 
    New in version 2.8.
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments | |||
|---|---|---|---|---|---|
| host 
                    -
                     / required                     | FortiOS or FortiGate ip address. | ||||
| https 
                    boolean
                                         | 
 | Indicates if the requests towards FortiGate must use HTTPS protocol | |||
| password 
                    -
                                         | Default: "" | FortiOS or FortiGate password. | |||
| username 
                    -
                     / required                     | FortiOS or FortiGate username. | ||||
| vdom 
                    -
                                         | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. | |||
| web_proxy_explicit 
                    -
                                         | Default: null | Configure explicit Web proxy settings. | |||
| ftp-incoming-port 
                    -
                                         | Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP). | ||||
| ftp-over-http 
                    -
                                         | 
 | Enable to proxy FTP-over-HTTP sessions sent from a web browser. | |||
| http-incoming-port 
                    -
                                         | Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080). | ||||
| https-incoming-port 
                    -
                                         | Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP). | ||||
| https-replacement-message 
                    -
                                         | 
 | Enable/disable sending the client a replacement message for HTTPS requests. | |||
| incoming-ip 
                    -
                                         | Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address. | ||||
| incoming-ip6 
                    -
                                         | Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address. | ||||
| ipv6-status 
                    -
                                         | 
 | Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. | |||
| message-upon-server-error 
                    -
                                         | 
 | Enable/disable displaying a replacement message when a server error is detected. | |||
| outgoing-ip 
                    -
                                         | Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address. | ||||
| outgoing-ip6 
                    -
                                         | Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses. | ||||
| pac-file-data 
                    -
                                         | PAC file contents enclosed in quotes (maximum of 256K bytes). | ||||
| pac-file-name 
                    -
                                         | Pac file name. | ||||
| pac-file-server-port 
                    -
                                         | Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP). | ||||
| pac-file-server-status 
                    -
                                         | 
 | Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. | |||
| pac-file-url 
                    -
                                         | PAC file access URL. | ||||
| pac-policy 
                    -
                                         | PAC policies. | ||||
| comments 
                    -
                                         | Optional comments. | ||||
| dstaddr 
                    -
                                         | Destination address objects. | ||||
| name 
                    -
                     / required                     | Address name. Source firewall.address.name firewall.addrgrp.name. | ||||
| pac-file-data 
                    -
                                         | PAC file contents enclosed in quotes (maximum of 256K bytes). | ||||
| pac-file-name 
                    -
                                         | Pac file name. | ||||
| policyid 
                    -
                     / required                     | Policy ID. | ||||
| srcaddr 
                    -
                                         | Source address objects. | ||||
| name 
                    -
                     / required                     | Address name. Source firewall.address.name firewall.addrgrp.name firewall.proxy-address.name firewall.proxy-addrgrp.name. | ||||
| srcaddr6 
                    -
                                         | Source address6 objects. | ||||
| name 
                    -
                     / required                     | Address name. Source firewall.address6.name firewall.addrgrp6.name. | ||||
| status 
                    -
                                         | 
 | Enable/disable policy. | |||
| pref-dns-result 
                    -
                                         | 
 | Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4). | |||
| realm 
                    -
                                         | Authentication realm used to identify the explicit web proxy (maximum of 63 characters). | ||||
| sec-default-action 
                    -
                                         | 
 | Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. | |||
| socks 
                    -
                                         | 
 | Enable/disable the SOCKS proxy. | |||
| socks-incoming-port 
                    -
                                         | Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP). | ||||
| ssl-algorithm 
                    -
                                         | 
 | Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. | |||
| status 
                    -
                                         | 
 | Enable/disable the explicit Web proxy for HTTP and HTTPS session. | |||
| strict-guest 
                    -
                                         | 
 | Enable/disable strict guest user checking by the explicit web proxy. | |||
| trace-auth-no-rsp 
                    -
                                         | 
 | Enable/disable logging timed-out authentication requests. | |||
| unknown-http-version 
                    -
                                         | 
 | Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can. | |||
Note
- hosts: localhost
  vars:
   host: "192.168.122.40"
   username: "admin"
   password: ""
   vdom: "root"
  tasks:
  - name: Configure explicit Web proxy settings.
    fortios_web_proxy_explicit:
      host:  "{{ host }}"
      username: "{{ username }}"
      password: "{{ password }}"
      vdom:  "{{ vdom }}"
      https: "False"
      web_proxy_explicit:
        ftp-incoming-port: "<your_own_value>"
        ftp-over-http: "enable"
        http-incoming-port: "<your_own_value>"
        https-incoming-port: "<your_own_value>"
        https-replacement-message: "enable"
        incoming-ip: "<your_own_value>"
        incoming-ip6: "<your_own_value>"
        ipv6-status: "enable"
        message-upon-server-error: "enable"
        outgoing-ip: "<your_own_value>"
        outgoing-ip6: "<your_own_value>"
        pac-file-data: "<your_own_value>"
        pac-file-name: "<your_own_value>"
        pac-file-server-port: "<your_own_value>"
        pac-file-server-status: "enable"
        pac-file-url: "<your_own_value>"
        pac-policy:
         -
            comments: "<your_own_value>"
            dstaddr:
             -
                name: "default_name_22 (source firewall.address.name firewall.addrgrp.name)"
            pac-file-data: "<your_own_value>"
            pac-file-name: "<your_own_value>"
            policyid: "25"
            srcaddr:
             -
                name: "default_name_27 (source firewall.address.name firewall.addrgrp.name firewall.proxy-address.name firewall.proxy-addrgrp.name)"
            srcaddr6:
             -
                name: "default_name_29 (source firewall.address6.name firewall.addrgrp6.name)"
            status: "enable"
        pref-dns-result: "ipv4"
        realm: "<your_own_value>"
        sec-default-action: "accept"
        socks: "enable"
        socks-incoming-port: "<your_own_value>"
        ssl-algorithm: "low"
        status: "enable"
        strict-guest: "enable"
        trace-auth-no-rsp: "enable"
        unknown-http-version: "reject"
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | 
|---|---|---|
| build string | always | Build number of the fortigate image Sample: 1547 | 
| http_method string | always | Last method used to provision the content into FortiGate Sample: PUT | 
| http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 | 
| mkey string | success | Master key (id) used in the last call to FortiGate Sample: id | 
| name string | always | Name of the table used to fulfill the request Sample: urlfilter | 
| path string | always | Path of the table used to fulfill the request Sample: webfilter | 
| revision string | always | Internal revision number Sample: 17.0.2.10658 | 
| serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 | 
| status string | always | Indication of the operation's result Sample: success | 
| vdom string | always | Virtual domain used Sample: root | 
| version string | always | Version of the FortiGate Sample: v5.6.3 | 
Hint
If you notice any issues in this documentation you can edit this document to improve it.