[ansible-project] How can I tried to convert one task from junos_command to junos_config I have tried but getting error like below

[dvenur...@gmail.com]

 

---

- name: Juniper Site-to-Site VPN Creation

hosts: localhost

gather_facts: no

#connection: ansible.netcommon.netconf

become: yes

tasks:

- name: creation of VPN tunnel between two sites

junos_config:

lines:

- set security zones security-zone {{zoneName}} host-inbound-traffic 
system-services ike

- set interfaces {{interfaceNumber}} unit {{interfaceUnit}} family inet

- set security zones security-zone {{vpnZoneName}} interfaces 
{{VPNinterfaceName}}

- set security zones security-zone {{vpnZoneName}} interfaces 
{{VPNinterfaceName}} host-inbound-traffic system-services 
{{InterfaceServices}}

- set security zones security-zone {{vpnZoneName}} interfaces 
{{VPNinterfaceName}} host-inbound-traffic protocols {{InterfaceProtocol}}

- set security ike proposal {{ikeProposalName}} description {{description}}

- set security ike proposal {{ikeProposalName}} authentication-method 
{{methodName}}

- set security ike proposal {{ikeProposalName}} dh-group {{groupName}}

- set security ike proposal {{ikeProposalName}} authentication-algorithm 
{{ikeAuthAlgorithmName}}

- set security ike proposal {{ikeProposalName}} encryption-algorithm 
{{ikeEncAlgorithmName}}

- set security ike proposal {{ikeProposalName}} lifetime-seconds {{seconds}}

- set security ike policy {{ikePolicyName}} description {{description}}

- set security ike policy {{ikePolicyName}} mode {{modeName}}

- set security ike policy {{ikePolicyName}} proposals {{ikeProposalName}}

- set security ike policy {{ikePolicyName}} pre-shared-key ascii-text 
{{sharedKey}}

- set security ike gateway {{gatewayName}} external-interface 
{{externalInterfaceName}}

- set security ike gateway {{gatewayName}} ike-policy {{ikePolicyName}}

- set security ike gateway {{gatewayName}} address {{remoteIPAddress}}

- set security ike gateway {{gatewayName}} version {{ikeVersion}}

- set security ipsec proposal {{ipsecProposalName}} description 
{{description}}

- set security ipsec proposal {{ipsecProposalName}} protocol 
{{protocolName}}

- set security ipsec proposal {{ipsecProposalName}} 
authentication-algorithm {{ipsecAuthAlgorithmName}}

- set security ipsec proposal {{ipsecProposalName}} encryption-algorithm 
{{ipsecEncAlgorithmName}}

- set security ipsec proposal {{ipsecProposalName}} lifetime-seconds 
{{phase2seconds}}

- set security ipsec policy {{ipsecPolicyName}} proposals 
{{ipsecProposalName}}

# - set security ipsec policy {{ipsecPolicyName}} perfect-forward-secrecy 
keys {{pfsGroupName}}

- set security ipsec vpn {{vpnName}} ike gateway {{gatewayName}}

- set security ipsec vpn {{vpnName}} ike ipsec-policy {{ipsecPolicyName}}

- set security ipsec vpn {{vpnName}} bind-interface {{VPNinterfaceName}}

- set security ipsec vpn {{vpnName}} establish-tunnels {{TunnelEstablish}}

- set security address-book global address {{sourceObjectName}} 
{{SubnetValueSrc}}

- set security address-book global address {{destinationObjectName}} 
{{SubnetValueDst}}

- set security policies from-zone {{sourceZoneName}} to-zone 
{{vpnZoneName}} policy {{policy1Name}} match source-address 
{{sourceObjectName}}

- set security policies from-zone {{sourceZoneName}} to-zone 
{{vpnZoneName}} policy {{policy1Name}} match destination-address 
{{destinationObjectName}}

- set security policies from-zone {{sourceZoneName}} to-zone 
{{vpnZoneName}} policy {{policy1Name}} match application 
{{applicationNames}}

- set security policies from-zone {{sourceZoneName}} to-zone 
{{vpnZoneName}} policy {{policy1Name}} match source-identity 
{{sourceIdentity}}

- set security policies from-zone {{sourceZoneName}} to-zone 
{{vpnZoneName}} policy {{policy1Name}} then permit

- set security policies from-zone {{vpnZoneName}} to-zone 
{{sourceZoneName}} policy {{policy2Name}} match source-address 
{{destinationObjectName}}

- set security policies from-zone {{vpnZoneName}} to-zone 
{{sourceZoneName}} policy {{policy2Name}} match destination-address 
{{sourceObjectName}}

- set security policies from-zone {{vpnZoneName}} to-zone 
{{sourceZoneName}} policy {{policy2Name}} match application 
{{applicationNames}}

- set security policies from-zone {{vpnZoneName}} to-zone 
{{sourceZoneName}} policy {{policy2Name}} then permit

- set routing-options static route {{SubnetValueDst}} next-hop 
{{VPNinterfaceName}}


provider:

host: xxxxx

username: xxxx

password: xxxx

tags:

- junos_SitetoSiteVpn_creation


I have tried with both local and netconf connection but I have getting 
below error

msg": "<?xml version=\\"1.0\\" encoding=\\"UTF-8\\"?><rpc-error 
xmlns=\"urn:ietf:params:xml:ns:netconf:base:1.0\" xmlns:junos=\"[
http://xml.juniper.net/junos/20.2R0/junos\](http://xml.juniper.net/junos/20.2R0/junos)"
 
xmlns:nc=\"urn:ietf:params:xml:ns:netconf:base:1.0\">\n<error-type>protocol</error-type>\n<error-tag>operation-failed</error-tag>\n<error-severity>error</error-severity>\n<error-message>invalid
 
value</error-message>\n<error-info>\n<bad-element>immediate</bad-element>\n</error-info>\n</rpc-error>\n"

}

can some help here to get it work.

Thanks in advance.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f79665a9-3c9d-4f49-97ac-be5403a3895cn%40googlegroups.com.