Fortios v0.0.5, Apr 9 24

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

fortios.vpn/ssl.getSettings

Explore with Pulumi AI

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

Using getSettings

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSettings(args: GetSettingsArgs, opts?: InvokeOptions): Promise<GetSettingsResult>
function getSettingsOutput(args: GetSettingsOutputArgs, opts?: InvokeOptions): Output<GetSettingsResult>

def get_settings(vdomparam: Optional[str] = None,
                 opts: Optional[InvokeOptions] = None) -> GetSettingsResult
def get_settings_output(vdomparam: Optional[pulumi.Input[str]] = None,
                 opts: Optional[InvokeOptions] = None) -> Output[GetSettingsResult]

func LookupSettings(ctx *Context, args *LookupSettingsArgs, opts ...InvokeOption) (*LookupSettingsResult, error)
func LookupSettingsOutput(ctx *Context, args *LookupSettingsOutputArgs, opts ...InvokeOption) LookupSettingsResultOutput

> Note: This function is named LookupSettings in the Go SDK.

public static class GetSettings 
{
    public static Task<GetSettingsResult> InvokeAsync(GetSettingsArgs args, InvokeOptions? opts = null)
    public static Output<GetSettingsResult> Invoke(GetSettingsInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSettingsResult> getSettings(GetSettingsArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: fortios:vpn/ssl/getSettings:getSettings
  arguments:
    # arguments dictionary

The following arguments are supported:

Vdomparam string: Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Vdomparam string: Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

vdomparam String: Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

vdomparam string: Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

vdomparam str: Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

vdomparam String: Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

getSettings Result

The following output properties are available:

Algorithm string: Force the SSL-VPN security level. High allows only high. Medium allows medium and high. Low allows any.
AuthSessionCheckSourceIp string: Enable/disable checking of source IP for authentication session.
AuthTimeout int: SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout).
AuthenticationRules List<Pulumiverse.Fortios.Vpn.Ssl.Outputs.GetSettingsAuthenticationRule>: Authentication rule for SSL VPN. The structure of authentication_rule block is documented below.
AutoTunnelStaticRoute string: Enable to auto-create static routes for the SSL-VPN tunnel IP addresses.
BannedCipher string: Select one or more cipher technologies that cannot be used in SSL-VPN negotiations.
BrowserLanguageDetection string: Enable/disable overriding the configured system language based on the preferred language of the browser.
CheckReferer string: Enable/disable verification of referer field in HTTP request header.
Ciphersuite string: Select one or more TLS 1.3 ciphersuites to enable. Does not affect ciphers in TLS 1.2 and below. At least one must be enabled. To disable all, set ssl-max-proto-ver to tls1-2 or below.
ClientSigalgs string: Set signature algorithms related to client authentication. Affects TLS version <= 1.2 only.
DefaultPortal string: Default SSL VPN portal.
DeflateCompressionLevel int: Compression level (0~9).
DeflateMinDataSize int: Minimum amount of data that triggers compression (200 - 65535 bytes).
DnsServer1 string: DNS server 1.
DnsServer2 string: DNS server 2.
DnsSuffix string: DNS suffix used for SSL-VPN clients.
DtlsHeartbeatFailCount int: Number of missing heartbeats before the connection is considered dropped.
DtlsHeartbeatIdleTimeout int: Idle timeout before DTLS heartbeat is sent.
DtlsHeartbeatInterval int: Interval between DTLS heartbeat.
DtlsHelloTimeout int: SSLVPN maximum DTLS hello timeout (10 - 60 sec, default = 10).
DtlsMaxProtoVer string: DTLS maximum protocol version.
DtlsMinProtoVer string: DTLS minimum protocol version.
DtlsTunnel string: Enable DTLS to prevent eavesdropping, tampering, or message forgery.
DualStackMode string: Tunnel mode: enable parallel IPv4 and IPv6 tunnel. Web mode: support IPv4 and IPv6 bookmarks in the portal.
Encode2fSequence string: Encode \2F sequence to forward slash in URLs.
EncryptAndStorePassword string: Encrypt and store user passwords for SSL-VPN web sessions.
ForceTwoFactorAuth string: Enable to force two-factor authentication for all SSL-VPNs.
HeaderXForwardedFor string: Forward the same, add, or remove HTTP header.
HstsIncludeSubdomains string: Add HSTS includeSubDomains response header.
HttpCompression string: Enable to allow HTTP compression over SSL-VPN tunnels.
HttpOnlyCookie string: Enable/disable SSL-VPN support for HttpOnly cookies.
HttpRequestBodyTimeout int: SSL-VPN session is disconnected if an HTTP request body is not received within this time (1 - 60 sec, default = 20).
HttpRequestHeaderTimeout int: SSL-VPN session is disconnected if an HTTP request header is not received within this time (1 - 60 sec, default = 20).
HttpsRedirect string: Enable/disable redirect of port 80 to SSL-VPN port.
Id string: The provider-assigned unique ID for this managed resource.
IdleTimeout int: SSL VPN disconnects if idle for specified time in seconds.
Ipv6DnsServer1 string: IPv6 DNS server 1.
Ipv6DnsServer2 string: IPv6 DNS server 2.
Ipv6WinsServer1 string: IPv6 WINS server 1.
Ipv6WinsServer2 string: IPv6 WINS server 2.
LoginAttemptLimit int: SSL VPN maximum login attempt times before block (0 - 10, default = 2, 0 = no limit).
LoginBlockTime int: Time for which a user is blocked from logging in after too many failed login attempts (0 - 86400 sec, default = 60).
LoginTimeout int: SSLVPN maximum login timeout (10 - 180 sec, default = 30).
Port int: SSL-VPN access port (1 - 65535).
PortPrecedence string: Enable means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface.
Reqclientcert string: Enable to require client certificates for all SSL-VPN users.
RouteSourceInterface string: Enable to allow SSL-VPN sessions to bypass routing and bind to the incoming interface.
SamlRedirectPort int: SAML local redirect port in the machine running FCT (0 - 65535). 0 is to disable redirection on FGT side.
ServerHostname string: Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.
Servercert string: Name of the server certificate to be used for SSL-VPNs.
SourceAddress6Negate string: Enable/disable negated source IPv6 address match.
SourceAddress6s List<Pulumiverse.Fortios.Vpn.Ssl.Outputs.GetSettingsSourceAddress6>: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
SourceAddressNegate string: Enable/disable negated source address match.
SourceAddresses List<Pulumiverse.Fortios.Vpn.Ssl.Outputs.GetSettingsSourceAddress>: Source address of incoming traffic. The structure of source_address block is documented below.
SourceInterfaces List<Pulumiverse.Fortios.Vpn.Ssl.Outputs.GetSettingsSourceInterface>: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
SslClientRenegotiation string: Enable to allow client renegotiation by the server if the tunnel goes down.
SslInsertEmptyFragment string: Enable/disable insertion of empty fragment.
SslMaxProtoVer string: SSL maximum protocol version.
SslMinProtoVer string: SSL minimum protocol version.
Status string: Enable/disable SSL-VPN.
Tlsv10 string: Enable/disable TLSv1.0.
Tlsv11 string: Enable/disable TLSv1.1.
Tlsv12 string: Enable/disable TLSv1.2.
Tlsv13 string: Enable/disable TLSv1.3.
TransformBackwardSlashes string: Transform backward slashes to forward slashes in URLs.
TunnelAddrAssignedMethod string: Method used for assigning address for tunnel.
TunnelConnectWithoutReauth string: Enable/disable tunnel connection without re-authorization if previous connection dropped.
TunnelIpPools List<Pulumiverse.Fortios.Vpn.Ssl.Outputs.GetSettingsTunnelIpPool>: Names of the IPv4 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ip_pools block is documented below.
TunnelIpv6Pools List<Pulumiverse.Fortios.Vpn.Ssl.Outputs.GetSettingsTunnelIpv6Pool>: Names of the IPv6 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ipv6_pools block is documented below.
TunnelUserSessionTimeout int: Time out value to clean up user session after tunnel connection is dropped (1 - 255 sec, default=30).
UnsafeLegacyRenegotiation string: Enable/disable unsafe legacy re-negotiation.
UrlObscuration string: Enable to obscure the host name of the URL of the web browser display.
UserPeer string: Name of user peer.
WebModeSnat string: Enable/disable use of IP pools defined in firewall policy while using web-mode.
WinsServer1 string: WINS server 1.
WinsServer2 string: WINS server 2.
XContentTypeOptions string: Add HTTP X-Content-Type-Options header.
ZtnaTrustedClient string: Enable/disable verification of device certificate for SSLVPN ZTNA session.
Vdomparam string

