tunneling PortalRouting Addresses Ipv6Split Tunneling Routing Address[] - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - ipv6Split
Tunneling stringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - ipv6Tunnel
Mode string - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - ipv6Wins
Server1 string - IPv6 WINS server 1.
- ipv6Wins
Server2 string - IPv6 WINS server 2.
- keep
Alive string - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - landing
Page PortalLanding Page - Landing page options. The structure of
landing_page
block is documented below. - landing
Page stringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - limit
User stringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - mac
Addr stringAction - Client MAC address action. Valid values:
allow
,deny
. - mac
Addr stringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - mac
Addr PortalCheck Rules Mac Addr Check Rule[] - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - macos
Forticlient stringDownload Url - Download URL for Mac FortiClient.
- name string
- Portal name.
- os
Check string - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - os
Check PortalLists Os Check List[] - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - prefer
Ipv6Dns string - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - redir
Url string - Client login redirect URL.
- rewrite
Ip stringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - save
Password string - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - service
Restriction string - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - skip
Check stringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - skip
Check stringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - smb
Max stringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Min stringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Ntlmv1Auth string - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - smbv1 string
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - split
Dns PortalSplit Dn[] - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - split
Tunneling string - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - split
Tunneling PortalRouting Addresses Split Tunneling Routing Address[] - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - split
Tunneling stringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - theme string
- Web portal color scheme.
- transform
Backward stringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - tunnel
Mode string - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - use
Sdwan string - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - user
Bookmark string - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - user
Group stringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- web
Mode string - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - windows
Forticlient stringDownload Url - Download URL for Windows FortiClient.
- wins
Server1 string - IPv4 WINS server 1.
- wins
Server2 string - IPv4 WINS server 1.
- allow_
user_ straccess - Allow user access to SSL-VPN applications.
- auto_
connect str - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - bookmark_
groups Sequence[PortalBookmark Group Args] - Portal bookmark group. The structure of
bookmark_group
block is documented below. - client_
src_ strrange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - clipboard str
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - custom_
lang str - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- customize_
forticlient_ strdownload_ url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - default_
protocol str - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - default_
window_ intheight - Screen height (range from 0 - 65535, default = 768).
- default_
window_ intwidth - Screen width (range from 0 - 65535, default = 1024).
- dhcp6_
ra_ strlinkaddr - Relay agent IPv6 link address to use in DHCP6 requests.
- dhcp_
ip_ stroverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - dhcp_
ra_ strgiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- display_
bookmark str - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - display_
connection_ strtools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - display_
history str - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - display_
status str - Enable to display the web portal status widget. Valid values:
enable
,disable
. - dns_
server1 str - IPv4 DNS server 1.
- dns_
server2 str - IPv4 DNS server 2.
- dns_
suffix str - DNS suffix.
- dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- exclusive_
routing str - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - focus_
bookmark str - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - forticlient_
download str - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - forticlient_
download_ strmethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- heading str
- Web portal heading message.
- hide_
sso_ strcredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - host_
check str - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - host_
check_ intinterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- host_
check_ Sequence[Portalpolicies Host Check Policy Args] - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - ip_
mode str - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- ip_
pools Sequence[PortalIp Pool Args] - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - ipv6_
dns_ strserver1 - IPv6 DNS server 1.
- ipv6_
dns_ strserver2 - IPv6 DNS server 2.
- ipv6_
exclusive_ strrouting - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - ipv6_
pools Sequence[PortalIpv6Pool Args] - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - ipv6_
service_ strrestriction - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - ipv6_
split_ strtunneling - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - ipv6_
split_ Sequence[Portaltunneling_ routing_ addresses Ipv6Split Tunneling Routing Address Args] - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - ipv6_
split_ strtunneling_ routing_ negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - ipv6_
tunnel_ strmode - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - ipv6_
wins_ strserver1 - IPv6 WINS server 1.
- ipv6_
wins_ strserver2 - IPv6 WINS server 2.
- keep_
alive str - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - landing_
page PortalLanding Page Args - Landing page options. The structure of
landing_page
block is documented below. - landing_
page_ strmode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - limit_
user_ strlogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - mac_
addr_ straction - Client MAC address action. Valid values:
allow
,deny
. - mac_
addr_ strcheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - mac_
addr_ Sequence[Portalcheck_ rules Mac Addr Check Rule Args] - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - macos_
forticlient_ strdownload_ url - Download URL for Mac FortiClient.
- name str
- Portal name.
- os_
check str - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - os_
check_ Sequence[Portallists Os Check List Args] - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - prefer_
ipv6_ strdns - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - redir_
url str - Client login redirect URL.
