@pulumiverse/fortios
Version:
A Pulumi package for creating and managing Fortios resources. Based on terraform-provider-fortios: version v1.16.0
1,239 lines • 79 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* Configure VDOM settings.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as fortios from "@pulumiverse/fortios";
*
* const trname = new fortios.system.Settings("trname", {
* allowLinkdownPath: "disable",
* guiWebfilter: "enable",
* opmode: "nat",
* sipSslPort: 5061,
* status: "enable",
* });
* ```
*
* ## Import
*
* System Settings can be imported using any of these accepted formats:
*
* ```sh
* $ pulumi import fortios:system/settings:Settings labelname SystemSettings
* ```
*
* If you do not want to import arguments of block:
*
* $ export "FORTIOS_IMPORT_TABLE"="false"
*
* ```sh
* $ pulumi import fortios:system/settings:Settings labelname SystemSettings
* ```
*
* $ unset "FORTIOS_IMPORT_TABLE"
*/
export declare class Settings extends pulumi.CustomResource {
/**
* Get an existing Settings resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SettingsState, opts?: pulumi.CustomResourceOptions): Settings;
/**
* Returns true if the given object is an instance of Settings. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Settings;
/**
* Enable/disable link down path. Valid values: `enable`, `disable`.
*/
readonly allowLinkdownPath: pulumi.Output<string>;
/**
* Enable/disable allowing interface subnets to use overlapping IP addresses. Valid values: `enable`, `disable`.
*/
readonly allowSubnetOverlap: pulumi.Output<string>;
/**
* Enable/disable application bandwidth tracking. Valid values: `disable`, `enable`.
*/
readonly applicationBandwidthTracking: pulumi.Output<string>;
/**
* Enable/disable IPv4 asymmetric routing. Valid values: `enable`, `disable`.
*/
readonly asymroute: pulumi.Output<string>;
/**
* Enable/disable asymmetric IPv6 routing. Valid values: `enable`, `disable`.
*/
readonly asymroute6: pulumi.Output<string>;
/**
* Enable/disable asymmetric ICMPv6 routing. Valid values: `enable`, `disable`.
*/
readonly asymroute6Icmp: pulumi.Output<string>;
/**
* Enable/disable ICMP asymmetric routing. Valid values: `enable`, `disable`.
*/
readonly asymrouteIcmp: pulumi.Output<string>;
/**
* Enable/disable auxiliary session. Valid values: `enable`, `disable`.
*/
readonly auxiliarySession: pulumi.Output<string>;
/**
* Enable/disable Bi-directional Forwarding Detection (BFD) on all interfaces. Valid values: `enable`, `disable`.
*/
readonly bfd: pulumi.Output<string>;
/**
* BFD desired minimal transmit interval (1 - 100000 ms). On FortiOS versions 6.2.0-6.4.15: default = 50. On FortiOS versions >= 7.0.0: default = 250.
*/
readonly bfdDesiredMinTx: pulumi.Output<number>;
/**
* BFD detection multiplier (1 - 50, default = 3).
*/
readonly bfdDetectMult: pulumi.Output<number>;
/**
* Enable to not enforce verifying the source port of BFD Packets. Valid values: `enable`, `disable`.
*/
readonly bfdDontEnforceSrcPort: pulumi.Output<string>;
/**
* BFD required minimal receive interval (1 - 100000 ms). On FortiOS versions 6.2.0-6.4.15: default = 50. On FortiOS versions >= 7.0.0: default = 250.
*/
readonly bfdRequiredMinRx: pulumi.Output<number>;
/**
* Enable/disable blocking of land attacks. Valid values: `disable`, `enable`.
*/
readonly blockLandAttack: pulumi.Output<string>;
/**
* Enable/disable central NAT. Valid values: `enable`, `disable`.
*/
readonly centralNat: pulumi.Output<string>;
/**
* VDOM comments.
*/
readonly comments: pulumi.Output<string | undefined>;
/**
* Enable/disable PCI DSS compliance checking. Valid values: `enable`, `disable`.
*/
readonly complianceCheck: pulumi.Output<string>;
/**
* Consolidated firewall mode.
*/
readonly consolidatedFirewallMode: pulumi.Output<string>;
/**
* Enable/disable policy service enforcement based on application default ports. Valid values: `enable`, `disable`.
*/
readonly defaultAppPortAsService: pulumi.Output<string>;
/**
* Default policy expiry in days (0 - 365 days, default = 30).
*/
readonly defaultPolicyExpiryDays: pulumi.Output<number>;
/**
* Configure how the FortiGate handles VoIP traffic when a policy that accepts the traffic doesn't include a VoIP profile. Valid values: `proxy-based`, `kernel-helper-based`.
*/
readonly defaultVoipAlgMode: pulumi.Output<string>;
/**
* Enable/disable denying TCP by sending an ICMP communication prohibited packet. Valid values: `enable`, `disable`.
*/
readonly denyTcpWithIcmp: pulumi.Output<string>;
/**
* Enable/disable detection of unknown ESP packets (default = enable). Valid values: `enable`, `disable`.
*/
readonly detectUnknownEsp: pulumi.Output<string>;
/**
* Interface to use for management access for NAT mode.
*/
readonly device: pulumi.Output<string>;
/**
* DHCPv6 server IPv6 address.
*/
readonly dhcp6ServerIp: pulumi.Output<string>;
/**
* Enable/disable the DHCP Proxy. Valid values: `enable`, `disable`.
*/
readonly dhcpProxy: pulumi.Output<string>;
/**
* Specify outgoing interface to reach server.
*/
readonly dhcpProxyInterface: pulumi.Output<string>;
/**
* Specify how to select outgoing interface to reach server. Valid values: `auto`, `sdwan`, `specify`.
