Home / Security / Fortigate / Ansible x Fortigate : Script collection

Ansible x Fortigate : Script collection

After the previous article : Ansible : Automated Fortigate blocklist ipsets, I’dl ike to share with you a small script collection I use to be sure I’ve the exact same configuration on all my fortigates firewall. Wrote with Ansible. I automatise some important configuration like system configuration, LDAP & admin creation, Objects names & groups or the backup :)

The Collection

Every ansible script are available on my github : https://github.com/alex-nogard/fortigate-ansible-collection

Zapier vs. IFTTT: The Best Tool for Task Automation | TechnologyAdvice

Fortigate System Template

Aim :

The objective is to create a system template, to have the exact same config on all firewalls. It’s really usefull to avoid mistakes :)

How it works :

1 / Configure the system global parameters : -> Console timeout -> Language -> Fortigate Alias

2 / Configure the Firewall DNS

3 / Configure the Firewall NTP Server

4 / Configure the Firewall SNMP

5 / Configure the SMTP part.

Command :

 ansible-playbook global-template.yml

8 conseils pour faire des backups

Fortigate backup

How it works ?

1 / The script will retrieve the full configuration of your firewall

2 / the full conf will be written in a .config file

Command :

ansible-playbook backupforti.yml

Python] Useful tips when importing modules in Python - Parkito's on the way

Fortigate Massive host import

How it works :

Prerequisite : create a 2 columns CSV, with a name column and IP column

1 / The script will read the CSV defined in the command line arg, and create all hosts

2 / The script will populate the created hosts in a group, defined in the command line arg

Command :

ansible-playbook massive-import.yml -e loadcsv=import.csv -e addgrp=test099

Dont forget to change the name & path of your CSV file, and the name of the group you’ld like to put the hosts.

Admin Access with LDAP

How it works ?

1 / The script will create a new ldap server, dont forget to modify your parameters

2 / The script will create a new group, linkt to LDAP server. Please put the CN of your group name

3 / Create the admin, linkt to the group previously created.

Command :

ansible-playbook admin-access-with-ldap.yml

I hope it will help you in your day to day work :) More scripts are coming soon ;)

About Alexandre Nogard

Leave a Reply

Your email address will not be published. Required fields are marked *