Introduction
This document highlights new features and significant updates in cnMaestro On-Premises. cnMaestro 2.1.0 is a major OVA release, and Cambium recommends all customers update to the latest version. cnMaestro 2.1.0 is the next release after 1.6.3 (there was no official 2.0.0).
The latest releases are the cnMaestro 2.1.0-r22 OVA and the cnMaestro 2.1.0-r23 Package. The Package is only for customers who want to upgrade from cnMaestro 2.1.0-r21.
|
Important: Upgrading from r21 to r23 |
|
The cnMaestro 2.1.0-r23 Package is for customers running the previous 2.1.0-r21 OVA : it provides an easier upgrade. Current 1.6.3 users should only install the cnMaestro 2.1.0-r22 OVA and follow the standard upgrade procedure listed below. Customers blocked importing data from 1.6.3-r39 into 2.1.0-r21 should apply 2.1.0-r23 and then import the data. A list of fixes in 2.1.0-r22/r23 is presented later in this document. |
|
Important |
|
cnMaestro 2.1.0 On-Premises is distributed as an OVA file which requires installation on a new virtual machine. Existing cnMaestro On-Premises users should export their data and import it into cnMaestro 2.1.0. Only data exported from cnMaestro 1.6.3 is supported. The basic steps are defined in the User Guide and consist of: 1. Export Data from current cnMaestro Installation at Application > Server > Operations. 2. Import Data file into the new cnMaestro 2.1.0 installation at Application > Server > Operations. |
|
Important: VMware ESXi |
|
Some customers have seen SHA-256 errors when importing the OVA into older versions of VMware ESXi using the vSphere C# Client. This is due to a security enhancement by VMware, which deprecated the original SHA-1 hash. To resolve, one can do the following: 1. Upgrade VMware to the latest version, which uses SHA-256 by default. 2. Use the ESXi Web Client, instead of the vSphere C# Client. 3. Use OVFTOOL to convert SHA-256 to SHA-1. See this post for details. 4. Convert the OVA manually using a shell script. See this post for details. |
|
Important: Web Browser |
|
You may need to restart your browser (or clear the browser cache with a hard reload) after the 2.1.0 update. |
|
Important: Update Precautions! |
|
This update has significant database changes that require data migration. This process is done in the background, so regular network management operations are not impacted. The migration duration depends on the total number of devices: approximately 30 minutes per 1,000 devices. We recommend limiting UI access during this period, to keep the load down. Devices will otherwise reconnect as normal. Please also do the following: 1. If the Managed Service Provider (MSP) feature is enabled in the current 1.6.3 system, it is mandatory to first apply the latest 1.6.3-r39 package (available at https://support.cambiumnetworks.com/files/cnmaestro/) before exporting the system backup. This package contains a major fix to export MSP related data. 2. Keep the system backup from 1.6.3 in a safe location, in case of unforeseen issues. 3. Export Application > Server > SSL Certificates from the 1.6.3 system and import after upgrading to 2.1.0. This is in addition to the System Backup: certificates are not included and need to be replaced manually. 4. During data migration, the virtual machine must NOT be rebooted or powered off. Also do not start System Backup or Data Report jobs. All subsequent updates after cnMaestro 2.1 will be in-system and not require export/import. |
PTP 650/670/700 Support
cnMaestro supports the following monitoring and management functionalities on PTP 650/670/700 in both Cloud and On-Premises.
|
Feature |
Details |
|
Onboarding |
Onboard PTP devices using MSN or Cambium ID. |
|
Dashboard |
Multiple, distinct dashboards, depending upon whether PTP devices are HCMP enabled (and in master or slave state). |
|
Notifications |
PTP-specific notifications and alarms. |
|
Statistics/Performance |
Device details and performance graphs with the following metrics: channel utilization, throughput, capacity, receive vector error, receive power, receive signal strength ratio, transmit power, link loss, and packet error. |
|
Map |
Visual integration into global map. |
|
Hierarchical Tree |
Full cnMaestro Tree support, with HCMP visibility. |
|
Operations |
Device reboot. |
|
Data Report |
Data reports downloaded and scheduled in On-Premises. |
|
System Integration |
Fully integrated into system-components, such as System/Network/Tower dashboards, inventory, and managed services. |
PTP Dashboard
PTP Performance
Note: Configuration and Image Upgrade should still be performed using the PTP device UI.
cnReach Support
cnMaestro now supports full integration of cnReach devices, including monitoring, configuration, and image upgrade in both Cloud and On-Premises.