*/
readonly dhcpProxyInterfaceSelectMethod: pulumi.Output<string>;
/**
* DHCP Server IPv4 address.
*/
readonly dhcpServerIp: pulumi.Output<string>;
/**
* Timeout for discovered devices (1 - 365 days, default = 28).
*/
readonly discoveredDeviceTimeout: pulumi.Output<number>;
/**
* Enable/disable dirty session check caused by dynamic address updates. Valid values: `enable`, `disable`.
*/
readonly dynAddrSessionCheck: pulumi.Output<string>;
/**
* Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
*/
readonly dynamicSortSubtable: pulumi.Output<string | undefined>;
/**
* Maximum number of Equal Cost Multi-Path (ECMP) next-hops. Set to 1 to disable ECMP routing. On FortiOS versions 6.2.0: 1 - 100, default = 10. On FortiOS versions >= 6.2.4: 1 - 255, default = 255.
*/
readonly ecmpMaxPaths: pulumi.Output<number>;
/**
* Enable/disable using DNS to validate email addresses collected by a captive portal. Valid values: `disable`, `enable`.
*/
readonly emailPortalCheckDns: pulumi.Output<string>;
/**
* Enable/disable dirty session check caused by external resource updates. Valid values: `enable`, `disable`.
*/
readonly extResourceSessionCheck: pulumi.Output<string>;
/**
* Select how to manage sessions affected by firewall policy configuration changes. Valid values: `check-all`, `check-new`, `check-policy-option`.
*/
readonly firewallSessionDirty: pulumi.Output<string>;
/**
* Enable/disable dirty session check caused by FQDN updates. Valid values: `enable`, `disable`.
*/
readonly fqdnSessionCheck: pulumi.Output<string>;
/**
* Enable/disable checking for a matching policy each time hairpin traffic goes through the FortiGate. Valid values: `enable`, `disable`.
*/
readonly fwSessionHairpin: pulumi.Output<string>;
/**
* Transparent mode IPv4 default gateway IP address.
*/
readonly gateway: pulumi.Output<string>;
/**
* Transparent mode IPv4 default gateway IP address.
*/
readonly gateway6: pulumi.Output<string>;
/**
* Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
*/
readonly getAllTables: pulumi.Output<string | undefined>;
/**
* Enable/disable advanced policy configuration on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiAdvancedPolicy: pulumi.Output<string>;
/**
* Enable/disable advanced wireless features in GUI. Valid values: `enable`, `disable`.
*/
readonly guiAdvancedWirelessFeatures: pulumi.Output<string>;
/**
* Enable/disable the requirement for policy naming on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiAllowUnnamedPolicy: pulumi.Output<string>;
/**
* Enable/disable AntiVirus on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiAntivirus: pulumi.Output<string>;
/**
* Enable/disable FortiAP profiles on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiApProfile: pulumi.Output<string>;
/**
* Enable/disable application control on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiApplicationControl: pulumi.Output<string>;
/**
* Enable/disable Inline-CASB on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiCasb: pulumi.Output<string>;
/**
* Default columns to display for policy lists on GUI. The structure of `guiDefaultPolicyColumns` block is documented below.
*/
readonly guiDefaultPolicyColumns: pulumi.Output<outputs.system.SettingsGuiDefaultPolicyColumn[] | undefined>;
/**
* Enable/disable advanced DHCP options on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDhcpAdvanced: pulumi.Output<string>;
/**
* Enable/disable DLP on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDlp: pulumi.Output<string>;
/**
* Enable/disable Data Leak Prevention on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDlpProfile: pulumi.Output<string>;
/**
* Enable/disable DNS database settings on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDnsDatabase: pulumi.Output<string>;
/**
* Enable/disable DNS Filtering on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDnsfilter: pulumi.Output<string>;
/**
* Enable/disable Domain and IP Reputation on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDomainIpReputation: pulumi.Output<string>;
/**
* Enable/disable DoS policies on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDosPolicy: pulumi.Output<string>;
/**
* Enable/disable Create dynamic addresses to manage known devices. Valid values: `enable`, `disable`.
*/
readonly guiDynamicDeviceOsId: pulumi.Output<string>;
/**
* Enable/disable RADIUS Single Sign On (RSSO) on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDynamicProfileDisplay: pulumi.Output<string>;
/**
* Enable/disable dynamic routing on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiDynamicRouting: pulumi.Output<string>;
/**
* Enable/disable email collection on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiEmailCollection: pulumi.Output<string>;
/**
* Enable/disable endpoint control on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiEndpointControl: pulumi.Output<string>;
/**
* Enable/disable advanced endpoint control options on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiEndpointControlAdvanced: pulumi.Output<string>;
/**
* Enforce change summaries for select tables in the GUI. Valid values: `disable`, `require`, `optional`.
*/
readonly guiEnforceChangeSummary: pulumi.Output<string>;
/**
* Enable/disable the explicit proxy on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiExplicitProxy: pulumi.Output<string>;
/**
* Enable/disable File-filter on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiFileFilter: pulumi.Output<string>;
/**
* Enable/disable FortiAP split tunneling on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiFortiapSplitTunneling: pulumi.Output<string>;
/**
* Enable/disable FortiExtender on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiFortiextenderController: pulumi.Output<string>;
/**
* Enable/disable ICAP on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiIcap: pulumi.Output<string>;
/**
* Enable/disable implicit firewall policies on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiImplicitPolicy: pulumi.Output<string>;
/**
* Enable/disable IPS on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiIps: pulumi.Output<string>;
/**
* Enable/disable server load balancing on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiLoadBalance: pulumi.Output<string>;
/**
* Enable/disable Local-In policies on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiLocalInPolicy: pulumi.Output<string>;
/**
* Enable/disable local reports on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiLocalReports: pulumi.Output<string>;
/**
* Enable/disable multicast firewall policies on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiMulticastPolicy: pulumi.Output<string>;
/**
* Enable/disable adding multiple interfaces to a policy on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiMultipleInterfacePolicy: pulumi.Output<string>;
/**
* Enable/disable multiple UTM profiles on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiMultipleUtmProfiles: pulumi.Output<string>;
/**
* Enable/disable NAT46 and NAT64 settings on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiNat4664: pulumi.Output<string>;
/**
* Enable/disable object colors on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiObjectColors: pulumi.Output<string>;
/**
* Enable/disable Show Operational Technology Purdue Model. Valid values: `enable`, `disable`.