- rewrite_
ip_ struri_ ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - save_
password str - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - service_
restriction str - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - skip_
check_ strfor_ browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - skip_
check_ strfor_ unsupported_ os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - smb_
max_ strversion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb_
min_ strversion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb_
ntlmv1_ strauth - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - smbv1 str
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - split_
dns Sequence[PortalSplit Dn Args] - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - split_
tunneling str - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - split_
tunneling_ Sequence[Portalrouting_ addresses Split Tunneling Routing Address Args] - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - split_
tunneling_ strrouting_ negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - theme str
- Web portal color scheme.
- transform_
backward_ strslashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - tunnel_
mode str - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - use_
sdwan str - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - user_
bookmark str - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - user_
group_ strbookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- web_
mode str - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - windows_
forticlient_ strdownload_ url - Download URL for Windows FortiClient.
- wins_
server1 str - IPv4 WINS server 1.
- wins_
server2 str - IPv4 WINS server 1.
- allow
User StringAccess - Allow user access to SSL-VPN applications.
- auto
Connect String - Enable/disable automatic connect by client when system is up. Valid values:
enable
,disable
. - bookmark
Groups List<Property Map> - Portal bookmark group. The structure of
bookmark_group
block is documented below. - client
Src StringRange - Allow client to add source range for the tunnel traffic. Valid values:
enable
,disable
. - clipboard String
- Enable to support RDP/VPC clipboard functionality. Valid values:
enable
,disable
. - custom
Lang String - Change the web portal display language. Overrides config system global set language. You can use config system custom-language and execute system custom-language to add custom language files.
- customize
Forticlient StringDownload Url - Enable support of customized download URL for FortiClient. Valid values:
enable
,disable
. - default
Protocol String - Application type that is set by default. Valid values:
web
,ftp
,telnet
,smb
,vnc
,rdp
,ssh
,sftp
. - default
Window NumberHeight - Screen height (range from 0 - 65535, default = 768).
- default
Window NumberWidth - Screen width (range from 0 - 65535, default = 1024).
- dhcp6Ra
Linkaddr String - Relay agent IPv6 link address to use in DHCP6 requests.
- dhcp
Ip StringOverlap - Configure overlapping DHCP IP allocation assignment. Valid values:
use-new
,use-old
. - dhcp
Ra StringGiaddr - Relay agent gateway IP address to use in the giaddr field of DHCP requests.
- display
Bookmark String - Enable to display the web portal bookmark widget. Valid values:
enable
,disable
. - display
Connection StringTools - Enable to display the web portal connection tools widget. Valid values:
enable
,disable
. - display
History String - Enable to display the web portal user login history widget. Valid values:
enable
,disable
. - display
Status String - Enable to display the web portal status widget. Valid values:
enable
,disable
. - dns
Server1 String - IPv4 DNS server 1.
- dns
Server2 String - IPv4 DNS server 2.
- dns
Suffix String - DNS suffix.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- exclusive
Routing String - Enable/disable all traffic go through tunnel only. Valid values:
enable
,disable
. - focus
Bookmark String - Enable to prioritize the placement of the bookmark section over the quick-connection section in the SSL-VPN application. Valid values:
enable
,disable
. - forticlient
Download String - Enable/disable download option for FortiClient. Valid values:
enable
,disable
. - forticlient
Download StringMethod - FortiClient download method. Valid values:
direct
,ssl-vpn
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- heading String
- Web portal heading message.
- hide
Sso StringCredential - Enable to prevent SSO credential being sent to client. Valid values:
enable
,disable
. - host
Check String - Type of host checking performed on endpoints. Valid values:
none
,av
,fw
,av-fw
,custom
. - host
Check NumberInterval - Periodic host check interval. Value of 0 means disabled and host checking only happens when the endpoint connects.
- host
Check List<Property Map>Policies - One or more policies to require the endpoint to have specific security software. The structure of
host_check_policy
block is documented below. - ip
Mode String - Method by which users of this SSL-VPN tunnel obtain IP addresses.
- ip
Pools List<Property Map> - IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ip_pools
block is documented below. - ipv6Dns
Server1 String - IPv6 DNS server 1.
- ipv6Dns
Server2 String - IPv6 DNS server 2.
- ipv6Exclusive
Routing String - Enable/disable all IPv6 traffic go through tunnel only. Valid values:
enable
,disable
. - ipv6Pools List<Property Map>
- IPv4 firewall source address objects reserved for SSL-VPN tunnel mode clients. The structure of
ipv6_pools
block is documented below. - ipv6Service
Restriction String - Enable/disable IPv6 tunnel service restriction. Valid values:
enable
,disable
. - ipv6Split
Tunneling String - Enable/disable IPv6 split tunneling. Valid values:
enable
,disable
. - ipv6Split
Tunneling List<Property Map>Routing Addresses - IPv6 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
ipv6_split_tunneling_routing_address
block is documented below. - ipv6Split
Tunneling StringRouting Negate - Enable to negate IPv6 split tunneling routing address. Valid values:
enable
,disable
. - ipv6Tunnel
Mode String - Enable/disable IPv6 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - ipv6Wins
Server1 String - IPv6 WINS server 1.