|
Feature |
Details |
|
Onboarding |
Onboard all cnReach device types using MSN or Cambium ID. |
|
Dashboard |
cnReach-specific dashboards, including individual dashboards for cnReach Radio 1 and Radio 2. |
|
Notifications |
cnReach notifications and alarms. |
|
Statistics/Performance |
Device details and performance graphs with the following metrics: throughput, RSSI, transmit power, noise, and neighbor count. |
|
Map |
Visual integration into global map. |
|
Hierarchical Tree |
Full integration into the cnMaestro Tree, including deeply-nested cnReach backhaul paths. |
|
Operations |
Device reboot support. |
|
Configuration |
Template-based device configuration. |
|
Software Update |
OS and Radio updates, including bulk software distribution. |
|
Data Report |
Data reports can be downloaded and scheduled in On-Premises. |
|
Tools |
Ping, RF Ping, RF Throughput |
|
System Integration |
Fully integrated into system-components, such as System/Network/Tower dashboards, inventory, managed services. |
cnReach Dashboard
cnReach Performance
cnReach Bulk Software Upgrade
cnReach AP Bulk Software Distribution efficiently copies software to all devices in a VLAN, where it can then be applied.
Email Notification
Email Notification allows Super Administrator and Administrator users to add Subscribers (email addresses) for receiving Alarms.
The Alarm Severity can be filtered by:
- Critical
- Major
- Minor
The content of the email can be either HTML or JSON format. This feature must be enabled globally in Application > Settings.
HTML Email Example
JSON Email Example
Scheduled Software Upgrade
Select a time to apply device software upgrades.
Dashboard Device Health Component
The Dashboard Device Health component has been rewritten to better represent the many device types now supported in cnMaestro.
WLAN Overrides (cnPilot Enterprise)
WLAN details unique to a device, such as SSID, Enabling/Disabling SSID and Passphrase, are now supported as part of Device Overrides. These can be configured in the Device Configuration page at Manage > Configuration, and then selecting the device in the tree to update.
Link Quality Indicator (LQI) for PMP SMs
The LQI statistic indicates if a PMP link is degraded by interference or noise. An LQI of 100% means there is no interference. A value of 90% or higher is considered reasonable. Depending on their environment, operators may differ on what is unacceptable (i.e. 80%, 70%, 60%). The Manage > Statistics table shows the LQI, in downlink and uplink, for every PMP SM. An administrator can sort the table by downlink or uplink to identify the SMs experiencing the most significant degradation. Click on an individual PMP SM Performance tab to view the LQI over the last day or week to correlate degradations to certain periods of time.
Busy Index for PMP APs
This represents the percentage of time during the last week in which a PMP AP is congested -- determined by the frame utilization exceeding 90%. The System and Tower dashboards display a list of the top five busy PMP APs. The Manage > Statistics table shows the Busy Index, in downlink and uplink, for every PMP AP. An administrator can sort the table to identify the most congested APs. Click on an individual PMP AP Performance tab to view the frame utilization over the last day or week to understand when usage tends to be highest.
Bulk Reboot
Bulk reboot is added as part of Actions available on Inventory page.
In-System Upgrade (On-Premises)
Upgrading to new cnMaestro versions post 2.1.0 will not require an Import/Export. Instead, the images can be updated within the current virtual machine.
SSH Access (On-Premises)
SSH can be enabled through the Console to provide network access to the cnMaestro CLI. The system uses password authentication, and it is recommended only for debugging purposes. SSH is enabled in the Console at Maintenance > SSH.
NTP Support (On-Premises)
NTP is enabled by default, and external servers can be added in the Console at Settings > NTP.
CSV Configuration Import (Backhaul Devices)
Global cnMaestro Configuration CSV import is available from the Inventory page at the following levels: System, Network, Managed Account, ePMP or PMP AP devices. This feature is supported only for Access and Backhaul devices (AP and SM).
The following parameters are supported for ePMP/PMP AP devices:
- Latitude
- Longitude
- Height
- Azimuth
- Elevation
The following parameters are supported for ePMP/PMP SM devices:
- Latitude
- Longitude
CSV Example
cnPilot Home WLAN and LAN Statistics
The Wireless LAN Dashboard displays cnPilot Home (R-Series) devices in the Client and Network sections (this functionality is already available for cnPilot Enterprise).
Guest Access Portal Logout
Logout is added to the cnMaestro Guest Access Portal. This feature helps guests use allocated session time more precisely.
For example, if a guest user has a session time of 1 hour, and 1 day as renewal frequency, the user can logout of guest session after 10 min of usage, and the remaining 50 min of session time can be used across different sessions within 1 day (renewal frequency).
- Navigate to Services > Guest Access Portal page and select the respective Guest Portal Name.
- Select Access
- Select Enable Logout functionality for the guest client check box.
- Click Save.
Twitter Support for Guest Login
Support for Twitter is added under Social Login to Guest Access Portals. Now Guest Clients can login using Twitter.
Change Your Password (On-Premises)
cnMaestro users can change their own passwords, irrespective of their role.