*/
readonly guiOt: pulumi.Output<string>;
/**
* Enable/disable policy disclaimer on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiPerPolicyDisclaimer: pulumi.Output<string>;
/**
* Enable/disable policy-based IPsec VPN on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiPolicyBasedIpsec: pulumi.Output<string>;
/**
* Enable/disable policy disclaimer on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiPolicyDisclaimer: pulumi.Output<string>;
/**
* Enable/disable firewall policy learning mode on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiPolicyLearning: pulumi.Output<string>;
/**
* Enable/disable the proxy features on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiProxyInspection: pulumi.Output<string>;
/**
* Enable/disable replacement message groups on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiReplacementMessageGroups: pulumi.Output<string>;
/**
* Enable/disable route-tag addresses on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiRouteTagAddressCreation: pulumi.Output<string>;
/**
* Enable/disable Security Profile Groups on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiSecurityProfileGroup: pulumi.Output<string>;
/**
* Enable/disable Antispam on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiSpamfilter: pulumi.Output<string>;
/**
* Enable/disable SSL-VPN settings pages on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiSslvpn: pulumi.Output<string>;
/**
* Enable/disable SSL-VPN personal bookmark management on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiSslvpnPersonalBookmarks: pulumi.Output<string>;
/**
* Enable/disable SSL-VPN realms on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiSslvpnRealms: pulumi.Output<string>;
/**
* Enable/disable the switch controller on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiSwitchController: pulumi.Output<string>;
/**
* Enable/disable threat weight on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiThreatWeight: pulumi.Output<string>;
/**
* Enable/disable traffic shaping on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiTrafficShaping: pulumi.Output<string>;
/**
* Enable/disable Video filtering on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiVideofilter: pulumi.Output<string>;
/**
* Enable/disable Virtual Patching on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiVirtualPatchProfile: pulumi.Output<string>;
/**
* Enable/disable VoIP profiles on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiVoipProfile: pulumi.Output<string>;
/**
* Enable/disable VPN tunnels on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiVpn: pulumi.Output<string>;
/**
* Enable/disable Web Application Firewall on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiWafProfile: pulumi.Output<string>;
/**
* Enable/disable SD-WAN on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiWanLoadBalancing: pulumi.Output<string>;
/**
* Enable/disable WAN Optimization and Web Caching on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiWanoptCache: pulumi.Output<string>;
/**
* Enable/disable Web filtering on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiWebfilter: pulumi.Output<string>;
/**
* Enable/disable advanced web filtering on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiWebfilterAdvanced: pulumi.Output<string>;
/**
* Enable/disable the wireless controller on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiWirelessController: pulumi.Output<string>;
/**
* Enable/disable Zero Trust Network Access features on the GUI. Valid values: `enable`, `disable`.
*/
readonly guiZtna: pulumi.Output<string>;
/**
* Enable/disable H323 direct model. Valid values: `disable`, `enable`.
*/
readonly h323DirectModel: pulumi.Output<string>;
/**
* Offload HTTP traffic to FortiWeb or FortiCache. Valid values: `fortiweb`, `forticache`.
*/
readonly httpExternalDest: pulumi.Output<string>;
/**
* Configure IKE ASN.1 Distinguished Name format conventions. Valid values: `with-space`, `no-space`.
*/
readonly ikeDnFormat: pulumi.Output<string>;
/**
* UDP port for IKE/IPsec traffic in NAT-T mode (default 4500).
*/
readonly ikeNattPort: pulumi.Output<number>;
/**
* Enable/disable IKE Policy Based Routing (PBR). Valid values: `enable`, `disable`.
*/
readonly ikePolicyRoute: pulumi.Output<string>;
/**
* UDP port for IKE/IPsec traffic (default 500).
*/
readonly ikePort: pulumi.Output<number>;
/**
* Enable/disable IKE quick crash detection (RFC 6290). Valid values: `enable`, `disable`.
*/
readonly ikeQuickCrashDetect: pulumi.Output<string>;
/**
* Enable/disable IKEv2 session resumption (RFC 5723). Valid values: `enable`, `disable`.
*/
readonly ikeSessionResume: pulumi.Output<string>;
/**
* TCP port for IKE/IPsec traffic (default 4500).
*/
readonly ikeTcpPort: pulumi.Output<number>;
/**
* Enable/disable implicitly allowing DNS traffic. Valid values: `enable`, `disable`.
*/
readonly implicitAllowDns: pulumi.Output<string>;
/**
* Inspection mode (proxy-based or flow-based). Valid values: `proxy`, `flow`.
*/
readonly inspectionMode: pulumi.Output<string>;
/**
* Maximum number of tuple entries (protocol, port, IP address, application ID) stored by the FortiGate unit (0 - 4294967295, default = 32768). A smaller value limits the FortiGate unit from learning about internet applications.
*/
readonly internetServiceAppCtrlSize: pulumi.Output<number>;
/**
* Enable/disable Internet Service database caching. Valid values: `disable`, `enable`.
*/
readonly internetServiceDatabaseCache: pulumi.Output<string>;
/**
* IP address and netmask.