- ipv6Wins
Server2 String - IPv6 WINS server 2.
- keep
Alive String - Enable/disable automatic reconnect for FortiClient connections. Valid values:
enable
,disable
. - landing
Page Property Map - Landing page options. The structure of
landing_page
block is documented below. - landing
Page StringMode - Enable/disable SSL-VPN landing page mode. Valid values:
enable
,disable
. - limit
User StringLogins - Enable to limit each user to one SSL-VPN session at a time. Valid values:
enable
,disable
. - mac
Addr StringAction - Client MAC address action. Valid values:
allow
,deny
. - mac
Addr StringCheck - Enable/disable MAC address host checking. Valid values:
enable
,disable
. - mac
Addr List<Property Map>Check Rules - Client MAC address check rule. The structure of
mac_addr_check_rule
block is documented below. - macos
Forticlient StringDownload Url - Download URL for Mac FortiClient.
- name String
- Portal name.
- os
Check String - Enable to let the FortiGate decide action based on client OS. Valid values:
enable
,disable
. - os
Check List<Property Map>Lists - SSL VPN OS checks. The structure of
os_check_list
block is documented below. - prefer
Ipv6Dns String - prefer to query IPv6 dns first if enabled. Valid values:
enable
,disable
. - redir
Url String - Client login redirect URL.
- rewrite
Ip StringUri Ui - Rewrite contents for URI contains IP and /ui/ (default = disable). Valid values:
enable
,disable
. - save
Password String - Enable/disable FortiClient saving the user's password. Valid values:
enable
,disable
. - service
Restriction String - Enable/disable tunnel service restriction. Valid values:
enable
,disable
. - skip
Check StringFor Browser - Enable to skip host check for browser support. Valid values:
enable
,disable
. - skip
Check StringFor Unsupported Os - Enable to skip host check if client OS does not support it. Valid values:
enable
,disable
. - smb
Max StringVersion - SMB maximum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Min StringVersion - SMB minimum client protocol version. Valid values:
smbv1
,smbv2
,smbv3
. - smb
Ntlmv1Auth String - Enable support of NTLMv1 for Samba authentication. Valid values:
enable
,disable
. - smbv1 String
- Enable/disable support of SMBv1 for Samba. Valid values:
enable
,disable
. - split
Dns List<Property Map> - Split DNS for SSL VPN. The structure of
split_dns
block is documented below. - split
Tunneling String - Enable/disable IPv4 split tunneling. Valid values:
enable
,disable
. - split
Tunneling List<Property Map>Routing Addresses - IPv4 SSL-VPN tunnel mode firewall address objects that override firewall policy destination addresses to control split-tunneling access. The structure of
split_tunneling_routing_address
block is documented below. - split
Tunneling StringRouting Negate - Enable to negate split tunneling routing address. Valid values:
enable
,disable
. - theme String
- Web portal color scheme.
- transform
Backward StringSlashes - Transform backward slashes to forward slashes in URLs. Valid values:
enable
,disable
. - tunnel
Mode String - Enable/disable IPv4 SSL-VPN tunnel mode. Valid values:
enable
,disable
. - use
Sdwan String - Use SD-WAN rules to get output interface. Valid values:
enable
,disable
. - user
Bookmark String - Enable to allow web portal users to create their own bookmarks. Valid values:
enable
,disable
. - user
Group StringBookmark - Enable to allow web portal users to create bookmarks for all users in the same user group. Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- web
Mode String - Enable/disable SSL VPN web mode. Valid values:
enable
,disable
. - windows
Forticlient StringDownload Url - Download URL for Windows FortiClient.
- wins
Server1 String - IPv4 WINS server 1.
- wins
Server2 String - IPv4 WINS server 1.
Supporting Types
PortalBookmarkGroup, PortalBookmarkGroupArgs
- Bookmarks
List<Pulumiverse.
Fortios. Vpn. Ssl. Web. Inputs. Portal Bookmark Group Bookmark> - Bookmark table. The structure of
bookmarks
block is documented below. - Name string
- Bookmark group name.
- Bookmarks
[]Portal
Bookmark Group Bookmark - Bookmark table. The structure of
bookmarks
block is documented below. - Name string
- Bookmark group name.
- bookmarks
List<Portal
Bookmark Group Bookmark> - Bookmark table. The structure of
bookmarks
block is documented below. - name String
- Bookmark group name.
- bookmarks
Portal
Bookmark Group Bookmark[] - Bookmark table. The structure of
bookmarks
block is documented below. - name string
- Bookmark group name.
- bookmarks
Sequence[Portal
Bookmark Group Bookmark] - Bookmark table. The structure of
bookmarks
block is documented below. - name str
- Bookmark group name.
- bookmarks List<Property Map>
- Bookmark table. The structure of
bookmarks
block is documented below. - name String
- Bookmark group name.
