Can't access radios using management IP

SM in wifi mode, NAT, with PPPoE authentication and DMZ enabled.

It used to be in order to access the radio while DMZ was enabled, we had to turn on the management IP.

We have recently installed some new radios on an old sector using wifi. In one case I can't access the radio at all using either the pppoe address, or the managment. We disabled managment and we can now access it via the PPPoE IP. What I think is weird is I can't ping that IP address, and there doesn't seem to be a check box to allow that (or disable it)

I have another site that we can ping both, but can't access the radio with either IP address. Both I think are on 3.2.

It's very strange, and I can't tell if it's a wifi thing or something else. Normal customers (UBNT) work, and so do these radio for the customer they are attached to. It's just our ability to manage them that isn't working...

its a known issue on 3.2, its listed in the release notes.

Yep, I see that now.

Good for them to release a firmware that breaks remote access.

Nice job Cambium.

Maybe you should pull that release, ya think??


@Tristan wrote:

Yep, I see that now.

Good for them to release a firmware that breaks remote access.

Nice job Cambium.

Maybe you should pull that release, ya think??


The 3.2 release has a LOT of new support for thats extremely helpful.    we won't be widely deploying 3.2 because of this bug, but cambium did take the time to let us know about it before widely using it.   

we have used it to convert ubnt completely busted hardware into good running smooth equipment. if waiting for the management vlan to get fixed is the only major issue with the initial release, i'm happy.   i'm sure they will have it fixed soon in 3.2.1 or what ever number is next.

I look forward to using the new elevate feature for sure.

My issue Is I was told a long time ago I had to waste my time and make a dedicated managment IP subnet when using PPPoE and DMZ to be able to use CNMaestro. So I did.

Now, if I upgrade, I loose connectivity to all of my radios. I'm glad we caught that long before a mass upgrade or something.  Point is, you don't release something that you know cripples managment or over the air management for sure. That's a LOT of truck rolls for the average joe, who wouldn't even fathom releasing something like that in to the wild.

Shame on them.

Sorry for inconveniences we are doing our best to provide fix in 3.2.1 Release as soon as possible.

Please note Management interface issue is relevant only for specific network topology and specific configuration.

Please try to reach Management Interface from same with ePMP device broadcast domain as temporal workaround.

Thank you.

That is of no help with a fully routed network.

Thanks.

for now to restore your access,

SSH to that radios nearest router,  then SSH to the radios management IP (it will work when your local to the radio) and send the commands 

config set mgmVLANEnable 0

config save

config commit

your radio will disconnect and reconnect and take management commands via the WAN interface when you need to get them. 

I'd leave your management access burried until you need in or ready to update to the fixed firm. 

We didn't use VLANs in the first place.

The radios are broken essentially unless we visit them locally the best I can figure..

I havn't updated every radio, so  it only caught us on a couple new installations.