*/
readonly ip: pulumi.Output<string>;
/**
* IPv6 address prefix for NAT mode.
*/
readonly ip6: pulumi.Output<string>;
/**
* Controller IP address or FQDN to connect.
*/
readonly lanExtensionControllerAddr: pulumi.Output<string>;
/**
* Enable/disable link down access traffic. Valid values: `enable`, `disable`.
*/
readonly linkDownAccess: pulumi.Output<string>;
/**
* Enable/disable Link Layer Discovery Protocol (LLDP) reception for this VDOM or apply global settings to this VDOM. Valid values: `enable`, `disable`, `global`.
*/
readonly lldpReception: pulumi.Output<string>;
/**
* Enable/disable Link Layer Discovery Protocol (LLDP) transmission for this VDOM or apply global settings to this VDOM. Valid values: `enable`, `disable`, `global`.
*/
readonly lldpTransmission: pulumi.Output<string>;
/**
* Local location ID in the form of an IPv4 address.
*/
readonly locationId: pulumi.Output<string>;
/**
* Duration of MAC addresses in Transparent mode (300 - 8640000 sec, default = 300).
*/
readonly macTtl: pulumi.Output<number>;
/**
* Transparent mode IPv4 management IP address and netmask.
*/
readonly manageip: pulumi.Output<string>;
/**
* Transparent mode IPv6 management IP address and netmask.
*/
readonly manageip6: pulumi.Output<string>;
/**
* Enable/disable multicast forwarding. Valid values: `enable`, `disable`.
*/
readonly multicastForward: pulumi.Output<string>;
/**
* Enable/disable allowing multicast traffic through the FortiGate without a policy check. Valid values: `enable`, `disable`.
*/
readonly multicastSkipPolicy: pulumi.Output<string>;
/**
* Enable/disable preventing the FortiGate from changing the TTL for forwarded multicast packets. Valid values: `enable`, `disable`.
*/
readonly multicastTtlNotchange: pulumi.Output<string>;
/**
* Enable/disable mandatory IPv4 packet forwarding in NAT46. Valid values: `enable`, `disable`.
*/
readonly nat46ForceIpv4PacketForwarding: pulumi.Output<string>;
/**
* Enable/disable NAT46 IPv6 fragment header generation. Valid values: `enable`, `disable`.
*/
readonly nat46GenerateIpv6FragmentHeader: pulumi.Output<string>;
/**
* Enable/disable mandatory IPv6 packet forwarding in NAT64. Valid values: `enable`, `disable`.
*/
readonly nat64ForceIpv6PacketForwarding: pulumi.Output<string>;
/**
* Next Generation Firewall (NGFW) mode. Valid values: `profile-based`, `policy-based`.
*/
readonly ngfwMode: pulumi.Output<string>;
/**
* Firewall operation mode (NAT or Transparent). Valid values: `nat`, `transparent`.
*/
readonly opmode: pulumi.Output<string>;
/**
* Enable/disable action to take on PRP trailer. Valid values: `enable`, `disable`.
*/
readonly prpTrailerAction: pulumi.Output<string>;
/**
* TCP port the SCCP proxy monitors for SCCP traffic (0 - 65535, default = 2000).
*/
readonly sccpPort: pulumi.Output<number>;
/**
* Enable/disable SCTP session creation without SCTP INIT. Valid values: `enable`, `disable`.
*/
readonly sctpSessionWithoutInit: pulumi.Output<string>;
/**
* Enable/disable including denied session in the session table. Valid values: `enable`, `disable`.
*/
readonly sesDeniedTraffic: pulumi.Output<string>;
/**
* Enable/disable the SIP kernel session helper to create an expectation for port 5060. Valid values: `enable`, `disable`.
*/
readonly sipExpectation: pulumi.Output<string>;
/**
* Enable/disable the SIP session helper to process SIP sessions unless SIP sessions are accepted by the SIP application layer gateway (ALG). Valid values: `enable`, `disable`.
*/
readonly sipHelper: pulumi.Output<string>;
/**
* Enable/disable recording the original SIP source IP address when NAT is used. Valid values: `enable`, `disable`.
*/
readonly sipNatTrace: pulumi.Output<string>;
/**
* TCP port the SIP proxy monitors for SIP SSL/TLS traffic (0 - 65535, default = 5061).
*/
readonly sipSslPort: pulumi.Output<number>;
/**
* TCP port the SIP proxy monitors for SIP traffic (0 - 65535, default = 5060).
*/
readonly sipTcpPort: pulumi.Output<number>;
/**
* UDP port the SIP proxy monitors for SIP traffic (0 - 65535, default = 5060).
*/
readonly sipUdpPort: pulumi.Output<number>;
/**
* Enable/disable source NAT (SNAT) for hairpin traffic. Valid values: `enable`, `disable`.
*/
readonly snatHairpinTraffic: pulumi.Output<string>;
/**
* Profile for SSL/SSH inspection.
*/
readonly sslSshProfile: pulumi.Output<string>;
/**
* Enable/disable this VDOM. Valid values: `enable`, `disable`.
*/
readonly status: pulumi.Output<string>;
/**
* Enable/disable strict source verification. Valid values: `enable`, `disable`.
*/
readonly strictSrcCheck: pulumi.Output<string>;
/**
* Enable/disable allowing TCP session without SYN flags. Valid values: `enable`, `disable`.
*/
readonly tcpSessionWithoutSyn: pulumi.Output<string>;
/**
* Enable/disable converting antispam tags to UTF-8 for better non-ASCII character support. Valid values: `enable`, `disable`.
*/
readonly utf8SpamTagging: pulumi.Output<string>;
/**
* IPv4 Equal-cost multi-path (ECMP) routing and load balancing mode. Valid values: `source-ip-based`, `weight-based`, `usage-based`, `source-dest-ip-based`.
