We are trying to add ePMP's to CNMaestro by hostname (in case I need to change our server's IP in the future). The A record for our cnmaestro server is a private IP for our internal network. We don't want it public for now.
The odd part is from the limited cli inside an ePMP we can ping outside domains by hostname but not any domain that we have A records pointing to private records. 10.x.x.x 172.16.x.x etc. The DNS servers that are set up in the network configuration for the NAT ip are indeed correct and our servers that host the zone we are using. But it will not resolve a hostname to a private IP.
Are you seeing the requests from devices in your DNS server logs? If the configuration on the devices is indeed correct and the DNS servers are reachable they should be getting your internal IP for https://cloud.cambiumnetworks.com. What is the DNS server saying its returning for the https://cloud.cambiumentworks.com requests?
It is the cnmaestro on premises version on a 172 network. (Not cloud based) so it is a cnmaestro.domain.com A record that points to a 172.x.x.x IP
It is almost as if it is bypassing our DNS server entirely. I have our primary/secondary servers set up in the ePMP. In both of those servers I did a tcpdump to watch if both the management and NAT IP would query the DNS servers for information.
In all cases it actually didn't even hit my DNS servers. But it was able to resolve new hostnames somehow.
Therefore there must be some other inside mechanism that is being used to resolve hostnames in the ePMP.
Ok I did a packet dump of the radio's traffic and it is actually using 8.8.8.8 even though we've assigned other IP's to use as DNS servers. So it has to be something hard coded into its linux OS.
Its not the 8.8.8.8 the customer had a device periodically checking. Even though the torch would be empty until I pinged a random domain. My mistake.
What I did narrow down was the device can ping by IP so it is reachable. It also does resolve the private IP from the A record on our DNS server. However it returns
ping: unknown host cnm.domain.com
whenever trying to resolve any A record with a private address.
For cases when cnMaestro URL cannot be resolved on ePMP devices via DNS server we recommend to use IP address instead of URL in ePMP configuration till issues with DNS resolver will be fixed.