Beacons
Beacons
Wireless
Client
C:\>
ipconfig
Windows IP Configuration
Ethernet adapter Wireless
Network Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . : 1.1.1.2
Subnet Mask . . . . . : 255.255.255.0
Default Gateway . . . : 1.1.1.1
C:\>
telnet 1.1.1.1
Aerohive QuickStart
for the HiveAP 320
This QuickStart guide explains how to set up a HiveAP 320 as either a managed HiveAP or as a
management AP, and how to mount it on a ceiling or wall.
Switch
DHCP
Server
Firewall
Internet
Some other network devices (They
might all be incorporated in the same
device, such as a router or firewall.)
1
Ethernet
Cable
2
If the switch provides
PoE (Power-over-
Ethernet), cabling the
HiveAP to the switch
will cause the HiveAP
to power on in a few
seconds.
If the switch does not
provide PoE, use the
AC/DC power adaptor
(available as an
accessory) to connect
the HiveAP to a 100-
240 AC power source.
Eth0
Connect a standard Ethernet
cable with RJ-45 connectors
from ETH0 on the HiveAP 320
to a switch.
Connecting to HiveManager
3
P/N 330024-03 Rev. A
Using the Virtual Access Console
Using your wireless client,
scan for wireless networks.
If you are within range, an
SSID such as "AH-123456_ac"
appears.
Select it, and when
prompted to enter a
network key, type
aerohive
and then click
Connect
.
4
5
Check the IP address of the
default gateway that the
DHCP server on the HiveAP
assigned your client. Then
make an SSH or
Telnet connection
to the HiveAP at that IP
address. When prompted to
enter your credentials, enter
the default Aerohive login name
(
admin
) and password (
aerohive
).
Status LEDs
The five status LEDs on the top of the HiveAP 320 indicate various states of activity
through their color (dark, green, amber, and red) and illumination patterns (steady
glow or pulsing). The meanings of the various color + illumination patterns for each
LED are explained below.
Power
•
Dark: No power
• Steady green: Powered on and the firmware is running normally
•
Pulsing green: Firmware is booting up
•
Steady amber: Firmware is being updated
• Pulsing amber: Alarm indicating a firmware issue has occurred
•
Steady red: Alarm indicating a hardware issue has occurred
ETH0 and ETH1
•
Dark: Ethernet link is down or disabled
•
Steady green: 1000 Mbps Ethernet link is up but inactive
•
Pulsing green: 1000 Mbps Ethernet link is up and active
•
Steady amber: 10/100 Mbps Ethernet link is up but inactive
•
Pulsing amber: 10/100 Mbps Ethernet link is up and active
WLAN 0 and WLAN 1
•
Dark: Wireless interface is disabled
•
Steady green: Wireless interface is in access mode but inactive
•
Pulsing green: Wireless interface is in access mode and active
•
Steady amber: Wireless interface is in backhaul mode but inactive
•
Pulsing amber: Wireless interface is in backhaul mode and is connected with other
hive members
•
Alternating green and amber: Wireless interface is in backhaul mode and is
searching for other hive members
6
After logging in to the virtual access console, you can view the status of various
functions and make configuration changes. Here are some commonly used commands.
Use these commands:
To do the following:
show interface
Check the status of both wired and
wireless interfaces
show interface mgt0
See the network settings (IP address,
netmask, default gateway) and VLAN ID
of the mgt0 interface
no interface mgt0 dhcp client
Disable the DHCP client
interface mgt0 ip <ip_addr>
<netmask>
Set the IP address and netmask of the
mgt0 interface
interface mgt0 native-vlan <id>
Set the native (untagged) VLAN that the
switch infrastructure in the surrounding
wired and wireless network uses
show capwap client
See CAPWAP client settings and status
capwap client server name
<string>
Set the IP address or domain name of the
CAPWAP server (HiveManager)
capwap client vhm-name <string>
Set the VHM (virtual HiveManager) to
which the client belongs
show hive
See the hive name
show hive <string> neighbor
Check for any neighboring hive members
hive <string> ...
Create a hive and set its parameters
show ssid
See a list of all SSID names
ssid <string> ...
Configure an SSID
interface { wifi0 | wifi1 } ssid
<string>
Bind an SSID to a wireless interface in
access mode
To see a list of commands, and their accompanying CLI Help, type a question mark ( ? ).
For example, to see all the show commands, enter
show ?
If you want to find a command that uses a particular character or string of characters,
you can do a search using the following command:
show cmds | include
<string>,
where
<string>
is the word or string of characters you want to find.
Device- and platform-specific CLI reference guides are available online. (To learn how
to access them, see "Where to go for more information" elsewhere in this document.)