*/
readonly v4EcmpMode: pulumi.Output<string>;
/**
* VDOM type. On FortiOS versions 7.2.0: traffic or admin. On FortiOS versions >= 7.2.1: traffic, lan-extension or admin.
*/
readonly vdomType: pulumi.Output<string>;
/**
* Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
*/
readonly vdomparam: pulumi.Output<string>;
/**
* Enable/disable periodic VPN log statistics for one or more types of VPN. Separate names with a space. Valid values: `ipsec`, `pptp`, `l2tp`, `ssl`.
*/
readonly vpnStatsLog: pulumi.Output<string>;
/**
* Period to send VPN log statistics (0 or 60 - 86400 sec).
*/
readonly vpnStatsPeriod: pulumi.Output<number>;
/**
* Enable/disable WCCP cache engine. Valid values: `enable`, `disable`.
*/
readonly wccpCacheEngine: pulumi.Output<string>;
/**
* Create a Settings resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args?: SettingsArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Settings resources.
*/
export interface SettingsState {
/**
* Enable/disable link down path. Valid values: `enable`, `disable`.
*/
allowLinkdownPath?: pulumi.Input<string>;
/**
* Enable/disable allowing interface subnets to use overlapping IP addresses. Valid values: `enable`, `disable`.
*/
allowSubnetOverlap?: pulumi.Input<string>;
/**
* Enable/disable application bandwidth tracking. Valid values: `disable`, `enable`.
*/
applicationBandwidthTracking?: pulumi.Input<string>;
/**
* Enable/disable IPv4 asymmetric routing. Valid values: `enable`, `disable`.
*/
asymroute?: pulumi.Input<string>;
/**
* Enable/disable asymmetric IPv6 routing. Valid values: `enable`, `disable`.
*/
asymroute6?: pulumi.Input<string>;
/**
* Enable/disable asymmetric ICMPv6 routing. Valid values: `enable`, `disable`.
*/
asymroute6Icmp?: pulumi.Input<string>;
/**
* Enable/disable ICMP asymmetric routing. Valid values: `enable`, `disable`.
*/
asymrouteIcmp?: pulumi.Input<string>;
/**
* Enable/disable auxiliary session. Valid values: `enable`, `disable`.
*/
auxiliarySession?: pulumi.Input<string>;
/**
* Enable/disable Bi-directional Forwarding Detection (BFD) on all interfaces. Valid values: `enable`, `disable`.
*/
bfd?: pulumi.Input<string>;
/**
* BFD desired minimal transmit interval (1 - 100000 ms). On FortiOS versions 6.2.0-6.4.15: default = 50. On FortiOS versions >= 7.0.0: default = 250.
*/
bfdDesiredMinTx?: pulumi.Input<number>;
/**
* BFD detection multiplier (1 - 50, default = 3).
*/
bfdDetectMult?: pulumi.Input<number>;
/**
* Enable to not enforce verifying the source port of BFD Packets. Valid values: `enable`, `disable`.
*/
bfdDontEnforceSrcPort?: pulumi.Input<string>;
/**
* BFD required minimal receive interval (1 - 100000 ms). On FortiOS versions 6.2.0-6.4.15: default = 50. On FortiOS versions >= 7.0.0: default = 250.
*/
bfdRequiredMinRx?: pulumi.Input<number>;
/**
* Enable/disable blocking of land attacks. Valid values: `disable`, `enable`.
*/
blockLandAttack?: pulumi.Input<string>;
/**
* Enable/disable central NAT. Valid values: `enable`, `disable`.
*/
centralNat?: pulumi.Input<string>;
/**
* VDOM comments.
*/
comments?: pulumi.Input<string>;
/**
* Enable/disable PCI DSS compliance checking. Valid values: `enable`, `disable`.
*/
complianceCheck?: pulumi.Input<string>;
/**
* Consolidated firewall mode.
*/
consolidatedFirewallMode?: pulumi.Input<string>;
/**
* Enable/disable policy service enforcement based on application default ports. Valid values: `enable`, `disable`.
*/
defaultAppPortAsService?: pulumi.Input<string>;
/**
* Default policy expiry in days (0 - 365 days, default = 30).
*/
defaultPolicyExpiryDays?: pulumi.Input<number>;
/**
* Configure how the FortiGate handles VoIP traffic when a policy that accepts the traffic doesn't include a VoIP profile. Valid values: `proxy-based`, `kernel-helper-based`.
*/
defaultVoipAlgMode?: pulumi.Input<string>;
/**
* Enable/disable denying TCP by sending an ICMP communication prohibited packet. Valid values: `enable`, `disable`.
*/
denyTcpWithIcmp?: pulumi.Input<string>;
/**
* Enable/disable detection of unknown ESP packets (default = enable). Valid values: `enable`, `disable`.
*/
detectUnknownEsp?: pulumi.Input<string>;
/**
* Interface to use for management access for NAT mode.
*/
device?: pulumi.Input<string>;
/**
* DHCPv6 server IPv6 address.
*/
dhcp6ServerIp?: pulumi.Input<string>;
/**
* Enable/disable the DHCP Proxy. Valid values: `enable`, `disable`.
*/
dhcpProxy?: pulumi.Input<string>;
/**
* Specify outgoing interface to reach server.
*/
dhcpProxyInterface?: pulumi.Input<string>;
/**
* Specify how to select outgoing interface to reach server. Valid values: `auto`, `sdwan`, `specify`.
*/
dhcpProxyInterfaceSelectMethod?: pulumi.Input<string>;
/**
* DHCP Server IPv4 address.
*/
dhcpServerIp?: pulumi.Input<string>;
/**
* Timeout for discovered devices (1 - 365 days, default = 28).