IPv6 Networking (On-Premises)
cnMaestro supports both IPv4 and IPv6 networking. The eth0 interface requires IPv4 (for the system IP address and cluster configuration), and optionally IPv6.
API Updates (On-Premises) 
New APIs
|
Path |
Details |
|
Clients API (Section 14.3) |
|
|
/api/v1/devices/{MAC}/clients/summary |
Aggregated data for all Wi-Fi clients |
|
/api/v1/devices/{MAC}/clients/{client MAC}/summary |
Aggregated data for a single client |
|
Devices API (Section 8.2, 8.3, 8.4) |
|
|
/api/v1/devices |
Claim new device |
|
/api/v1/devices/{MAC} |
Update/Delete an existing device |
|
JOBS API (Section 9) |
|
|
/api/v1/jobs/{job_id} |
Configuration job management |
|
/api/v1/jobs/{job_id}/devices |
|
|
Networks API (Section 10.2) |
|
|
/api/v1/networks |
Create new network |
|
Sites API (Section 11.2) |
|
|
/api/v1/networks/{NID}/sites |
Create new site |
|
Towers API (Section 12.2) |
|
|
/api/v1/networks/{NID}/towers |
Create new tower |
Deprecation/Update Notice for Existing APIs
|
Path |
Details |
|
Devices API |
|
|
/api/v1/devices |
- A new property called site_id is added for WiFi Device |
|
Statistics API |
|
|
/api/v1/devices/statistics |
- site_id property is added for WiFi devices only. - Until 1.6.3 rx_bps, tx_bps were returning values in kilobits per sec. In 2.1.0 we changed it to return as bits per second - Until 1.6.3 tx_bytes, rx_bytes were returning values in kilobits. In 2.1.0 tx_bytes, rx_bytes will be sending value as bytes. - session_drops field is deprecated. |
|
Performance API |
|
|
/api/v1/devices/performance |
- Until 1.6.3 rx_bps, tx_bps was returning values in kilobits per sec. In 2.1.0 we changed it to return as bits per second - Until 1.6.3 throughput was returning values in kilobits per sec. In 2.1.0 we changed it to return as bits per second |
|
Sites API |
|
|
/api/v1/networks/{NID}/sites |
- Sites object will contain created_at field denoting site’s creation time. From 2.1.0 this API will accept stop_time and start_time header fields which returns sites created within that period. |
Supported Cambium Products
cnMaestro supports the following Cambium Networks products. The software versions are the minimum required to use cnMaestro (not the recommended versions).
|
Family |
Model |
Version |
|
cnPilot |
cnPilot R200, R200P |
4.2.3-R4 |
|
cnPilot R201, R201P |
4.2.3-R4 |
|
|
cnPilot R190V, R190W |
4.3.2-R4 |
|
|
cnPilot E400/E500 |
2.5.2-r3 |
|
|
cnPilot E410/E430w/E600 |
3.5.2-R4 |
|
|
cnPilot E501S |
3.2.1-r6 |
|
|
cnPilot E502S |
3.2.1-r6 |
|
|
cnPilot E700 |
3.8 |
|
|
ePMP 1000 Hotspot |
ePMP 1000 Hotspot |
2.5.2-r3 |
|
ePMP |
ePMP 1000, Force 180/200 |
2.6.2 |
|
ePMP 2000 |
3.0.1 |
|
|
ePMP Elevate |
3.0.1 |
|
|
ePMP Force 190 |
3.5 |
|
|
ePMP Force 300 |
4.1.1 |
|
|
ePMP PTP 550 |
4.1.1 |
|
|
ePMP 3000 |
4.3.0.1 |
|
|
PMP |
PMP 450i, PMP 450, PMP 450m, PMP 430 SM |
15.0.1 |
|
PTP 450, and PTP 450i |
15.0.1 |
|
|
PTP |
PTP 650 |
01-47 |
|
PTP 670 (650 Emulation) |
01-47 |
|
|
PTP 670, PTP 700 |
02-67 |
|
|
cnReach (Beta) |
N500 |
5.2.17e |
Supported Browsers
cnMaestro supports the following browsers:
|
Platform |
Browser |
Version |
|
Windows |
Internet Explorer |
11 and above |
|
Firefox |
45 and above |
|
|
Chrome |
49 and above |
|
|
MacOS |
Safari |
9 and above |
|
Linux |
Firefox |
45 and above |
|
Chrome |
49 and above |
Significant Fixes
The following issues have been fixed:
|
Id |
Details |
|
CNSSNG-1920 |
Login not working after selecting the user accounts in EDGE browser in Windows 10. |
|
CNSSNG-2222 |
Device name is not present when exported as CSV/PDF. |
|
CNSSNG-3241 |
Not able to export the uptime/downtime data from Inventory/Statistics grid. |
|
CNSSNG-8226 |
PMP/ePMP: Getting upgrade in progress internal error, but the device was upgraded successfully. |
|
CNSSNG-9298 |
Monitor user should be able to export and schedule Reports at all levels. |
|
CNSSNG-9358 |
Moving devices to tower after setting the device location fails. |
|
CNSSNG-10112 |
Job in not started state created from tenant account is not able to start from the global account. |
|
CNSSNG-10107 |
Devices API sort with name and sort with registration_date is not working |
|
CNSSNG-10042 |
BHM/BHS software update broken in 1.6.3. |
|
CNSSNG-9979 |
Scheduled Report issues with devices in MSP accounts. |
|
CNSSNG-8996 |
Distance value for PMP SMs is not displayed. |
|
CNSSNG-8380 |
NAS IP should be cnMaestro Server IP instead of RADIUS Server IP. |
|
CNSSNG-9556 |
PTP550: Devices stuck in onboarding and updating state in production cloud. |
|
CNSSNG-8498 |
PTP550 and Force 300 devices with build 4.1.1 are not sending the software update events to cnMaestro. |
Additional Fixes in cnMaestro 2.1.0-r22
The following updates are in addition to the 2.1.0-r21 release.