Algorithm string: Force the SSL-VPN security level. High allows only high. Medium allows medium and high. Low allows any.
AuthSessionCheckSourceIp string: Enable/disable checking of source IP for authentication session.
AuthTimeout int: SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout).
AuthenticationRules []GetSettingsAuthenticationRule: Authentication rule for SSL VPN. The structure of authentication_rule block is documented below.
AutoTunnelStaticRoute string: Enable to auto-create static routes for the SSL-VPN tunnel IP addresses.
BannedCipher string: Select one or more cipher technologies that cannot be used in SSL-VPN negotiations.
BrowserLanguageDetection string: Enable/disable overriding the configured system language based on the preferred language of the browser.
CheckReferer string: Enable/disable verification of referer field in HTTP request header.
Ciphersuite string: Select one or more TLS 1.3 ciphersuites to enable. Does not affect ciphers in TLS 1.2 and below. At least one must be enabled. To disable all, set ssl-max-proto-ver to tls1-2 or below.
ClientSigalgs string: Set signature algorithms related to client authentication. Affects TLS version <= 1.2 only.
DefaultPortal string: Default SSL VPN portal.
DeflateCompressionLevel int: Compression level (0~9).
DeflateMinDataSize int: Minimum amount of data that triggers compression (200 - 65535 bytes).
DnsServer1 string: DNS server 1.
DnsServer2 string: DNS server 2.
DnsSuffix string: DNS suffix used for SSL-VPN clients.
DtlsHeartbeatFailCount int: Number of missing heartbeats before the connection is considered dropped.
DtlsHeartbeatIdleTimeout int: Idle timeout before DTLS heartbeat is sent.
DtlsHeartbeatInterval int: Interval between DTLS heartbeat.
DtlsHelloTimeout int: SSLVPN maximum DTLS hello timeout (10 - 60 sec, default = 10).
DtlsMaxProtoVer string: DTLS maximum protocol version.
DtlsMinProtoVer string: DTLS minimum protocol version.
DtlsTunnel string: Enable DTLS to prevent eavesdropping, tampering, or message forgery.
DualStackMode string: Tunnel mode: enable parallel IPv4 and IPv6 tunnel. Web mode: support IPv4 and IPv6 bookmarks in the portal.
Encode2fSequence string: Encode \2F sequence to forward slash in URLs.
EncryptAndStorePassword string: Encrypt and store user passwords for SSL-VPN web sessions.
ForceTwoFactorAuth string: Enable to force two-factor authentication for all SSL-VPNs.
HeaderXForwardedFor string: Forward the same, add, or remove HTTP header.
HstsIncludeSubdomains string: Add HSTS includeSubDomains response header.
HttpCompression string: Enable to allow HTTP compression over SSL-VPN tunnels.
HttpOnlyCookie string: Enable/disable SSL-VPN support for HttpOnly cookies.
HttpRequestBodyTimeout int: SSL-VPN session is disconnected if an HTTP request body is not received within this time (1 - 60 sec, default = 20).
HttpRequestHeaderTimeout int: SSL-VPN session is disconnected if an HTTP request header is not received within this time (1 - 60 sec, default = 20).
HttpsRedirect string: Enable/disable redirect of port 80 to SSL-VPN port.
Id string: The provider-assigned unique ID for this managed resource.
IdleTimeout int: SSL VPN disconnects if idle for specified time in seconds.
Ipv6DnsServer1 string: IPv6 DNS server 1.
Ipv6DnsServer2 string: IPv6 DNS server 2.
Ipv6WinsServer1 string: IPv6 WINS server 1.
Ipv6WinsServer2 string: IPv6 WINS server 2.
LoginAttemptLimit int: SSL VPN maximum login attempt times before block (0 - 10, default = 2, 0 = no limit).
LoginBlockTime int: Time for which a user is blocked from logging in after too many failed login attempts (0 - 86400 sec, default = 60).
LoginTimeout int: SSLVPN maximum login timeout (10 - 180 sec, default = 30).
Port int: SSL-VPN access port (1 - 65535).
PortPrecedence string: Enable means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface.
Reqclientcert string: Enable to require client certificates for all SSL-VPN users.
RouteSourceInterface string: Enable to allow SSL-VPN sessions to bypass routing and bind to the incoming interface.
SamlRedirectPort int: SAML local redirect port in the machine running FCT (0 - 65535). 0 is to disable redirection on FGT side.
ServerHostname string: Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.
Servercert string: Name of the server certificate to be used for SSL-VPNs.
SourceAddress6Negate string: Enable/disable negated source IPv6 address match.
SourceAddress6s []GetSettingsSourceAddress6: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
SourceAddressNegate string: Enable/disable negated source address match.
SourceAddresses []GetSettingsSourceAddress: Source address of incoming traffic. The structure of source_address block is documented below.
SourceInterfaces []GetSettingsSourceInterface: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
SslClientRenegotiation string: Enable to allow client renegotiation by the server if the tunnel goes down.
SslInsertEmptyFragment string: Enable/disable insertion of empty fragment.
SslMaxProtoVer string: SSL maximum protocol version.
SslMinProtoVer string: SSL minimum protocol version.
Status string: Enable/disable SSL-VPN.
Tlsv10 string: Enable/disable TLSv1.0.
Tlsv11 string: Enable/disable TLSv1.1.
Tlsv12 string: Enable/disable TLSv1.2.
Tlsv13 string: Enable/disable TLSv1.3.
TransformBackwardSlashes string: Transform backward slashes to forward slashes in URLs.
TunnelAddrAssignedMethod string: Method used for assigning address for tunnel.
TunnelConnectWithoutReauth string: Enable/disable tunnel connection without re-authorization if previous connection dropped.
TunnelIpPools []GetSettingsTunnelIpPool: Names of the IPv4 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ip_pools block is documented below.
TunnelIpv6Pools []GetSettingsTunnelIpv6Pool: Names of the IPv6 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ipv6_pools block is documented below.
TunnelUserSessionTimeout int: Time out value to clean up user session after tunnel connection is dropped (1 - 255 sec, default=30).
UnsafeLegacyRenegotiation string: Enable/disable unsafe legacy re-negotiation.
UrlObscuration string: Enable to obscure the host name of the URL of the web browser display.
UserPeer string: Name of user peer.
WebModeSnat string: Enable/disable use of IP pools defined in firewall policy while using web-mode.
WinsServer1 string: WINS server 1.
WinsServer2 string: WINS server 2.
XContentTypeOptions string: Add HTTP X-Content-Type-Options header.
ZtnaTrustedClient string: Enable/disable verification of device certificate for SSLVPN ZTNA session.
Vdomparam string

