Aerohive HiveAP 320 User manual
Beacons
Beacons
Wireless
Client
C:\>ipcong
Windows IP Conguration
Ethernet adapter Wireless
Network Connection:
Connection-specic DNS Sufx . :
IP Address. . . . . . : 1.1.1.2
Subnet Mask . . . . . : 255.255.255.0
Default Gateway . . . : 1.1.1.1
C:\>telnet 1.1.1.1
Aerohive QuickStart
for the HiveAP 320
This QuickStart guide explains how to set up a HiveAP 320 as either a managed HiveAP or as a
management AP, and how to mount it on a ceiling or wall.
Switch
DHCP
Server
Firewall
Internet
Some other network devices (They
might all be incorporated in the same
device, such as a router or rewall.)
1
Ethernet
Cable
2If the switch provides
PoE (Power-over-
Ethernet), cabling the
HiveAP to the switch
will cause the HiveAP
to power on in a few
seconds.
If the switch does not
provide PoE, use the
AC/DC power adaptor
(available as an
accessory) to connect
the HiveAP to a 100-
240 AC power source.
Eth0
Connect a standard Ethernet
cable with RJ-45 connectors
from ETH0 on the HiveAP 320
to a switch.
Connecting to HiveManager
3
P/N 330024-04 Rev. A
Using the Virtual Access Console
Using your wireless client,
scan for wireless networks.
If you are within range, an
SSID such as "AH-123456_ac"
appears.
Select it, and when
prompted to enter a
network key, type aerohive
and then click Connect.
4
5Check the IP address of the
default gateway that the
DHCP server on the HiveAP
assigned your client. Then
make an SSH or
Telnet connection
to the HiveAP at that IP
address. When prompted to
enter your credentials, enter
the default Aerohive login name
(admin) and password (aerohive).
Status LEDs
The ve status LEDs on the top of the HiveAP 320 indicate various states of activity
through their color (dark, green, amber, and red) and illumination patterns (steady
glow or pulsing). The meanings of the various color + illumination patterns for each
LED are explained below.
Power
• Dark: No power
• Steady green: Powered on and the rmware is running normally
• Pulsing green: Firmware is booting up
• Steady amber: Firmware is being updated
• Pulsing amber: Alarm indicating a rmware issue has occurred
• Steady red: Alarm indicating a hardware issue has occurred
ETH0 and ETH1
• Dark: Ethernet link is down or disabled
• Steady green: 1000 Mbps Ethernet link is up but inactive
• Pulsing green: 1000 Mbps Ethernet link is up and active
• Steady amber: 10/100 Mbps Ethernet link is up but inactive
• Pulsing amber: 10/100 Mbps Ethernet link is up and active
WLAN 0 and WLAN 1
• Dark: Wireless interface is disabled
• Steady green: Wireless interface is in access mode but inactive
• Pulsing green: Wireless interface is in access mode and active
• Steady amber: Wireless interface is in backhaul mode but inactive
• Pulsing amber: Wireless interface is in backhaul mode and is connected with other
hive members
• Alternating green and amber: Wireless interface is in backhaul mode and is
searching for other hive members
6After logging in to the virtual access console, you can view the status of various
functions and make conguration changes. Here are some commonly used commands.
Use these commands: To do the following:
show interface Check the status of both wired and
wireless interfaces
show interface mgt0 See the network settings (IP address,
netmask, default gateway) and VLAN ID
of the mgt0 interface
no interface mgt0 dhcp client Disable the DHCP client
interface mgt0 ip <ip_addr>
<netmask>
Set the IP address and netmask of the
mgt0 interface
interface mgt0 native-vlan <id> Set the native (untagged) VLAN that the
switch infrastructure in the surrounding
wired and wireless network uses
show capwap client See CAPWAP client settings and status
capwap client server name
<string>
Set the IP address or domain name of the
CAPWAP server (HiveManager)
capwap client vhm-name <string> Set the VHM (virtual HiveManager) to
which the client belongs
show hive See the hive name
show hive <string> neighbor Check for any neighboring hive members
hive <string> ... Create a hive and set its parameters
show ssid See a list of all SSID names
ssid <string> ... Congure an SSID
interface { wi0 | wi1 } ssid
<string>
Bind an SSID to a wireless interface in
access mode
To see a list of commands, and their accompanying CLI Help, type a question mark ( ? ).
For example, to see all the show commands, enter show ?
If you want to nd a command that uses a particular character or string of characters,
you can do a search using the following command: show cmds | include
<string>, where <string> is the word or string of characters you want to nd.
Device- and platform-specic CLI reference guides are available online. (To learn how
to access them, see "Where to go for more information" elsewhere in this document.)
As explained in the previous section, after connecting a HiveAP to the network and powering
it on, it acts as a DHCP client and tries to get its network settings automatically from a DHCP
server in VLAN 1. However, if there is no DHCP server in that VLAN, if the native VLAN for the
network segment is not 1, or if you just want to assign it a static IP address, then you need to
access the CLI and dene the network settings yourself.
One approach is to use a console cable, which is available from Aerohive as an accessory.
Another is to use the virtual access console. This is a way of accessing the CLI on a HiveAP
wirelessly through a special SSID that the HiveAP, by default, automatically activates for
administrative access when it has no conguration and cannot reach its default gateway.