|
Id |
Details |
|
CNSSNG-10263 |
Wi-Fi devices are getting hidden in tree when each of them report each other as parent device |
|
CNSSNG-10276 |
After update with 2.1.0-r21 "Towers" and "Sites" are not in alphabetical order |
|
CNSSNG-10287 |
Data migration is failing when 1.6.3-r39 data is imported on 2.1.0-r21 |
|
CNSSNG-10293 |
Tower level Top AP's throughput value is empty |
|
CNSSNG-10300 |
PMP Medusa AP Downlink data is missing in frameutil performance graphs |
|
CNSSNG-10317 |
Auto Provisioning feature is not working for cnPilot R-series. |
|
CNSSNG-10343 |
SM WAN IP is not shown in 2.1.0-r21 version |
|
CNSSNG-10453 |
Fixed UI dashboard freeze issue due to c3 chart |
|
CNSSNG-10472 |
Site floor plan got distorted after migrating data from 1.6.3 to 2.1.0 |
|
CNSSNG-10486 |
Sector not showing due to missing gain in Maps |
Known Issues
The following issues exist:
|
Id |
Issue |
Details |
|
AURA-470 |
Failure to load success page after quick pay authentication |
|
|
AURA-474 |
Error contacting server when clicking on Orange Money button |
|
|
AURA-388 |
WiFi Guest Access does not work with Microsoft Edge Browser |
Guest Access on cnMaestro does not work with Edge browser on cnPilot 1.4.0-r12 with 3.2.1-6 and 1.5.0-r4 with 3.3 beta builds. Workaround: Users need to use supported browsers like Chrome, Firefox, or Internet Explorer (IE) 11. |
|
CNSSNG-4083 |
DHCP errors after cnMaestro Reboot |
When cnMaestro On-Premises is rebooted, after Data Import, sometimes DHCP and Disk Errors are encountered. Workaround: Explicitly run the dhclient command from the Command Line (accessed through the CLI) after reboot to assign the IP address. |
|
RBN-280 |
DHCP Option 15 not working for cnPilot Home |
DHCP Option 15 onboarding is not working for cnPilot Home devices (R-series). These devices cannot use this onboarding mechanism. |
|
CNSSNG-4906 |
Captive Portal Auto Login fails with latest Android devices |
Workaround: Whitelist the URL for Google (*.google.com). |
|
CNSSNG-5365 |
RADIUS Proxy drops packets after retry exhausted |
After RADIUS Proxy Retries are exhausted in cnMaestro On-Premises, all subsequent RADIUS packets are dropped. Workaround: Reboot cnMaestro. |
|
CNSSNG-7626 |
Access token is expired after data migration |
Workaround: User has to generate a new token after the migration. |
|
CNSSNG-7372 |
Auto sync always times out if the device IP changes during auto sync |
|
|
CNSSNG-8304 |
ePMP: “No GPS Sync” or |
ePMP devices are not sending the GPS Sync status events to cnMaestro when GPS Sync is down or there is NO GPS Sync. Also for PMP GPS SYNC events, details shows sync source instead of indicating whether the GPS SYNC source is up or Down. |
|
CNSSNG-10223 |
MSP images not imported on server when exported in 1.6.3 and imported in 2.1.0 |
Workaround: Customers need to apply 1.6.3-r39 build and then import the data to 2.1.0 |
|
CNSSNG-10189 |
cnReach performance reports do not have throughput values for radios |
|
|
CNSSNG-10145 |
Certificate exports are not part of Data Backup and restore |
Certificates must be exported manually. |
|
CNSSNG-10187 |
While Migration is happening moving or deleting a device from the Managed account will mark all the events and alarms as undefined once migration is completed |
