Ability to force DHCP options via Radius

We want to make sure our SM's  always have DHCP and Public enabled. Right now the only way to do this would be with manually setting it, but thats not really enforcing it... 

So would be nice if like bandwidth and vlan settings, network management settings could also be set via the radius, at minimum dhcp/static.

Please say this is coming in 14.1.x we realized a horrible issue with statically setting the internal value of the CPE to Public/DHCP... if the client get online due to a signal issue or something after having been on before, it makes getting into the CPE a nightmare in many situations requiring a reset cable and climb...


Hi Chris -

Sorry, this is not coming in the upcoming release, which is days away.

Would the RADIUS Framed IP, netmask, and gateway work for you?  That automatically enables the Public accessiblity option when the VSA is applied.

We will look at this option for the next release, but I'm assuming from your description that your concern is an SM that leased an IP while online, and then drop ssession and can't get back online, and the lease expires, you are having trouble getting into the device without a default plug at the device.

One thing to remember is that if we are unable to get an IP via DHCP, or renew, we do enable the default IP to be reachable on the local ethernet interface while attempting DHCP.  So, you should be able to get to that interface if you have a situatoin where the server is no longer accessible and the lease has timed out.   So, you should be able to get to it via its DHCP address while the lease is valid (we don't drop the address  just because we drop session), or, if the lease is expired, then the default IP is active for you.

Hope that helps while we look at this request.


I think the real issue is the  Public/Local setting, we st it to public so we can manage the device from WIrelessManager, via the DHCP address, but with it set to public we lose access on the local interface or so i've been told by all my field installers... 

The framed ip swapping to public could probably be a work around but more than a little complicated since our CPE dhcp for network management, and radius for oss/billing arent tied togeher.

The ability to set the mode to public+dhcp from radius, kind of like we set the vlan would be awesome for forcing our client SM's to get a dhcp ip and be accessible from wireless manager... 

An SM is always accessible from the local side when set to either Public/Local unless another configuration item disallows that.  Examples of that would be IP filtering, ethernet disabled (which disables the management interface from being accessed via the physical ethernet interface), VLAN Management enabled, etc.

The main difference between the Public/Local setting is that the management interface will be allowed to send/receive data on the upstream (RF) data path when set to Public.  but it always can send/receive on the downstream (Ethernet) path in either mode.  Youc an think of Local as if we are closing a gate between the management interface and the physical RF interface.

So, if connectivity is lost when setting to public, the quick guesses that come to mind are DHCP putting the IP on a different subnet, or, if you are using VLAN and MVID, then that is enforced when the SM is in session, but is NOT enforced when SM drops session.  In other words, an SM out of session effectivley has VLAN disabled until it goes back into session.

Also, if we do have a full proper DHCP lease, then the IP backup that I mentioned above is not available, so maybe that is also confusing things here.  We only put that IP back on when we are having trouble getting a DHCP lease.

I definitely understand the request, and I was going to suggest configuration file VSA, but that brings in a chicken and egg scenario when you are trying to use the config file to setup the network interface. :)  So we will definitely look at it, just hope to get you by in the meantime.

LOL ya the config vsa was an idea, but as you said, chicken and egg :)

Thanks for clearing up the publicl/local that makes sense, so whats probably happening is the SM has a lease, loses contact with AP, local is active, but it has the new random dhcp ip still not the 169... rebooting the radio.. does it maintain the lease between reboots? because im pretty sure the techs told me after a reboot they still couldn't access it on the 169, but i may be mistaken? You'd think a radio rebooted not online would still load with the 169 even if it had a lease before reboot... I haven't tested it internally only going by what the field tech told me. 

Hi, This feature has been implemented in 14.2 from Build onward, Please refer to Cambium dictionary file for details.