algorithm String: Force the SSL-VPN security level. High allows only high. Medium allows medium and high. Low allows any.
authSessionCheckSourceIp String: Enable/disable checking of source IP for authentication session.
authTimeout Integer: SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout).
authenticationRules List<GetSettingsAuthenticationRule>: Authentication rule for SSL VPN. The structure of authentication_rule block is documented below.
autoTunnelStaticRoute String: Enable to auto-create static routes for the SSL-VPN tunnel IP addresses.
bannedCipher String: Select one or more cipher technologies that cannot be used in SSL-VPN negotiations.
browserLanguageDetection String: Enable/disable overriding the configured system language based on the preferred language of the browser.
checkReferer String: Enable/disable verification of referer field in HTTP request header.
ciphersuite String: Select one or more TLS 1.3 ciphersuites to enable. Does not affect ciphers in TLS 1.2 and below. At least one must be enabled. To disable all, set ssl-max-proto-ver to tls1-2 or below.
clientSigalgs String: Set signature algorithms related to client authentication. Affects TLS version <= 1.2 only.
defaultPortal String: Default SSL VPN portal.
deflateCompressionLevel Integer: Compression level (0~9).
deflateMinDataSize Integer: Minimum amount of data that triggers compression (200 - 65535 bytes).
dnsServer1 String: DNS server 1.
dnsServer2 String: DNS server 2.
dnsSuffix String: DNS suffix used for SSL-VPN clients.
dtlsHeartbeatFailCount Integer: Number of missing heartbeats before the connection is considered dropped.
dtlsHeartbeatIdleTimeout Integer: Idle timeout before DTLS heartbeat is sent.
dtlsHeartbeatInterval Integer: Interval between DTLS heartbeat.
dtlsHelloTimeout Integer: SSLVPN maximum DTLS hello timeout (10 - 60 sec, default = 10).
dtlsMaxProtoVer String: DTLS maximum protocol version.
dtlsMinProtoVer String: DTLS minimum protocol version.
dtlsTunnel String: Enable DTLS to prevent eavesdropping, tampering, or message forgery.
dualStackMode String: Tunnel mode: enable parallel IPv4 and IPv6 tunnel. Web mode: support IPv4 and IPv6 bookmarks in the portal.
encode2fSequence String: Encode \2F sequence to forward slash in URLs.
encryptAndStorePassword String: Encrypt and store user passwords for SSL-VPN web sessions.
forceTwoFactorAuth String: Enable to force two-factor authentication for all SSL-VPNs.
headerXForwardedFor String: Forward the same, add, or remove HTTP header.
hstsIncludeSubdomains String: Add HSTS includeSubDomains response header.
httpCompression String: Enable to allow HTTP compression over SSL-VPN tunnels.
httpOnlyCookie String: Enable/disable SSL-VPN support for HttpOnly cookies.
httpRequestBodyTimeout Integer: SSL-VPN session is disconnected if an HTTP request body is not received within this time (1 - 60 sec, default = 20).
httpRequestHeaderTimeout Integer: SSL-VPN session is disconnected if an HTTP request header is not received within this time (1 - 60 sec, default = 20).
httpsRedirect String: Enable/disable redirect of port 80 to SSL-VPN port.
id String: The provider-assigned unique ID for this managed resource.
idleTimeout Integer: SSL VPN disconnects if idle for specified time in seconds.
ipv6DnsServer1 String: IPv6 DNS server 1.
ipv6DnsServer2 String: IPv6 DNS server 2.
ipv6WinsServer1 String: IPv6 WINS server 1.
ipv6WinsServer2 String: IPv6 WINS server 2.
loginAttemptLimit Integer: SSL VPN maximum login attempt times before block (0 - 10, default = 2, 0 = no limit).
loginBlockTime Integer: Time for which a user is blocked from logging in after too many failed login attempts (0 - 86400 sec, default = 60).
loginTimeout Integer: SSLVPN maximum login timeout (10 - 180 sec, default = 30).
port Integer: SSL-VPN access port (1 - 65535).
portPrecedence String: Enable means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface.
reqclientcert String: Enable to require client certificates for all SSL-VPN users.
routeSourceInterface String: Enable to allow SSL-VPN sessions to bypass routing and bind to the incoming interface.
samlRedirectPort Integer: SAML local redirect port in the machine running FCT (0 - 65535). 0 is to disable redirection on FGT side.
serverHostname String: Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.
servercert String: Name of the server certificate to be used for SSL-VPNs.
sourceAddress6Negate String: Enable/disable negated source IPv6 address match.
sourceAddress6s List<GetSettingsSourceAddress6>: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
sourceAddressNegate String: Enable/disable negated source address match.
sourceAddresses List<GetSettingsSourceAddress>: Source address of incoming traffic. The structure of source_address block is documented below.
sourceInterfaces List<GetSettingsSourceInterface>: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
sslClientRenegotiation String: Enable to allow client renegotiation by the server if the tunnel goes down.
sslInsertEmptyFragment String: Enable/disable insertion of empty fragment.
sslMaxProtoVer String: SSL maximum protocol version.
sslMinProtoVer String: SSL minimum protocol version.
status String: Enable/disable SSL-VPN.
tlsv10 String: Enable/disable TLSv1.0.
tlsv11 String: Enable/disable TLSv1.1.
tlsv12 String: Enable/disable TLSv1.2.
tlsv13 String: Enable/disable TLSv1.3.
transformBackwardSlashes String: Transform backward slashes to forward slashes in URLs.
tunnelAddrAssignedMethod String: Method used for assigning address for tunnel.
tunnelConnectWithoutReauth String: Enable/disable tunnel connection without re-authorization if previous connection dropped.
tunnelIpPools List<GetSettingsTunnelIpPool>: Names of the IPv4 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ip_pools block is documented below.
tunnelIpv6Pools List<GetSettingsTunnelIpv6Pool>: Names of the IPv6 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ipv6_pools block is documented below.
tunnelUserSessionTimeout Integer: Time out value to clean up user session after tunnel connection is dropped (1 - 255 sec, default=30).
unsafeLegacyRenegotiation String: Enable/disable unsafe legacy re-negotiation.
urlObscuration String: Enable to obscure the host name of the URL of the web browser display.
userPeer String: Name of user peer.
webModeSnat String: Enable/disable use of IP pools defined in firewall policy while using web-mode.
winsServer1 String: WINS server 1.
winsServer2 String: WINS server 2.
xContentTypeOptions String: Add HTTP X-Content-Type-Options header.
ztnaTrustedClient String: Enable/disable verification of device certificate for SSLVPN ZTNA session.
vdomparam String