PortalBookmarkGroupBookmark, PortalBookmarkGroupBookmarkArgs
- Additional
Params string - Additional parameters.
- Apptype string
- Application type.
- Color
Depth string - Color depth per pixel. Valid values:
32
,16
,8
. - Description string
- Description.
- Domain string
- Login domain.
- Folder string
- Network shared file folder parameter.
- Form
Datas List<Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Bookmark Group Bookmark Form Data> - Form data. The structure of
form_data
block is documented below. - Height int
- Screen height. On FortiOS versions 7.0.4-7.0.5: range from 480 - 65535, default = 768. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- Host string
- Host name/IP parameter.
- Keyboard
Layout string - Keyboard layout.
- Listening
Port int - Listening port (0 - 65535).
- Load
Balancing stringInfo - The load balancing information or cookie which should be provided to the connection broker.
- Logon
Password string - Logon password.
- Logon
User string - Logon user.
- Name string
- Bookmark name.
- Port int
- Remote port.
- Preconnection
Blob string - An arbitrary string which identifies the RDP source.
- Preconnection
Id int - The numeric ID of the RDP source. On FortiOS versions 6.2.0-6.4.2, 7.0.0: 0-2147483648. On FortiOS versions 6.4.10-6.4.15, >= 7.0.1: 0-4294967295.
- Remote
Port int - Remote port (0 - 65535).
- Restricted
Admin string - Enable/disable restricted admin mode for RDP. Valid values:
enable
,disable
. - Security string
- Security mode for RDP connection (default = any). Valid values:
rdp
,nla
,tls
,any
. - Send
Preconnection stringId - Enable/disable sending of preconnection ID. Valid values:
enable
,disable
. - Server
Layout string - Server side keyboard layout.
- Show
Status stringWindow - Enable/disable showing of status window. Valid values:
enable
,disable
. - Sso string
- Single Sign-On. Valid values:
disable
,static
,auto
. - Sso
Credential string - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - Sso
Credential stringSent Once - Single sign-on credentials are only sent once to remote server. Valid values:
enable
,disable
. - Sso
Password string - SSO password.
- Sso
Username string - SSO user name.
- Url string
- URL parameter.
- Vnc
Keyboard stringLayout - Keyboard layout. Valid values:
default
,da
,nl
,en-uk
,en-uk-ext
,fi
,fr
,fr-be
,fr-ca-mul
,de
,de-ch
,it
,it-142
,pt
,pt-br-abnt2
,no
,gd
,es
,sv
,us-intl
. - Width int
- Screen width. On FortiOS versions 7.0.4-7.0.5: range from 640 - 65535, default = 1024. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- Additional
Params string - Additional parameters.
- Apptype string
- Application type.
- Color
Depth string - Color depth per pixel. Valid values:
32
,16
,8
. - Description string
- Description.
- Domain string
- Login domain.
- Folder string
- Network shared file folder parameter.
- Form
Datas []PortalBookmark Group Bookmark Form Data - Form data. The structure of
form_data
block is documented below. - Height int
- Screen height. On FortiOS versions 7.0.4-7.0.5: range from 480 - 65535, default = 768. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- Host string
- Host name/IP parameter.
- Keyboard
Layout string - Keyboard layout.
- Listening
Port int - Listening port (0 - 65535).
- Load
Balancing stringInfo - The load balancing information or cookie which should be provided to the connection broker.
- Logon
Password string - Logon password.
- Logon
User string - Logon user.
- Name string
- Bookmark name.
- Port int
- Remote port.
- Preconnection
Blob string - An arbitrary string which identifies the RDP source.
- Preconnection
Id int - The numeric ID of the RDP source. On FortiOS versions 6.2.0-6.4.2, 7.0.0: 0-2147483648. On FortiOS versions 6.4.10-6.4.15, >= 7.0.1: 0-4294967295.
- Remote
Port int - Remote port (0 - 65535).
- Restricted
Admin string - Enable/disable restricted admin mode for RDP. Valid values:
enable
,disable
. - Security string
- Security mode for RDP connection (default = any). Valid values:
rdp
,nla
,tls
,any
. - Send
Preconnection stringId - Enable/disable sending of preconnection ID. Valid values:
enable
,disable
. - Server
Layout string - Server side keyboard layout.
- Show
Status stringWindow - Enable/disable showing of status window. Valid values:
enable
,disable
. - Sso string
- Single Sign-On. Valid values:
disable
,static
,auto
. - Sso
Credential string - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - Sso
Credential stringSent Once - Single sign-on credentials are only sent once to remote server. Valid values:
enable
,disable
. - Sso
Password string - SSO password.
- Sso
Username string - SSO user name.
- Url string
- URL parameter.