As explained in the previous section, after connecting a HiveAP to the network and powering
it on, it acts as a DHCP client and tries to get its network settings automatically from a DHCP
server in VLAN 1. However, if there is no DHCP server in that VLAN, if the native VLAN for the
network segment is not 1, or if you just want to assign it a static IP address, then you need to
access the CLI and define the network settings yourself.
One approach is to use a console cable, which is available from Aerohive as an accessory.
Another is to use the virtual access console. This is a way of accessing the CLI on a HiveAP
wirelessly through a special SSID that the HiveAP, by default, automatically activates for
administrative access when it has no configuration and cannot reach its default gateway.
The default virtual access console SSID name is “<hiveap-hostname>_ac”. The default host
name of a HiveAP consists of "AH-" plus the last six digits of its MAC address; for example,
AH-123456. In this case, the name of the default virtual access console SSID would be "AH-
123456_ac". By default, this SSID uses
aerohive
as the PSK (preshared key) for authenticating
user access. To access the virtual access console, do the following:
Cable the HiveAP to an Ethernet network—a HiveAP connected directly to the network like
this is called a portal—or place it within radio range of a portal so that it forms a wireless
link through the portal to the wired network. This kind of HiveAP is called a mesh point. By
default, a HiveAP acts as a DHCP client and gets its network settings automatically from a
DHCP server. (You can also configure it with static network settings through the CLI. See the
next section, "Using the Virtual Access Console".)
CAPWAP (Control and Provisioning of Wireless Access Points) is a protocol that access points
use to contact a management device and communicate with it. After getting its network
settings through DHCP, the HiveAP then acts as a CAPWAP client and sends CAPWAP Discovery
messages until HiveManager, acting as the CAPWAP server, responds. A mesh point initially
forms a hive with its portal using a default hive called hive0. Through this link, the mesh
point can reach the network and get its network settings from the DHCP server. Then it can
form a CAPWAP connection with HiveManager. (To add mesh points after changing the hive
name, first connect them to the wired network. Next, push the configuration with the new
hive name and password to them from HiveManager. Finally, deploy them as mesh points.)
When a HiveAP goes online for the first time without any specific CAPWAP server
configuration entered manually or received as a DHCP option, it progresses through the cycle
of CAPWAP connection attempts shown below.
The HiveAP tries to
connect to HiveManager
using the default domain
name hivemanager.<local_
domain>, where “<local_
domain>” is the domain
name that a DHCP server
supplied to the HiveAP.
If a DNS server has been
configured with an A
record to resolve that
domain name to an IP
address, the HiveAP
and HiveManager then
form a secure CAPWAP
connection.
If the DNS server cannot
resolve the domain
name to an IP address,
the HiveAP broadcasts
CAPWAP Discovery
messages on its local
subnet for a CAPWAP
server (HiveManager).
If HiveManager is on
the local network
and responds, they
form a secure CAPWAP
connection.
If the first two
searches for a local
HiveManager produce
no results, the HiveAP
broadens its search and tries to
contact HiveManager Online at staging.
aerohive.com:12222. If the staging server
has a serial number or MAC address for
that HiveAP, it responds and they form a
secure CAPWAP connection.
If the HiveAP cannot
make a CAPWAP
connection to HiveManager
Online using UDP port 12222,
it tries to reach it by using TCP port 80:
staging.aerohive.com:80. If that proves
unsuccessful, the HiveAP returns to its
initial search through a DNS lookup and
repeats the cycle.
HiveManager
or
HiveManager Virtual
Appliance
HiveManager
Online
a
b
c
d
If the HiveAP forms a CAPWAP connection with the staging server and its serial number or MAC
address has been assigned to a VHM (virtual HiveManager) and that VHM has already been
created, the staging server automatically redirects the CAPWAP connection to that VHM. The
staging server does this by sending the HiveAP the VHM domain name as its new CAPWAP server.
If the HiveAP is currently using HTTP, the staging server also sends it the configuration needed
to continue using HTTP. Finally, if the HiveAP is accessing the network through an HTTP proxy
server, the staging server also saves those settings on the HiveAP so that it can reach the VHM
using HTTP through the HTTP proxy server.
If the serial number or MAC address is in the staging server but the VHM has not yet been
created, then the HiveAP remains connected to the staging server. The VHM admin must
manually reassign it to a VHM later after the VHM has been created.
If the staging server does not have the serial number or MAC address of the HiveAP, then an
ACL (access control list) on the staging server ignores the CAPWAP connection attempt, and the
HiveAP repeats the cycle shown above.