algorithm string: Force the SSL-VPN security level. High allows only high. Medium allows medium and high. Low allows any.
authSessionCheckSourceIp string: Enable/disable checking of source IP for authentication session.
authTimeout number: SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout).
authenticationRules GetSettingsAuthenticationRule[]: Authentication rule for SSL VPN. The structure of authentication_rule block is documented below.
autoTunnelStaticRoute string: Enable to auto-create static routes for the SSL-VPN tunnel IP addresses.
bannedCipher string: Select one or more cipher technologies that cannot be used in SSL-VPN negotiations.
browserLanguageDetection string: Enable/disable overriding the configured system language based on the preferred language of the browser.
checkReferer string: Enable/disable verification of referer field in HTTP request header.
ciphersuite string: Select one or more TLS 1.3 ciphersuites to enable. Does not affect ciphers in TLS 1.2 and below. At least one must be enabled. To disable all, set ssl-max-proto-ver to tls1-2 or below.
clientSigalgs string: Set signature algorithms related to client authentication. Affects TLS version <= 1.2 only.
defaultPortal string: Default SSL VPN portal.
deflateCompressionLevel number: Compression level (0~9).
deflateMinDataSize number: Minimum amount of data that triggers compression (200 - 65535 bytes).
dnsServer1 string: DNS server 1.
dnsServer2 string: DNS server 2.
dnsSuffix string: DNS suffix used for SSL-VPN clients.
dtlsHeartbeatFailCount number: Number of missing heartbeats before the connection is considered dropped.
dtlsHeartbeatIdleTimeout number: Idle timeout before DTLS heartbeat is sent.
dtlsHeartbeatInterval number: Interval between DTLS heartbeat.
dtlsHelloTimeout number: SSLVPN maximum DTLS hello timeout (10 - 60 sec, default = 10).
dtlsMaxProtoVer string: DTLS maximum protocol version.
dtlsMinProtoVer string: DTLS minimum protocol version.
dtlsTunnel string: Enable DTLS to prevent eavesdropping, tampering, or message forgery.
dualStackMode string: Tunnel mode: enable parallel IPv4 and IPv6 tunnel. Web mode: support IPv4 and IPv6 bookmarks in the portal.
encode2fSequence string: Encode \2F sequence to forward slash in URLs.
encryptAndStorePassword string: Encrypt and store user passwords for SSL-VPN web sessions.
forceTwoFactorAuth string: Enable to force two-factor authentication for all SSL-VPNs.
headerXForwardedFor string: Forward the same, add, or remove HTTP header.
hstsIncludeSubdomains string: Add HSTS includeSubDomains response header.
httpCompression string: Enable to allow HTTP compression over SSL-VPN tunnels.
httpOnlyCookie string: Enable/disable SSL-VPN support for HttpOnly cookies.
httpRequestBodyTimeout number: SSL-VPN session is disconnected if an HTTP request body is not received within this time (1 - 60 sec, default = 20).
httpRequestHeaderTimeout number: SSL-VPN session is disconnected if an HTTP request header is not received within this time (1 - 60 sec, default = 20).
httpsRedirect string: Enable/disable redirect of port 80 to SSL-VPN port.
id string: The provider-assigned unique ID for this managed resource.
idleTimeout number: SSL VPN disconnects if idle for specified time in seconds.
ipv6DnsServer1 string: IPv6 DNS server 1.
ipv6DnsServer2 string: IPv6 DNS server 2.
ipv6WinsServer1 string: IPv6 WINS server 1.
ipv6WinsServer2 string: IPv6 WINS server 2.
loginAttemptLimit number: SSL VPN maximum login attempt times before block (0 - 10, default = 2, 0 = no limit).
loginBlockTime number: Time for which a user is blocked from logging in after too many failed login attempts (0 - 86400 sec, default = 60).
loginTimeout number: SSLVPN maximum login timeout (10 - 180 sec, default = 30).
port number: SSL-VPN access port (1 - 65535).
portPrecedence string: Enable means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface.
reqclientcert string: Enable to require client certificates for all SSL-VPN users.
routeSourceInterface string: Enable to allow SSL-VPN sessions to bypass routing and bind to the incoming interface.
samlRedirectPort number: SAML local redirect port in the machine running FCT (0 - 65535). 0 is to disable redirection on FGT side.
serverHostname string: Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.
servercert string: Name of the server certificate to be used for SSL-VPNs.
sourceAddress6Negate string: Enable/disable negated source IPv6 address match.
sourceAddress6s GetSettingsSourceAddress6[]: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
sourceAddressNegate string: Enable/disable negated source address match.
sourceAddresses GetSettingsSourceAddress[]: Source address of incoming traffic. The structure of source_address block is documented below.
sourceInterfaces GetSettingsSourceInterface[]: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
sslClientRenegotiation string: Enable to allow client renegotiation by the server if the tunnel goes down.
sslInsertEmptyFragment string: Enable/disable insertion of empty fragment.
sslMaxProtoVer string: SSL maximum protocol version.
sslMinProtoVer string: SSL minimum protocol version.
status string: Enable/disable SSL-VPN.
tlsv10 string: Enable/disable TLSv1.0.
tlsv11 string: Enable/disable TLSv1.1.
tlsv12 string: Enable/disable TLSv1.2.
tlsv13 string: Enable/disable TLSv1.3.
transformBackwardSlashes string: Transform backward slashes to forward slashes in URLs.
tunnelAddrAssignedMethod string: Method used for assigning address for tunnel.
tunnelConnectWithoutReauth string: Enable/disable tunnel connection without re-authorization if previous connection dropped.
tunnelIpPools GetSettingsTunnelIpPool[]: Names of the IPv4 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ip_pools block is documented below.
tunnelIpv6Pools GetSettingsTunnelIpv6Pool[]: Names of the IPv6 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ipv6_pools block is documented below.
tunnelUserSessionTimeout number: Time out value to clean up user session after tunnel connection is dropped (1 - 255 sec, default=30).
unsafeLegacyRenegotiation string: Enable/disable unsafe legacy re-negotiation.
urlObscuration string: Enable to obscure the host name of the URL of the web browser display.
userPeer string: Name of user peer.
webModeSnat string: Enable/disable use of IP pools defined in firewall policy while using web-mode.
winsServer1 string: WINS server 1.
winsServer2 string: WINS server 2.
xContentTypeOptions string: Add HTTP X-Content-Type-Options header.
ztnaTrustedClient string: Enable/disable verification of device certificate for SSLVPN ZTNA session.
vdomparam string