- Vnc
Keyboard stringLayout - Keyboard layout. Valid values:
default
,da
,nl
,en-uk
,en-uk-ext
,fi
,fr
,fr-be
,fr-ca-mul
,de
,de-ch
,it
,it-142
,pt
,pt-br-abnt2
,no
,gd
,es
,sv
,us-intl
. - Width int
- Screen width. On FortiOS versions 7.0.4-7.0.5: range from 640 - 65535, default = 1024. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- additional
Params String - Additional parameters.
- apptype String
- Application type.
- color
Depth String - Color depth per pixel. Valid values:
32
,16
,8
. - description String
- Description.
- domain String
- Login domain.
- folder String
- Network shared file folder parameter.
- form
Datas List<PortalBookmark Group Bookmark Form Data> - Form data. The structure of
form_data
block is documented below. - height Integer
- Screen height. On FortiOS versions 7.0.4-7.0.5: range from 480 - 65535, default = 768. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- host String
- Host name/IP parameter.
- keyboard
Layout String - Keyboard layout.
- listening
Port Integer - Listening port (0 - 65535).
- load
Balancing StringInfo - The load balancing information or cookie which should be provided to the connection broker.
- logon
Password String - Logon password.
- logon
User String - Logon user.
- name String
- Bookmark name.
- port Integer
- Remote port.
- preconnection
Blob String - An arbitrary string which identifies the RDP source.
- preconnection
Id Integer - The numeric ID of the RDP source. On FortiOS versions 6.2.0-6.4.2, 7.0.0: 0-2147483648. On FortiOS versions 6.4.10-6.4.15, >= 7.0.1: 0-4294967295.
- remote
Port Integer - Remote port (0 - 65535).
- restricted
Admin String - Enable/disable restricted admin mode for RDP. Valid values:
enable
,disable
. - security String
- Security mode for RDP connection (default = any). Valid values:
rdp
,nla
,tls
,any
. - send
Preconnection StringId - Enable/disable sending of preconnection ID. Valid values:
enable
,disable
. - server
Layout String - Server side keyboard layout.
- show
Status StringWindow - Enable/disable showing of status window. Valid values:
enable
,disable
. - sso String
- Single Sign-On. Valid values:
disable
,static
,auto
. - sso
Credential String - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - sso
Credential StringSent Once - Single sign-on credentials are only sent once to remote server. Valid values:
enable
,disable
. - sso
Password String - SSO password.
- sso
Username String - SSO user name.
- url String
- URL parameter.
- vnc
Keyboard StringLayout - Keyboard layout. Valid values:
default
,da
,nl
,en-uk
,en-uk-ext
,fi
,fr
,fr-be
,fr-ca-mul
,de
,de-ch
,it
,it-142
,pt
,pt-br-abnt2
,no
,gd
,es
,sv
,us-intl
. - width Integer
- Screen width. On FortiOS versions 7.0.4-7.0.5: range from 640 - 65535, default = 1024. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- additional
Params string - Additional parameters.
- apptype string
- Application type.
- color
Depth string - Color depth per pixel. Valid values:
32
,16
,8
. - description string
- Description.
- domain string
- Login domain.
- folder string
- Network shared file folder parameter.
- form
Datas PortalBookmark Group Bookmark Form Data[] - Form data. The structure of
form_data
block is documented below. - height number
- Screen height. On FortiOS versions 7.0.4-7.0.5: range from 480 - 65535, default = 768. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- host string
- Host name/IP parameter.
- keyboard
Layout string - Keyboard layout.
- listening
Port number - Listening port (0 - 65535).
- load
Balancing stringInfo - The load balancing information or cookie which should be provided to the connection broker.
- logon
Password string - Logon password.
- logon
User string - Logon user.
- name string
- Bookmark name.
- port number
- Remote port.
- preconnection
Blob string - An arbitrary string which identifies the RDP source.
- preconnection
Id number - The numeric ID of the RDP source. On FortiOS versions 6.2.0-6.4.2, 7.0.0: 0-2147483648. On FortiOS versions 6.4.10-6.4.15, >= 7.0.1: 0-4294967295.
- remote
Port number - Remote port (0 - 65535).
- restricted
Admin string - Enable/disable restricted admin mode for RDP. Valid values:
enable
,disable
. - security string
- Security mode for RDP connection (default = any). Valid values:
rdp
,nla
,tls
,any
. - send
Preconnection stringId - Enable/disable sending of preconnection ID. Valid values:
enable
,disable
. - server
Layout string - Server side keyboard layout.
- show
Status stringWindow - Enable/disable showing of status window. Valid values:
enable
,disable
. - sso string
- Single Sign-On. Valid values:
disable
,static
,auto
. - sso
Credential string - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - sso
Credential stringSent Once - Single sign-on credentials are only sent once to remote server. Valid values:
enable
,disable
. - sso
Password string - SSO password.
- sso
Username string - SSO user name.
- url string
- URL parameter.
