Manage devices on multiple segments without routing

I have a need to manage my cnPilot APs on multiple IP segments without routing in cnMaestro on prem. I don’t want to route because of security concerns; I need to keep these segments isolated from each other.

I noticed that you can add a second NIC, ETH1, to the cnMaestro VM. I did so, and configured it appropriately, and it worked fine until a reboot, and then I could no longer access the cnMaestro web interface. It seems the purpose of multiple interfaces might be for HA purposes, but I’m not certain (is there documentation on this? I’ve not been able to find it).

I also followed this thread cnMaestro and multihoming to configure it on a single interface using VLANs. This configuration didn’t stick across a reboot.

Is there a way to have multiple IP segments directly terminated into cnMaestro on prem?

Hi, we use the configuration in the linked article. What I forgot to include in that post update is how to make the config stick (I will edit it).

From the command line:

# Makes the file immutable
chattr +i interfaces

# To edit the file again:
chattr -i interfaces

This allows the config to persist across reboots.

2 Likes

That’s what I needed. Thank you very much! Very nice solution!

1 Like