algorithm str: Force the SSL-VPN security level. High allows only high. Medium allows medium and high. Low allows any.
auth_session_check_source_ip str: Enable/disable checking of source IP for authentication session.
auth_timeout int: SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout).
authentication_rules Sequence[GetSettingsAuthenticationRule]: Authentication rule for SSL VPN. The structure of authentication_rule block is documented below.
auto_tunnel_static_route str: Enable to auto-create static routes for the SSL-VPN tunnel IP addresses.
banned_cipher str: Select one or more cipher technologies that cannot be used in SSL-VPN negotiations.
browser_language_detection str: Enable/disable overriding the configured system language based on the preferred language of the browser.
check_referer str: Enable/disable verification of referer field in HTTP request header.
ciphersuite str: Select one or more TLS 1.3 ciphersuites to enable. Does not affect ciphers in TLS 1.2 and below. At least one must be enabled. To disable all, set ssl-max-proto-ver to tls1-2 or below.
client_sigalgs str: Set signature algorithms related to client authentication. Affects TLS version <= 1.2 only.
default_portal str: Default SSL VPN portal.
deflate_compression_level int: Compression level (0~9).
deflate_min_data_size int: Minimum amount of data that triggers compression (200 - 65535 bytes).
dns_server1 str: DNS server 1.
dns_server2 str: DNS server 2.
dns_suffix str: DNS suffix used for SSL-VPN clients.
dtls_heartbeat_fail_count int: Number of missing heartbeats before the connection is considered dropped.
dtls_heartbeat_idle_timeout int: Idle timeout before DTLS heartbeat is sent.
dtls_heartbeat_interval int: Interval between DTLS heartbeat.
dtls_hello_timeout int: SSLVPN maximum DTLS hello timeout (10 - 60 sec, default = 10).
dtls_max_proto_ver str: DTLS maximum protocol version.
dtls_min_proto_ver str: DTLS minimum protocol version.
dtls_tunnel str: Enable DTLS to prevent eavesdropping, tampering, or message forgery.
dual_stack_mode str: Tunnel mode: enable parallel IPv4 and IPv6 tunnel. Web mode: support IPv4 and IPv6 bookmarks in the portal.
encode2f_sequence str: Encode \2F sequence to forward slash in URLs.
encrypt_and_store_password str: Encrypt and store user passwords for SSL-VPN web sessions.
force_two_factor_auth str: Enable to force two-factor authentication for all SSL-VPNs.
header_x_forwarded_for str: Forward the same, add, or remove HTTP header.
hsts_include_subdomains str: Add HSTS includeSubDomains response header.
http_compression str: Enable to allow HTTP compression over SSL-VPN tunnels.
http_only_cookie str: Enable/disable SSL-VPN support for HttpOnly cookies.
http_request_body_timeout int: SSL-VPN session is disconnected if an HTTP request body is not received within this time (1 - 60 sec, default = 20).
http_request_header_timeout int: SSL-VPN session is disconnected if an HTTP request header is not received within this time (1 - 60 sec, default = 20).
https_redirect str: Enable/disable redirect of port 80 to SSL-VPN port.
id str: The provider-assigned unique ID for this managed resource.
idle_timeout int: SSL VPN disconnects if idle for specified time in seconds.
ipv6_dns_server1 str: IPv6 DNS server 1.
ipv6_dns_server2 str: IPv6 DNS server 2.
ipv6_wins_server1 str: IPv6 WINS server 1.
ipv6_wins_server2 str: IPv6 WINS server 2.
login_attempt_limit int: SSL VPN maximum login attempt times before block (0 - 10, default = 2, 0 = no limit).
login_block_time int: Time for which a user is blocked from logging in after too many failed login attempts (0 - 86400 sec, default = 60).
login_timeout int: SSLVPN maximum login timeout (10 - 180 sec, default = 30).
port int: SSL-VPN access port (1 - 65535).
port_precedence str: Enable means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface.
reqclientcert str: Enable to require client certificates for all SSL-VPN users.
route_source_interface str: Enable to allow SSL-VPN sessions to bypass routing and bind to the incoming interface.
saml_redirect_port int: SAML local redirect port in the machine running FCT (0 - 65535). 0 is to disable redirection on FGT side.
server_hostname str: Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.
servercert str: Name of the server certificate to be used for SSL-VPNs.
source_address6_negate str: Enable/disable negated source IPv6 address match.
source_address6s Sequence[GetSettingsSourceAddress6]: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
source_address_negate str: Enable/disable negated source address match.
source_addresses Sequence[GetSettingsSourceAddress]: Source address of incoming traffic. The structure of source_address block is documented below.
source_interfaces Sequence[GetSettingsSourceInterface]: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
ssl_client_renegotiation str: Enable to allow client renegotiation by the server if the tunnel goes down.
ssl_insert_empty_fragment str: Enable/disable insertion of empty fragment.
ssl_max_proto_ver str: SSL maximum protocol version.
ssl_min_proto_ver str: SSL minimum protocol version.
status str: Enable/disable SSL-VPN.
tlsv10 str: Enable/disable TLSv1.0.
tlsv11 str: Enable/disable TLSv1.1.
tlsv12 str: Enable/disable TLSv1.2.
tlsv13 str: Enable/disable TLSv1.3.
transform_backward_slashes str: Transform backward slashes to forward slashes in URLs.
tunnel_addr_assigned_method str: Method used for assigning address for tunnel.
tunnel_connect_without_reauth str: Enable/disable tunnel connection without re-authorization if previous connection dropped.
tunnel_ip_pools Sequence[GetSettingsTunnelIpPool]: Names of the IPv4 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ip_pools block is documented below.
tunnel_ipv6_pools Sequence[GetSettingsTunnelIpv6Pool]: Names of the IPv6 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ipv6_pools block is documented below.
tunnel_user_session_timeout int: Time out value to clean up user session after tunnel connection is dropped (1 - 255 sec, default=30).
unsafe_legacy_renegotiation str: Enable/disable unsafe legacy re-negotiation.
url_obscuration str: Enable to obscure the host name of the URL of the web browser display.
user_peer str: Name of user peer.
web_mode_snat str: Enable/disable use of IP pools defined in firewall policy while using web-mode.
wins_server1 str: WINS server 1.
wins_server2 str: WINS server 2.
x_content_type_options str: Add HTTP X-Content-Type-Options header.
ztna_trusted_client str: Enable/disable verification of device certificate for SSLVPN ZTNA session.
vdomparam str