- vnc
Keyboard stringLayout - Keyboard layout. Valid values:
default
,da
,nl
,en-uk
,en-uk-ext
,fi
,fr
,fr-be
,fr-ca-mul
,de
,de-ch
,it
,it-142
,pt
,pt-br-abnt2
,no
,gd
,es
,sv
,us-intl
. - width number
- Screen width. On FortiOS versions 7.0.4-7.0.5: range from 640 - 65535, default = 1024. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- additional_
params str - Additional parameters.
- apptype str
- Application type.
- color_
depth str - Color depth per pixel. Valid values:
32
,16
,8
. - description str
- Description.
- domain str
- Login domain.
- folder str
- Network shared file folder parameter.
- form_
datas Sequence[PortalBookmark Group Bookmark Form Data] - Form data. The structure of
form_data
block is documented below. - height int
- Screen height. On FortiOS versions 7.0.4-7.0.5: range from 480 - 65535, default = 768. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- host str
- Host name/IP parameter.
- keyboard_
layout str - Keyboard layout.
- listening_
port int - Listening port (0 - 65535).
- load_
balancing_ strinfo - The load balancing information or cookie which should be provided to the connection broker.
- logon_
password str - Logon password.
- logon_
user str - Logon user.
- name str
- Bookmark name.
- port int
- Remote port.
- preconnection_
blob str - An arbitrary string which identifies the RDP source.
- preconnection_
id int - The numeric ID of the RDP source. On FortiOS versions 6.2.0-6.4.2, 7.0.0: 0-2147483648. On FortiOS versions 6.4.10-6.4.15, >= 7.0.1: 0-4294967295.
- remote_
port int - Remote port (0 - 65535).
- restricted_
admin str - Enable/disable restricted admin mode for RDP. Valid values:
enable
,disable
. - security str
- Security mode for RDP connection (default = any). Valid values:
rdp
,nla
,tls
,any
. - send_
preconnection_ strid - Enable/disable sending of preconnection ID. Valid values:
enable
,disable
. - server_
layout str - Server side keyboard layout.
- show_
status_ strwindow - Enable/disable showing of status window. Valid values:
enable
,disable
. - sso str
- Single Sign-On. Valid values:
disable
,static
,auto
. - sso_
credential str - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - sso_
credential_ strsent_ once - Single sign-on credentials are only sent once to remote server. Valid values:
enable
,disable
. - sso_
password str - SSO password.
- sso_
username str - SSO user name.
- url str
- URL parameter.
- vnc_
keyboard_ strlayout - Keyboard layout. Valid values:
default
,da
,nl
,en-uk
,en-uk-ext
,fi
,fr
,fr-be
,fr-ca-mul
,de
,de-ch
,it
,it-142
,pt
,pt-br-abnt2
,no
,gd
,es
,sv
,us-intl
. - width int
- Screen width. On FortiOS versions 7.0.4-7.0.5: range from 640 - 65535, default = 1024. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- additional
Params String - Additional parameters.
- apptype String
- Application type.
- color
Depth String - Color depth per pixel. Valid values:
32
,16
,8
. - description String
- Description.
- domain String
- Login domain.
- folder String
- Network shared file folder parameter.
- form
Datas List<Property Map> - Form data. The structure of
form_data
block is documented below. - height Number
- Screen height. On FortiOS versions 7.0.4-7.0.5: range from 480 - 65535, default = 768. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
- host String
- Host name/IP parameter.
- keyboard
Layout String - Keyboard layout.
- listening
Port Number - Listening port (0 - 65535).
- load
Balancing StringInfo - The load balancing information or cookie which should be provided to the connection broker.
- logon
Password String - Logon password.
- logon
User String - Logon user.
- name String
- Bookmark name.
- port Number
- Remote port.
- preconnection
Blob String - An arbitrary string which identifies the RDP source.
- preconnection
Id Number - The numeric ID of the RDP source. On FortiOS versions 6.2.0-6.4.2, 7.0.0: 0-2147483648. On FortiOS versions 6.4.10-6.4.15, >= 7.0.1: 0-4294967295.
- remote
Port Number - Remote port (0 - 65535).
- restricted
Admin String - Enable/disable restricted admin mode for RDP. Valid values:
enable
,disable
. - security String
- Security mode for RDP connection (default = any). Valid values:
rdp
,nla
,tls
,any
. - send
Preconnection StringId - Enable/disable sending of preconnection ID. Valid values:
enable
,disable
. - server
Layout String - Server side keyboard layout.
- show
Status StringWindow - Enable/disable showing of status window. Valid values:
enable
,disable
. - sso String
- Single Sign-On. Valid values:
disable
,static
,auto
. - sso
Credential String - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - sso
Credential StringSent Once - Single sign-on credentials are only sent once to remote server. Valid values:
enable
,disable
. - sso
Password String - SSO password.
- sso
Username String - SSO user name.
