I'm having troulbe configuring my first station with a management IP address. I've been able to change from the default IP of 192.168.0.1 on all 4 of my epmp connectorized sync radios (APs). I set my management VLAN ID to 4 and then set an IP address within our 10.11.4.0/22 subnet using a subnet mask of 255.255.252.0. This works just fine on the access points. But when I do the same thing on the first station I'm attempting to configure, the radio is inaccessible via its management IP. I've tried three different epmp integrated radios and had to factory default all of them two or three times already because of this. What am I missing?
I'm convinced this is a bug. Here is why. Using a epmp1000 5Ghz integrated radio, I was able to first login when it had its default IP of 192.168.0.2 address. I proceeded to change the radio configuration from "subscriber" to "access point". Then I was SUCCESSFUL in setting the management VLAN to 4 and assiging the IP of 10.11.4.123/22. Here is where the bug sets in. If you change the radio configuration back to "subscriber", you lose access to the unit and there is no way to regain access other than to factory default it!
Are you trying to access the management interface from the LAN side or wireless side of the SM? When you enable management VLAN, you cannot access the management interface from the LAN side when the ePMP radio is in SM mode. You can access it from the Wireless side. On the AP, you can access it from the LAN side.
You are correct. I am losing access to the management IP via the LAN NIC. But I don't understand why you would allow such a catch-22 situation to occur? My normal routine would be to set the management IP in order to continue configuring the device. For example, I have not yet joined the subscriber station to an AP yet, so I have no way of doing so once I lose access via the LAN NIC on the radio.
Also consider that I can access the management IP just fine if it is on the LAN NIC and NOT on a tagged VLAN. I have successfully configured SAF and UBNT radios in this way and I can continue to manage the devices on the LAN NIC without having registered with an AP on the other end (or the other end of a PTP link as with the SAF).
The reason behind not allowing access to the management interface when managment VLAN is enabled is for security. An SM is typically installed in a customer premise and it is meant to prevent the end customer from accessing the SM once the operator (you) has decided to seperate management traffic from regular user traffic using a management VLAN. We have heard from customers on both sides i.e. lock out the management interface form the SM's LAN side when mgmt VLAN is enabled as well as allowing access (which is your case). We implemented the more conservative scenario. Having said that, we are going to make an enhancement in a near future release where this will be made configurable from the SM GUI. You will be able to enable/disable management access from the SM's LAN side when management VLAN is enabled.
Lastly, regardless of the VLAN configuration, the management interface should be accessible through the Fallback IP of 169.254.1.1 from the LAN side of the SM. Hopefully that helps complete your configuration before connecting to an AP.
Thanks for the tip to use the fallback IP. I didn't consider that. I'm also happy to hear the feature will be part of a future release. Earlier today, I also was experimenting with a point to point link using two integrated radios, and the results were the same. On the end of the PTP link that was set as the subscriber, I could not access the management IP on a VLAN on the LAN NIC. That begs the question...is there really a transparent layer 2 bridge such that my management VLAN 4 will be accessible to additonal SMs "behind" the PTP link? Do I have to declare all the member VLANs that pass over the layer 2 bridge? I recall the GUI would not let me declare VLAN 4 as both a management VLAN as well as a member VLAN.