algorithm String: Force the SSL-VPN security level. High allows only high. Medium allows medium and high. Low allows any.
authSessionCheckSourceIp String: Enable/disable checking of source IP for authentication session.
authTimeout Number: SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout).
authenticationRules List<Property Map>: Authentication rule for SSL VPN. The structure of authentication_rule block is documented below.
autoTunnelStaticRoute String: Enable to auto-create static routes for the SSL-VPN tunnel IP addresses.
bannedCipher String: Select one or more cipher technologies that cannot be used in SSL-VPN negotiations.
browserLanguageDetection String: Enable/disable overriding the configured system language based on the preferred language of the browser.
checkReferer String: Enable/disable verification of referer field in HTTP request header.
ciphersuite String: Select one or more TLS 1.3 ciphersuites to enable. Does not affect ciphers in TLS 1.2 and below. At least one must be enabled. To disable all, set ssl-max-proto-ver to tls1-2 or below.
clientSigalgs String: Set signature algorithms related to client authentication. Affects TLS version <= 1.2 only.
defaultPortal String: Default SSL VPN portal.
deflateCompressionLevel Number: Compression level (0~9).
deflateMinDataSize Number: Minimum amount of data that triggers compression (200 - 65535 bytes).
dnsServer1 String: DNS server 1.
dnsServer2 String: DNS server 2.
dnsSuffix String: DNS suffix used for SSL-VPN clients.
dtlsHeartbeatFailCount Number: Number of missing heartbeats before the connection is considered dropped.
dtlsHeartbeatIdleTimeout Number: Idle timeout before DTLS heartbeat is sent.
dtlsHeartbeatInterval Number: Interval between DTLS heartbeat.
dtlsHelloTimeout Number: SSLVPN maximum DTLS hello timeout (10 - 60 sec, default = 10).
dtlsMaxProtoVer String: DTLS maximum protocol version.
dtlsMinProtoVer String: DTLS minimum protocol version.
dtlsTunnel String: Enable DTLS to prevent eavesdropping, tampering, or message forgery.
dualStackMode String: Tunnel mode: enable parallel IPv4 and IPv6 tunnel. Web mode: support IPv4 and IPv6 bookmarks in the portal.
encode2fSequence String: Encode \2F sequence to forward slash in URLs.
encryptAndStorePassword String: Encrypt and store user passwords for SSL-VPN web sessions.
forceTwoFactorAuth String: Enable to force two-factor authentication for all SSL-VPNs.
headerXForwardedFor String: Forward the same, add, or remove HTTP header.
hstsIncludeSubdomains String: Add HSTS includeSubDomains response header.
httpCompression String: Enable to allow HTTP compression over SSL-VPN tunnels.
httpOnlyCookie String: Enable/disable SSL-VPN support for HttpOnly cookies.
httpRequestBodyTimeout Number: SSL-VPN session is disconnected if an HTTP request body is not received within this time (1 - 60 sec, default = 20).
httpRequestHeaderTimeout Number: SSL-VPN session is disconnected if an HTTP request header is not received within this time (1 - 60 sec, default = 20).
httpsRedirect String: Enable/disable redirect of port 80 to SSL-VPN port.
id String: The provider-assigned unique ID for this managed resource.
idleTimeout Number: SSL VPN disconnects if idle for specified time in seconds.
ipv6DnsServer1 String: IPv6 DNS server 1.
ipv6DnsServer2 String: IPv6 DNS server 2.
ipv6WinsServer1 String: IPv6 WINS server 1.
ipv6WinsServer2 String: IPv6 WINS server 2.
loginAttemptLimit Number: SSL VPN maximum login attempt times before block (0 - 10, default = 2, 0 = no limit).
loginBlockTime Number: Time for which a user is blocked from logging in after too many failed login attempts (0 - 86400 sec, default = 60).
loginTimeout Number: SSLVPN maximum login timeout (10 - 180 sec, default = 30).
port Number: SSL-VPN access port (1 - 65535).
portPrecedence String: Enable means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface.
reqclientcert String: Enable to require client certificates for all SSL-VPN users.
routeSourceInterface String: Enable to allow SSL-VPN sessions to bypass routing and bind to the incoming interface.
samlRedirectPort Number: SAML local redirect port in the machine running FCT (0 - 65535). 0 is to disable redirection on FGT side.
serverHostname String: Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.
servercert String: Name of the server certificate to be used for SSL-VPNs.
sourceAddress6Negate String: Enable/disable negated source IPv6 address match.
sourceAddress6s List<Property Map>: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
sourceAddressNegate String: Enable/disable negated source address match.
sourceAddresses List<Property Map>: Source address of incoming traffic. The structure of source_address block is documented below.
sourceInterfaces List<Property Map>: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
sslClientRenegotiation String: Enable to allow client renegotiation by the server if the tunnel goes down.
sslInsertEmptyFragment String: Enable/disable insertion of empty fragment.
sslMaxProtoVer String: SSL maximum protocol version.
sslMinProtoVer String: SSL minimum protocol version.
status String: Enable/disable SSL-VPN.
tlsv10 String: Enable/disable TLSv1.0.
tlsv11 String: Enable/disable TLSv1.1.
tlsv12 String: Enable/disable TLSv1.2.
tlsv13 String: Enable/disable TLSv1.3.
transformBackwardSlashes String: Transform backward slashes to forward slashes in URLs.
tunnelAddrAssignedMethod String: Method used for assigning address for tunnel.
tunnelConnectWithoutReauth String: Enable/disable tunnel connection without re-authorization if previous connection dropped.
tunnelIpPools List<Property Map>: Names of the IPv4 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ip_pools block is documented below.
tunnelIpv6Pools List<Property Map>: Names of the IPv6 IP Pool firewall objects that define the IP addresses reserved for remote clients. The structure of tunnel_ipv6_pools block is documented below.
tunnelUserSessionTimeout Number: Time out value to clean up user session after tunnel connection is dropped (1 - 255 sec, default=30).
unsafeLegacyRenegotiation String: Enable/disable unsafe legacy re-negotiation.
urlObscuration String: Enable to obscure the host name of the URL of the web browser display.
userPeer String: Name of user peer.
webModeSnat String: Enable/disable use of IP pools defined in firewall policy while using web-mode.
winsServer1 String: WINS server 1.
winsServer2 String: WINS server 2.
xContentTypeOptions String: Add HTTP X-Content-Type-Options header.
ztnaTrustedClient String: Enable/disable verification of device certificate for SSLVPN ZTNA session.
vdomparam String

