meraki_mr_l3_firewall – Manage MR access point layer 3 firewalls in the Meraki cloud

From Get docs
Ansible/docs/2.8/modules/meraki mr l3 firewall module


meraki_mr_l3_firewall – Manage MR access point layer 3 firewalls in the Meraki cloud

New in version 2.7.


Synopsis

  • Allows for creation, management, and visibility into layer 3 firewalls implemented on Meraki MR access points.

Parameters

Parameter Choices/Defaults Comments

allow_lan_access

boolean

  • no
  • yes

Sets whether devices can talk to other devices on the same LAN.

auth_key

string

Authentication key provided by the dashboard. Required if environmental variable MERAKI_KEY is not set.

host

string

Default:

"api.meraki.com"

Hostname for Meraki dashboard.

Can be used to access regional Meraki environments, such as China.

net_id

string

ID of network containing access points.

net_name

string

Name of network containing access points.

number

integer

Number of SSID to apply firewall rule to.


aliases: ssid_number

org_id

integer

ID of organization.

org_name

string

Name of organization.


aliases: organization

output_level

string

  • debug
  • normal

Set amount of debug output during module execution.

rules

list

List of firewall rules.

comment

string

Optional comment describing the firewall rule.

dest_cidr

string

Comma-separated list of CIDR notation networks to match.

dest_port

string

Comma-seperated list of destination ports to match.

policy

string

  • allow
  • deny

Specifies the action that should be taken when rule is hit.

protocol

string

  • any
  • icmp
  • tcp
  • udp

Specifies protocol to match against.

ssid_name

string

Name of SSID to apply firewall rule to.


aliases: ssid

state

string

  • present

  • query

Create or modify an organization.

timeout

integer

Default:

30

Time to timeout for HTTP requests.

use_https

boolean

  • no
  • yes

If no, it will use HTTP. Otherwise it will use HTTPS.

Only useful for internal Meraki developers.

use_proxy

boolean

  • no
  • yes

If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.

validate_certs

boolean

  • no
  • yes

Whether to validate HTTP certificates.



Notes

Note


Examples

- name: Create single firewall rule
  meraki_mr_l3_firewall:
    auth_key: abc123
    state: present
    org_name: YourOrg
    net_id: 12345
    number: 1
    rules:
      - comment: Integration test rule
        policy: allow
        protocol: tcp
        dest_port: 80
        dest_cidr: 192.0.2.0/24
    allow_lan_access: no
  delegate_to: localhost

- name: Enable local LAN access
  meraki_mr_l3_firewall:
    auth_key: abc123
    state: present
    org_name: YourOrg
    net_id: 123
    number: 1
    rules:
    allow_lan_access: yes
  delegate_to: localhost

- name: Query firewall rules
  meraki_mr_l3_firewall:
    auth_key: abc123
    state: query
    org_name: YourOrg
    net_name: YourNet
    number: 1
  delegate_to: localhost

Status

Authors

  • Kevin Breit (@kbreit)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/meraki_mr_l3_firewall_module.html