*/
discoveredDeviceTimeout?: pulumi.Input<number>;
/**
* Enable/disable dirty session check caused by dynamic address updates. Valid values: `enable`, `disable`.
*/
dynAddrSessionCheck?: pulumi.Input<string>;
/**
* Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
*/
dynamicSortSubtable?: pulumi.Input<string>;
/**
* Maximum number of Equal Cost Multi-Path (ECMP) next-hops. Set to 1 to disable ECMP routing. On FortiOS versions 6.2.0: 1 - 100, default = 10. On FortiOS versions >= 6.2.4: 1 - 255, default = 255.
*/
ecmpMaxPaths?: pulumi.Input<number>;
/**
* Enable/disable using DNS to validate email addresses collected by a captive portal. Valid values: `disable`, `enable`.
*/
emailPortalCheckDns?: pulumi.Input<string>;
/**
* Enable/disable dirty session check caused by external resource updates. Valid values: `enable`, `disable`.
*/
extResourceSessionCheck?: pulumi.Input<string>;
/**
* Select how to manage sessions affected by firewall policy configuration changes. Valid values: `check-all`, `check-new`, `check-policy-option`.
*/
firewallSessionDirty?: pulumi.Input<string>;
/**
* Enable/disable dirty session check caused by FQDN updates. Valid values: `enable`, `disable`.
*/
fqdnSessionCheck?: pulumi.Input<string>;
/**
* Enable/disable checking for a matching policy each time hairpin traffic goes through the FortiGate. Valid values: `enable`, `disable`.
*/
fwSessionHairpin?: pulumi.Input<string>;
/**
* Transparent mode IPv4 default gateway IP address.
*/
gateway?: pulumi.Input<string>;
/**
* Transparent mode IPv4 default gateway IP address.
*/
gateway6?: pulumi.Input<string>;
/**
* Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
*/
getAllTables?: pulumi.Input<string>;
/**
* Enable/disable advanced policy configuration on the GUI. Valid values: `enable`, `disable`.
*/
guiAdvancedPolicy?: pulumi.Input<string>;
/**
* Enable/disable advanced wireless features in GUI. Valid values: `enable`, `disable`.
*/
guiAdvancedWirelessFeatures?: pulumi.Input<string>;
/**
* Enable/disable the requirement for policy naming on the GUI. Valid values: `enable`, `disable`.
*/
guiAllowUnnamedPolicy?: pulumi.Input<string>;
/**
* Enable/disable AntiVirus on the GUI. Valid values: `enable`, `disable`.
*/
guiAntivirus?: pulumi.Input<string>;
/**
* Enable/disable FortiAP profiles on the GUI. Valid values: `enable`, `disable`.
*/
guiApProfile?: pulumi.Input<string>;
/**
* Enable/disable application control on the GUI. Valid values: `enable`, `disable`.
*/
guiApplicationControl?: pulumi.Input<string>;
/**
* Enable/disable Inline-CASB on the GUI. Valid values: `enable`, `disable`.
*/
guiCasb?: pulumi.Input<string>;
/**
* Default columns to display for policy lists on GUI. The structure of `guiDefaultPolicyColumns` block is documented below.
*/
guiDefaultPolicyColumns?: pulumi.Input<pulumi.Input<inputs.system.SettingsGuiDefaultPolicyColumn>[]>;
/**
* Enable/disable advanced DHCP options on the GUI. Valid values: `enable`, `disable`.
*/
guiDhcpAdvanced?: pulumi.Input<string>;
/**
* Enable/disable DLP on the GUI. Valid values: `enable`, `disable`.
*/
guiDlp?: pulumi.Input<string>;
/**
* Enable/disable Data Leak Prevention on the GUI. Valid values: `enable`, `disable`.
*/
guiDlpProfile?: pulumi.Input<string>;
/**
* Enable/disable DNS database settings on the GUI. Valid values: `enable`, `disable`.
*/
guiDnsDatabase?: pulumi.Input<string>;
/**
* Enable/disable DNS Filtering on the GUI. Valid values: `enable`, `disable`.
*/
guiDnsfilter?: pulumi.Input<string>;
/**
* Enable/disable Domain and IP Reputation on the GUI. Valid values: `enable`, `disable`.
*/
guiDomainIpReputation?: pulumi.Input<string>;
/**
* Enable/disable DoS policies on the GUI. Valid values: `enable`, `disable`.
*/
guiDosPolicy?: pulumi.Input<string>;
/**
* Enable/disable Create dynamic addresses to manage known devices. Valid values: `enable`, `disable`.
*/
guiDynamicDeviceOsId?: pulumi.Input<string>;
/**
* Enable/disable RADIUS Single Sign On (RSSO) on the GUI. Valid values: `enable`, `disable`.
*/
guiDynamicProfileDisplay?: pulumi.Input<string>;
/**
* Enable/disable dynamic routing on the GUI. Valid values: `enable`, `disable`.
*/
guiDynamicRouting?: pulumi.Input<string>;
/**
* Enable/disable email collection on the GUI. Valid values: `enable`, `disable`.
*/
guiEmailCollection?: pulumi.Input<string>;
/**
* Enable/disable endpoint control on the GUI. Valid values: `enable`, `disable`.
*/
guiEndpointControl?: pulumi.Input<string>;
/**
* Enable/disable advanced endpoint control options on the GUI. Valid values: `enable`, `disable`.
*/
guiEndpointControlAdvanced?: pulumi.Input<string>;
/**
* Enforce change summaries for select tables in the GUI. Valid values: `disable`, `require`, `optional`.
*/
guiEnforceChangeSummary?: pulumi.Input<string>;
/**
* Enable/disable the explicit proxy on the GUI. Valid values: `enable`, `disable`.
*/
guiExplicitProxy?: pulumi.Input<string>;
/**
* Enable/disable File-filter on the GUI. Valid values: `enable`, `disable`.