- url String
- URL parameter.
- vnc
Keyboard StringLayout - Keyboard layout. Valid values:
default
,da
,nl
,en-uk
,en-uk-ext
,fi
,fr
,fr-be
,fr-ca-mul
,de
,de-ch
,it
,it-142
,pt
,pt-br-abnt2
,no
,gd
,es
,sv
,us-intl
. - width Number
- Screen width. On FortiOS versions 7.0.4-7.0.5: range from 640 - 65535, default = 1024. On FortiOS versions >= 7.0.6: range from 0 - 65535, default = 0.
PortalBookmarkGroupBookmarkFormData, PortalBookmarkGroupBookmarkFormDataArgs
PortalHostCheckPolicy, PortalHostCheckPolicyArgs
- Name string
- Host check software list name.
- Name string
- Host check software list name.
- name String
- Host check software list name.
- name string
- Host check software list name.
- name str
- Host check software list name.
- name String
- Host check software list name.
PortalIpPool, PortalIpPoolArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
PortalIpv6Pool, PortalIpv6PoolArgs
- Name string
- Portal name.
- Name string
- Portal name.
- name String
- Portal name.
- name string
- Portal name.
- name str
- Portal name.
- name String
- Portal name.
PortalIpv6SplitTunnelingRoutingAddress, PortalIpv6SplitTunnelingRoutingAddressArgs
- Name string
- Portal name.
- Name string
- Portal name.
- name String
- Portal name.
- name string
- Portal name.
- name str
- Portal name.
- name String
- Portal name.
PortalLandingPage, PortalLandingPageArgs
- Form
Datas List<Pulumiverse.Fortios. Vpn. Ssl. Web. Inputs. Portal Landing Page Form Data> - Form data. The structure of
form_data
block is documented below. - Logout
Url string - Landing page log out URL.
- Sso string
- Single sign-on. Valid values:
disable
,static
,auto
. - Sso
Credential string - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - Sso
Password string - SSO password.
- Sso
Username string - SSO user name.
- Url string
- Landing page URL.
- Form
Datas []PortalLanding Page Form Data - Form data. The structure of
form_data
block is documented below. - Logout
Url string - Landing page log out URL.
- Sso string
- Single sign-on. Valid values:
disable
,static
,auto
. - Sso
Credential string - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - Sso
Password string - SSO password.
- Sso
Username string - SSO user name.
- Url string
- Landing page URL.
- form
Datas List<PortalLanding Page Form Data> - Form data. The structure of
form_data
block is documented below. - logout
Url String - Landing page log out URL.
- sso String
- Single sign-on. Valid values:
disable
,static
,auto
. - sso
Credential String - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - sso
Password String - SSO password.
- sso
Username String - SSO user name.
- url String
- Landing page URL.
- form
Datas PortalLanding Page Form Data[] - Form data. The structure of
form_data
block is documented below. - logout
Url string - Landing page log out URL.
- sso string
- Single sign-on. Valid values:
disable
,static
,auto
. - sso
Credential string - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - sso
Password string - SSO password.
- sso
Username string - SSO user name.
- url string
- Landing page URL.
- form_
datas Sequence[PortalLanding Page Form Data] - Form data. The structure of
form_data
block is documented below. - logout_
url str - Landing page log out URL.
- sso str
- Single sign-on. Valid values:
disable
,static
,auto
. - sso_
credential str - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - sso_
password str - SSO password.
- sso_
username str - SSO user name.
- url str
- Landing page URL.
- form
Datas List<Property Map> - Form data. The structure of
form_data
block is documented below. - logout
Url String - Landing page log out URL.
- sso String
- Single sign-on. Valid values:
disable
,static
,auto
. - sso
Credential String - Single sign-on credentials. Valid values:
sslvpn-login
,alternative
. - sso
Password String - SSO password.
- sso
Username String - SSO user name.
- url String
- Landing page URL.
PortalLandingPageFormData, PortalLandingPageFormDataArgs
PortalMacAddrCheckRule, PortalMacAddrCheckRuleArgs
- Mac
Addr List<Pulumiverse.Lists Fortios. Vpn. Ssl. Web. Inputs. Portal Mac Addr Check Rule Mac Addr List> - Client MAC address list. The structure of
mac_addr_list
block is documented below. - Mac
Addr intMask - Client MAC address mask.
- Name string
- Client MAC address check rule name.
- Mac
Addr []PortalLists Mac Addr Check Rule Mac Addr List - Client MAC address list. The structure of
mac_addr_list
block is documented below. - Mac
Addr intMask - Client MAC address mask.
- Name string
- Client MAC address check rule name.
- mac
Addr List<PortalLists Mac Addr Check Rule Mac Addr List> - Client MAC address list. The structure of
mac_addr_list
block is documented below. - mac
Addr IntegerMask - Client MAC address mask.
- name String
- Client MAC address check rule name.
