Connected devices should be isolated (as recommended under Device Configuration) on a management network that is separate from the production network and from the public network. With the recommended configuration, the OnBoard appliance administrator must create at least one private subnet for communicating with connected devices. The administrator must then assign to each connected device the following two address-related parameters:
If a device is not assigned a private subnet, the OnBoard appliance attempts to contact the device using the default route, which cannot work unless the device is connected to a network on the public side of the OnBoard appliance.