Supporting Types

GetSettingsAuthenticationRule

Auth string: SSL VPN authentication method restriction.
Cipher string: SSL VPN cipher strength.
ClientCert string: Enable/disable SSL VPN client certificate restrictive.
Groups List<Pulumiverse.Fortios.Vpn.Ssl.Inputs.GetSettingsAuthenticationRuleGroup>: User groups. The structure of groups block is documented below.
Id int: ID (0 - 4294967295).
Portal string: SSL VPN portal.
Realm string: SSL VPN realm.
SourceAddress6Negate string: Enable/disable negated source IPv6 address match.
SourceAddress6s List<Pulumiverse.Fortios.Vpn.Ssl.Inputs.GetSettingsAuthenticationRuleSourceAddress6>: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
SourceAddressNegate string: Enable/disable negated source address match.
SourceAddresses List<Pulumiverse.Fortios.Vpn.Ssl.Inputs.GetSettingsAuthenticationRuleSourceAddress>: Source address of incoming traffic. The structure of source_address block is documented below.
SourceInterfaces List<Pulumiverse.Fortios.Vpn.Ssl.Inputs.GetSettingsAuthenticationRuleSourceInterface>: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
UserPeer string: Name of user peer.
Users List<Pulumiverse.Fortios.Vpn.Ssl.Inputs.GetSettingsAuthenticationRuleUser>: User name. The structure of users block is documented below.