- mac
Addr PortalLists Mac Addr Check Rule Mac Addr List[] - Client MAC address list. The structure of
mac_addr_list
block is documented below. - mac
Addr numberMask - Client MAC address mask.
- name string
- Client MAC address check rule name.
- mac_
addr_ Sequence[Portallists Mac Addr Check Rule Mac Addr List] - Client MAC address list. The structure of
mac_addr_list
block is documented below. - mac_
addr_ intmask - Client MAC address mask.
- name str
- Client MAC address check rule name.
- mac
Addr List<Property Map>Lists - Client MAC address list. The structure of
mac_addr_list
block is documented below. - mac
Addr NumberMask - Client MAC address mask.
- name String
- Client MAC address check rule name.
PortalMacAddrCheckRuleMacAddrList, PortalMacAddrCheckRuleMacAddrListArgs
- Addr string
- Client MAC address.
- Addr string
- Client MAC address.
- addr String
- Client MAC address.
- addr string
- Client MAC address.
- addr str
- Client MAC address.
- addr String
- Client MAC address.
PortalOsCheckList, PortalOsCheckListArgs
- Action string
- OS check options. Valid values:
deny
,allow
,check-up-to-date
. - Latest
Patch stringLevel - Latest OS patch level.
- Name string
- Name.
- Tolerance int
- OS patch level tolerance.
- Action string
- OS check options. Valid values:
deny
,allow
,check-up-to-date
. - Latest
Patch stringLevel - Latest OS patch level.
- Name string
- Name.
- Tolerance int
- OS patch level tolerance.
- action String
- OS check options. Valid values:
deny
,allow
,check-up-to-date
. - latest
Patch StringLevel - Latest OS patch level.
- name String
- Name.
- tolerance Integer
- OS patch level tolerance.
- action string
- OS check options. Valid values:
deny
,allow
,check-up-to-date
. - latest
Patch stringLevel - Latest OS patch level.
- name string
- Name.
- tolerance number
- OS patch level tolerance.
- action str
- OS check options. Valid values:
deny
,allow
,check-up-to-date
. - latest_
patch_ strlevel - Latest OS patch level.
- name str
- Name.
- tolerance int
- OS patch level tolerance.
- action String
- OS check options. Valid values:
deny
,allow
,check-up-to-date
. - latest
Patch StringLevel - Latest OS patch level.
- name String
- Name.
- tolerance Number
- OS patch level tolerance.
PortalSplitDn, PortalSplitDnArgs
- Dns
Server1 string - DNS server 1.
- Dns
Server2 string - DNS server 2.
- Domains string
- Split DNS domains used for SSL-VPN clients separated by comma.
- Id int
- ID.
- Ipv6Dns
Server1 string - IPv6 DNS server 1.
- Ipv6Dns
Server2 string - IPv6 DNS server 2.
- Dns
Server1 string - DNS server 1.
- Dns
Server2 string - DNS server 2.
- Domains string
- Split DNS domains used for SSL-VPN clients separated by comma.
- Id int
- ID.
- Ipv6Dns
Server1 string - IPv6 DNS server 1.
- Ipv6Dns
Server2 string - IPv6 DNS server 2.
- dns
Server1 String - DNS server 1.
- dns
Server2 String - DNS server 2.
- domains String
- Split DNS domains used for SSL-VPN clients separated by comma.
- id Integer
- ID.
- ipv6Dns
Server1 String - IPv6 DNS server 1.
- ipv6Dns
Server2 String - IPv6 DNS server 2.
- dns
Server1 string - DNS server 1.
- dns
Server2 string - DNS server 2.
- domains string
- Split DNS domains used for SSL-VPN clients separated by comma.
- id number
- ID.
- ipv6Dns
Server1 string - IPv6 DNS server 1.
- ipv6Dns
Server2 string - IPv6 DNS server 2.
- dns_
server1 str - DNS server 1.
- dns_
server2 str - DNS server 2.
- domains str
- Split DNS domains used for SSL-VPN clients separated by comma.
- id int
- ID.
- ipv6_
dns_ strserver1 - IPv6 DNS server 1.
- ipv6_
dns_ strserver2 - IPv6 DNS server 2.
- dns
Server1 String - DNS server 1.
- dns
Server2 String - DNS server 2.
- domains String
- Split DNS domains used for SSL-VPN clients separated by comma.
- id Number
- ID.
- ipv6Dns
Server1 String - IPv6 DNS server 1.
- ipv6Dns
Server2 String - IPv6 DNS server 2.
PortalSplitTunnelingRoutingAddress, PortalSplitTunnelingRoutingAddressArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
Import
VpnSslWeb Portal can be imported using any of these accepted formats:
$ pulumi import fortios:vpn/ssl/web/portal:Portal labelname {{name}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:vpn/ssl/web/portal:Portal labelname {{name}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.