*/
guiFileFilter?: pulumi.Input<string>;
/**
* Enable/disable FortiAP split tunneling on the GUI. Valid values: `enable`, `disable`.
*/
guiFortiapSplitTunneling?: pulumi.Input<string>;
/**
* Enable/disable FortiExtender on the GUI. Valid values: `enable`, `disable`.
*/
guiFortiextenderController?: pulumi.Input<string>;
/**
* Enable/disable ICAP on the GUI. Valid values: `enable`, `disable`.
*/
guiIcap?: pulumi.Input<string>;
/**
* Enable/disable implicit firewall policies on the GUI. Valid values: `enable`, `disable`.
*/
guiImplicitPolicy?: pulumi.Input<string>;
/**
* Enable/disable IPS on the GUI. Valid values: `enable`, `disable`.
*/
guiIps?: pulumi.Input<string>;
/**
* Enable/disable server load balancing on the GUI. Valid values: `enable`, `disable`.
*/
guiLoadBalance?: pulumi.Input<string>;
/**
* Enable/disable Local-In policies on the GUI. Valid values: `enable`, `disable`.
*/
guiLocalInPolicy?: pulumi.Input<string>;
/**
* Enable/disable local reports on the GUI. Valid values: `enable`, `disable`.
*/
guiLocalReports?: pulumi.Input<string>;
/**
* Enable/disable multicast firewall policies on the GUI. Valid values: `enable`, `disable`.
*/
guiMulticastPolicy?: pulumi.Input<string>;
/**
* Enable/disable adding multiple interfaces to a policy on the GUI. Valid values: `enable`, `disable`.
*/
guiMultipleInterfacePolicy?: pulumi.Input<string>;
/**
* Enable/disable multiple UTM profiles on the GUI. Valid values: `enable`, `disable`.
*/
guiMultipleUtmProfiles?: pulumi.Input<string>;
/**
* Enable/disable NAT46 and NAT64 settings on the GUI. Valid values: `enable`, `disable`.
*/
guiNat4664?: pulumi.Input<string>;
/**
* Enable/disable object colors on the GUI. Valid values: `enable`, `disable`.
*/
guiObjectColors?: pulumi.Input<string>;
/**
* Enable/disable Show Operational Technology Purdue Model. Valid values: `enable`, `disable`.
*/
guiOt?: pulumi.Input<string>;
/**
* Enable/disable policy disclaimer on the GUI. Valid values: `enable`, `disable`.
*/
guiPerPolicyDisclaimer?: pulumi.Input<string>;
/**
* Enable/disable policy-based IPsec VPN on the GUI. Valid values: `enable`, `disable`.
*/
guiPolicyBasedIpsec?: pulumi.Input<string>;
/**
* Enable/disable policy disclaimer on the GUI. Valid values: `enable`, `disable`.
*/
guiPolicyDisclaimer?: pulumi.Input<string>;
/**
* Enable/disable firewall policy learning mode on the GUI. Valid values: `enable`, `disable`.
*/
guiPolicyLearning?: pulumi.Input<string>;
/**
* Enable/disable the proxy features on the GUI. Valid values: `enable`, `disable`.
*/
guiProxyInspection?: pulumi.Input<string>;
/**
* Enable/disable replacement message groups on the GUI. Valid values: `enable`, `disable`.
*/
guiReplacementMessageGroups?: pulumi.Input<string>;
/**
* Enable/disable route-tag addresses on the GUI. Valid values: `enable`, `disable`.
*/
guiRouteTagAddressCreation?: pulumi.Input<string>;
/**
* Enable/disable Security Profile Groups on the GUI. Valid values: `enable`, `disable`.
*/
guiSecurityProfileGroup?: pulumi.Input<string>;
/**
* Enable/disable Antispam on the GUI. Valid values: `enable`, `disable`.
*/
guiSpamfilter?: pulumi.Input<string>;
/**
* Enable/disable SSL-VPN settings pages on the GUI. Valid values: `enable`, `disable`.
*/
guiSslvpn?: pulumi.Input<string>;
/**
* Enable/disable SSL-VPN personal bookmark management on the GUI. Valid values: `enable`, `disable`.
*/
guiSslvpnPersonalBookmarks?: pulumi.Input<string>;
/**
* Enable/disable SSL-VPN realms on the GUI. Valid values: `enable`, `disable`.
*/
guiSslvpnRealms?: pulumi.Input<string>;
/**
* Enable/disable the switch controller on the GUI. Valid values: `enable`, `disable`.
*/
guiSwitchController?: pulumi.Input<string>;
/**
* Enable/disable threat weight on the GUI. Valid values: `enable`, `disable`.
*/
guiThreatWeight?: pulumi.Input<string>;
/**
* Enable/disable traffic shaping on the GUI. Valid values: `enable`, `disable`.
*/
guiTrafficShaping?: pulumi.Input<string>;
/**
* Enable/disable Video filtering on the GUI. Valid values: `enable`, `disable`.
*/
guiVideofilter?: pulumi.Input<string>;
/**
* Enable/disable Virtual Patching on the GUI. Valid values: `enable`, `disable`.
*/
guiVirtualPatchProfile?: pulumi.Input<string>;
/**
* Enable/disable VoIP profiles on the GUI. Valid values: `enable`, `disable`.
*/
guiVoipProfile?: pulumi.Input<string>;
/**
* Enable/disable VPN tunnels on the GUI. Valid values: `enable`, `disable`.
*/
guiVpn?: pulumi.Input<string>;
/**
* Enable/disable Web Application Firewall on the GUI. Valid values: `enable`, `disable`.
*/
guiWafProfile?: pulumi.Input<string>;
/**
* Enable/disable SD-WAN on the GUI. Valid values: `enable`, `disable`.
