We have our APs and SMs on different subnets, and cnMaestro only appears to support using a single IP.
Can this be changed? I'd rather have one server able to access both subnets through two separate IPs than have one server for APs and a second for SMs.
Yes you manage the AP and SM if they are in different subnet. All you have to make sure is that the cnMaestro has rechability to the AP, SM and vice versa so that you can manage.
I hope this helps for you scenario.
Where are you running into a problem? Are you using cnMaestro on-premises or cloud?
We run on-premises and have APs and SMs on the same subnet, but a different subnet for each tower and technology. (E.G. we have 10.12.0.0/16 routing to a tower with two 10.12.x.0/24 subnets for ePMP - 5ghz and 2ghz) We just chose long ago to put APs at .3 through .20 on a given /24 subnet, SMs from .23 to .253.
As long as the radios have a working route to the cnMaestro server there shouldn't be a problem. If you have all APs in one subnet and all SMs in another and they all share a local network segment with a cnMaestro on premises server then you'll have handle routing/natting for one or both of the two subnets, or 'tweak' the cnMaestro on-premises underlying OS to have two IPs. (certainly the Os and the interfaces support it, you just need to get it set up to use it - like adding a couple commands to /etc/rc.local to add a second IP, like "/sbin/ip a a 10.12.10.1/24 dev eth0")
We too use different subnets for SMs, backhauls, and APs. cnMaestro has been working with all of them nicely. Just make sure that your subnets are properly routed and reachable by your cnMaestro management network.
Our subnets are too disparate to be accessible from a single IP without using a 0.0.0.0 subnet mask.
I nano'd /etc/network/interfaces to add a second IP, and it does seem to be working fine.
I'm surprised I was able to do so. I expected the Cambium user to not have root access to make the system more secure.
If all you need is a handful or less subnets you can get away with adding the IPs on the server/appliance.
But the "right way" (and the only sane way if you've dozens or more subnets) would be to handle it all at a gateway router for the server - put the server on one subnet, and its gateway on that subnet handles routing (and NATting if necessary) to reach all the necessary radio subnets. You CAN stick a hundred IPs on the server's ethernet, it's just not IMHO the best answer.
In our case, cnMaestro lives in the NOC on our public server IP block, while all our radios are on 10.a.b.c/24 - with a=tower and b=tech - a total of about 40 routers across the network handling the routing of all admin/monitoring and customer traffic, typically one router at each tower. (so 10.12.0.0/16 routes to WJSG FM tower's router, which has 10.12.10.1/24, 10.12.12.1/24, etc plus DHCP servers and what-not) This arrangement tends to be forward-compatible with adding new towers fed from existing towers, adding new tech to a given tower, changing BH points, etc.
Our two subnets are in the 10.x range and the 172.x range. Each is a relatively small subnet, so I only needed a second IP to reach both.
What you suggest isn't possible in our case, for reasons I can't really get into.
Fair enough. Glad you got it working.
I also nano'd /etc/network/interfaces to add a second IP and it was working until I updated to 1.6.2. After that I can ping the second IP while the server is booting, but once it gets to the login screen on the VM, it just stops pinging and now my devices in that subnet show as offline. By default the UFW is off and I verified that it is still off. Have you run into the same? Any idea what might be causing this? Also, while the server is shutting down, the second IP starts pinging again untill the network connection closes.
did you add any routes previouly? Please can you send me a private message with the details?