Auth string: SSL VPN authentication method restriction.
Cipher string: SSL VPN cipher strength.
ClientCert string: Enable/disable SSL VPN client certificate restrictive.
Groups []GetSettingsAuthenticationRuleGroup: User groups. The structure of groups block is documented below.
Id int: ID (0 - 4294967295).
Portal string: SSL VPN portal.
Realm string: SSL VPN realm.
SourceAddress6Negate string: Enable/disable negated source IPv6 address match.
SourceAddress6s []GetSettingsAuthenticationRuleSourceAddress6: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
SourceAddressNegate string: Enable/disable negated source address match.
SourceAddresses []GetSettingsAuthenticationRuleSourceAddress: Source address of incoming traffic. The structure of source_address block is documented below.
SourceInterfaces []GetSettingsAuthenticationRuleSourceInterface: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
UserPeer string: Name of user peer.
Users []GetSettingsAuthenticationRuleUser: User name. The structure of users block is documented below.

auth String: SSL VPN authentication method restriction.
cipher String: SSL VPN cipher strength.
clientCert String: Enable/disable SSL VPN client certificate restrictive.
groups List<GetSettingsAuthenticationRuleGroup>: User groups. The structure of groups block is documented below.
id Integer: ID (0 - 4294967295).
portal String: SSL VPN portal.
realm String: SSL VPN realm.
sourceAddress6Negate String: Enable/disable negated source IPv6 address match.
sourceAddress6s List<GetSettingsAuthenticationRuleSourceAddress6>: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
sourceAddressNegate String: Enable/disable negated source address match.
sourceAddresses List<GetSettingsAuthenticationRuleSourceAddress>: Source address of incoming traffic. The structure of source_address block is documented below.
sourceInterfaces List<GetSettingsAuthenticationRuleSourceInterface>: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
userPeer String: Name of user peer.
users List<GetSettingsAuthenticationRuleUser>: User name. The structure of users block is documented below.

auth string: SSL VPN authentication method restriction.
cipher string: SSL VPN cipher strength.
clientCert string: Enable/disable SSL VPN client certificate restrictive.
groups GetSettingsAuthenticationRuleGroup[]: User groups. The structure of groups block is documented below.
id number: ID (0 - 4294967295).
portal string: SSL VPN portal.
realm string: SSL VPN realm.
sourceAddress6Negate string: Enable/disable negated source IPv6 address match.
sourceAddress6s GetSettingsAuthenticationRuleSourceAddress6[]: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
sourceAddressNegate string: Enable/disable negated source address match.
sourceAddresses GetSettingsAuthenticationRuleSourceAddress[]: Source address of incoming traffic. The structure of source_address block is documented below.
sourceInterfaces GetSettingsAuthenticationRuleSourceInterface[]: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
userPeer string: Name of user peer.
users GetSettingsAuthenticationRuleUser[]: User name. The structure of users block is documented below.

auth str: SSL VPN authentication method restriction.
cipher str: SSL VPN cipher strength.
client_cert str: Enable/disable SSL VPN client certificate restrictive.
groups Sequence[GetSettingsAuthenticationRuleGroup]: User groups. The structure of groups block is documented below.
id int: ID (0 - 4294967295).
portal str: SSL VPN portal.
realm str: SSL VPN realm.
source_address6_negate str: Enable/disable negated source IPv6 address match.
source_address6s Sequence[GetSettingsAuthenticationRuleSourceAddress6]: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
source_address_negate str: Enable/disable negated source address match.
source_addresses Sequence[GetSettingsAuthenticationRuleSourceAddress]: Source address of incoming traffic. The structure of source_address block is documented below.
source_interfaces Sequence[GetSettingsAuthenticationRuleSourceInterface]: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
user_peer str: Name of user peer.
users Sequence[GetSettingsAuthenticationRuleUser]: User name. The structure of users block is documented below.

auth String: SSL VPN authentication method restriction.
cipher String: SSL VPN cipher strength.
clientCert String: Enable/disable SSL VPN client certificate restrictive.
groups List<Property Map>: User groups. The structure of groups block is documented below.
id Number: ID (0 - 4294967295).
portal String: SSL VPN portal.
realm String: SSL VPN realm.
sourceAddress6Negate String: Enable/disable negated source IPv6 address match.
sourceAddress6s List<Property Map>: IPv6 source address of incoming traffic. The structure of source_address6 block is documented below.
sourceAddressNegate String: Enable/disable negated source address match.
sourceAddresses List<Property Map>: Source address of incoming traffic. The structure of source_address block is documented below.
sourceInterfaces List<Property Map>: SSL VPN source interface of incoming traffic. The structure of source_interface block is documented below.
userPeer String: Name of user peer.
users List<Property Map>: User name. The structure of users block is documented below.

GetSettingsAuthenticationRuleGroup

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsAuthenticationRuleSourceAddress

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsAuthenticationRuleSourceAddress6

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsAuthenticationRuleSourceInterface

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsAuthenticationRuleUser

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsSourceAddress

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsSourceAddress6

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsSourceInterface

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsTunnelIpPool

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

GetSettingsTunnelIpv6Pool

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

Package Details

Repository: fortios pulumiverse/pulumi-fortios
License: Apache-2.0
Notes: This Pulumi package is based on the fortios Terraform Provider.

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

pulumiverse/pulumi-fortios

fortios.vpn/ssl.getSettings

On this page

On this page

Using getSettings

getSettings Result

Supporting Types

GetSettingsAuthenticationRule

GetSettingsAuthenticationRuleGroup

GetSettingsAuthenticationRuleSourceAddress

GetSettingsAuthenticationRuleSourceAddress6

GetSettingsAuthenticationRuleSourceInterface

GetSettingsAuthenticationRuleUser

GetSettingsSourceAddress

GetSettingsSourceAddress6

GetSettingsSourceInterface

GetSettingsTunnelIpPool

GetSettingsTunnelIpv6Pool

Package Details

On this page

On this page