*/
guiWanLoadBalancing?: pulumi.Input<string>;
/**
* Enable/disable WAN Optimization and Web Caching on the GUI. Valid values: `enable`, `disable`.
*/
guiWanoptCache?: pulumi.Input<string>;
/**
* Enable/disable Web filtering on the GUI. Valid values: `enable`, `disable`.
*/
guiWebfilter?: pulumi.Input<string>;
/**
* Enable/disable advanced web filtering on the GUI. Valid values: `enable`, `disable`.
*/
guiWebfilterAdvanced?: pulumi.Input<string>;
/**
* Enable/disable the wireless controller on the GUI. Valid values: `enable`, `disable`.
*/
guiWirelessController?: pulumi.Input<string>;
/**
* Enable/disable Zero Trust Network Access features on the GUI. Valid values: `enable`, `disable`.
*/
guiZtna?: pulumi.Input<string>;
/**
* Enable/disable H323 direct model. Valid values: `disable`, `enable`.
*/
h323DirectModel?: pulumi.Input<string>;
/**
* Offload HTTP traffic to FortiWeb or FortiCache. Valid values: `fortiweb`, `forticache`.
*/
httpExternalDest?: pulumi.Input<string>;
/**
* Configure IKE ASN.1 Distinguished Name format conventions. Valid values: `with-space`, `no-space`.
*/
ikeDnFormat?: pulumi.Input<string>;
/**
* UDP port for IKE/IPsec traffic in NAT-T mode (default 4500).
*/
ikeNattPort?: pulumi.Input<number>;
/**
* Enable/disable IKE Policy Based Routing (PBR). Valid values: `enable`, `disable`.
*/
ikePolicyRoute?: pulumi.Input<string>;
/**
* UDP port for IKE/IPsec traffic (default 500).
*/
ikePort?: pulumi.Input<number>;
/**
* Enable/disable IKE quick crash detection (RFC 6290). Valid values: `enable`, `disable`.
*/
ikeQuickCrashDetect?: pulumi.Input<string>;
/**
* Enable/disable IKEv2 session resumption (RFC 5723). Valid values: `enable`, `disable`.
*/
ikeSessionResume?: pulumi.Input<string>;
/**
* TCP port for IKE/IPsec traffic (default 4500).
*/
ikeTcpPort?: pulumi.Input<number>;
/**
* Enable/disable implicitly allowing DNS traffic. Valid values: `enable`, `disable`.
*/
implicitAllowDns?: pulumi.Input<string>;
/**
* Inspection mode (proxy-based or flow-based). Valid values: `proxy`, `flow`.
*/
inspectionMode?: pulumi.Input<string>;
/**
* Maximum number of tuple entries (protocol, port, IP address, application ID) stored by the FortiGate unit (0 - 4294967295, default = 32768). A smaller value limits the FortiGate unit from learning about internet applications.
*/
internetServiceAppCtrlSize?: pulumi.Input<number>;
/**
* Enable/disable Internet Service database caching. Valid values: `disable`, `enable`.
*/
internetServiceDatabaseCache?: pulumi.Input<string>;
/**
* IP address and netmask.
*/
ip?: pulumi.Input<string>;
/**
* IPv6 address prefix for NAT mode.
*/
ip6?: pulumi.Input<string>;
/**
* Controller IP address or FQDN to connect.
*/
lanExtensionControllerAddr?: pulumi.Input<string>;
/**
* Enable/disable link down access traffic. Valid values: `enable`, `disable`.
*/
linkDownAccess?: pulumi.Input<string>;
/**
* Enable/disable Link Layer Discovery Protocol (LLDP) reception for this VDOM or apply global settings to this VDOM. Valid values: `enable`, `disable`, `global`.
*/
lldpReception?: pulumi.Input<string>;
/**
* Enable/disable Link Layer Discovery Protocol (LLDP) transmission for this VDOM or apply global settings to this VDOM. Valid values: `enable`, `disable`, `global`.
*/
lldpTransmission?: pulumi.Input<string>;
/**
* Local location ID in the form of an IPv4 address.
*/
locationId?: pulumi.Input<string>;
/**
* Duration of MAC addresses in Transparent mode (300 - 8640000 sec, default = 300).
*/
macTtl?: pulumi.Input<number>;
/**
* Transparent mode IPv4 management IP address and netmask.
*/
manageip?: pulumi.Input<string>;
/**
* Transparent mode IPv6 management IP address and netmask.
*/
manageip6?: pulumi.Input<string>;
/**
* Enable/disable multicast forwarding. Valid values: `enable`, `disable`.
*/
multicastForward?: pulumi.Input<string>;
/**
* Enable/disable allowing multicast traffic through the FortiGate without a policy check. Valid values: `enable`, `disable`.
*/
multicastSkipPolicy?: pulumi.Input<string>;
/**
* Enable/disable preventing the FortiGate from changing the TTL for forwarded multicast packets. Valid values: `enable`, `disable`.
*/
multicastTtlNotchange?: pulumi.Input<string>;
/**
* Enable/disable mandatory IPv4 packet forwarding in NAT46. Valid values: `enable`, `disable`.
*/
nat46ForceIpv4PacketForwarding?: pulumi.Input<string>;
/**
* Enable/disable NAT46 IPv6 fragment header generation. Valid values: `enable`, `disable`.
*/
nat46GenerateIpv6FragmentHeader?: pulumi.Input<string>;
/**
* Enable/disable mandatory IPv6 packet forwarding in NAT64. Valid values: `enable`, `disable`.
*/
nat64ForceIpv6PacketForwarding?: pulumi.Input<string>;
/**
* Next Generation Firewall (NGFW) mode. Valid values: `profile-based`, `policy-based`.
*/