The default virtual access console SSID name is “<hiveap-hostname>_ac”. The default host
name of a HiveAP consists of "AH-" plus the last six digits of its MAC address; for example,
AH-123456. In this case, the name of the default virtual access console SSID would be "AH-
123456_ac". By default, this SSID uses aerohive as the PSK (preshared key) for authenticating
user access. To access the virtual access console, do the following:
Cable the HiveAP to an Ethernet network—a HiveAP connected directly to the network like
this is called a portal—or place it within radio range of a portal so that it forms a wireless
link through the portal to the wired network. This kind of HiveAP is called a mesh point. By
default, a HiveAP acts as a DHCP client and gets its network settings automatically from a
DHCP server. (You can also congure it with static network settings through the CLI. See the
next section, "Using the Virtual Access Console".)
CAPWAP (Control and Provisioning of Wireless Access Points) is a protocol that access points
use to contact a management device and communicate with it. After getting its network
settings through DHCP, the HiveAP then acts as a CAPWAP client and sends CAPWAP Discovery
messages until HiveManager, acting as the CAPWAP server, responds. A mesh point initially
forms a hive with its portal using a default hive called hive0. Through this link, the mesh
point can reach the network and get its network settings from the DHCP server. Then it can
form a CAPWAP connection with HiveManager. (To add mesh points after changing the hive
name, rst connect them to the wired network. Next, push the conguration with the new
hive name and password to them from HiveManager. Finally, deploy them as mesh points.)
When a HiveAP goes online for the rst time without any specic CAPWAP server
conguration entered manually or received as a DHCP option, it progresses through the cycle
of CAPWAP connection attempts shown below.
If the HiveAP forms a CAPWAP connection with the staging server and its serial number or MAC
address has been assigned to a previously created VHM, to a physical HiveManager appliance,
or to a HiveManager Virtual Appliance, the staging server automatically redirects the CAPWAP
connection to that HiveManager instance. The staging server does this by sending the HiveAP
the HiveManager domain name or IP address as its new CAPWAP server. If the HiveAP is currently
using HTTP and it will be redirected to a HiveManager Online VHM, the staging server also
sends it the conguration needed to continue using HTTP. Similarly, if the HiveAP is accessing
the network through an HTTP proxy server, the staging server also saves those settings on the
HiveAP so it can reach the HiveManager Online VHM using HTTP through the HTTP proxy server.
If the staging server must redirect the HiveAP to a standalone HiveManager appliance or
HiveManager Virtual Appliance, then you must congure the connection settings on the staging
server that you want it to push to the HiveAP to make that connection. The HiveAP rst uses
whatever settings are congured on it to reach the staging server, which might be on the other
side of an HTTP proxy server or rewall that only permits outbound HTTP trafc. Then the
staging server might supply it with different settings so that the HiveAP can reach a standalone
HiveManager instance, which might be on the same side of the HTTP proxy server or rewall as
the HiveAP and therefore require different connection parameters.
If the HiveAP serial number or MAC address is in the staging server but the VHM has not yet been
created or the connection settings of the standalone HiveManager has not yet been congured
on the staging server, then the HiveAP remains in the staging server. The HiveManager admin
must manually reassign it to the appropriate HiveManager later.
If the staging server does not have the HiveAP serial number or MAC address, then the ACL
on the staging server ignores the CAPWAP connection attempts, and the HiveAP repeats the
connection cycle shown above.
(a) The HiveAP tries to
connect to HiveManager
using the default domain
name "hivemanager.
<local_domain>:
12222", where
<local_domain> is the
domain name that a
DHCP server supplied
to the HiveAP and
12222 is the UDP port
number. If a DNS server
has been congured
to resolve that domain
name to an IP address, the
HiveAP and HiveManager
then form a secure CAPWAP
connection on port 12222.
If the HiveAP cannot make a
CAPWAP connection to HiveManager
on port 12222, it tries to reach it by
using TCP port 80: hivemanager.<local_
domain>:80.
(b) If the DNS server cannot
resolve the domain
name to an IP address,
the HiveAP broadcasts
CAPWAP Discovery
messages on its local
subnet. If HiveManager
is on the local network
and responds, they
form a secure CAPWAP
connection.
(c) If the rst two
searches for a local
HiveManager produce no
results, the HiveAP tries
to contact HiveManager
Online at staging.aerohive.
com:12222. If the staging server
has a serial number or MAC address
for that HiveAP in its ACL (access
control list), it responds and they form a
secure CAPWAP connection. If the HiveAP cannot
make a CAPWAP connection to HiveManager Online
on UDP port 12222, it tries to reach it on TCP port 80. If
that proves unsuccessful, the HiveAP returns to its initial
search through a DNS lookup and repeats the cycle.
HiveManager
or
HiveManager Virtual
Appliance
HiveManager Online
ab
c
©2010 Aerohive Networks, Inc.
Aerohive®and HiveAP®are U.S. registered
trademarks of Aerohive Networks, Inc.
P/N 330024-04 Rev. A
Using the mounting plate and track clips, you can mount the HiveAP 320 to the tracks of a
dropped ceiling grid. Using just the mounting plate, you can mount the HiveAP to any at surface
that can support its weight (2 lb., 0.9 kg). Both mounting options are explained below.
Mounting the HiveAP 320
Note: In addition to these methods, you can also mount the HiveAP 320 on a table using the
set of four rubber feet that ship with the product. Simply peel the rubber feet off the
adhesive sheet and press them against the underside of the HiveAP in its four corners.
To mount the HiveAP 320 to a standard 1"-wide (2.54 cm) track in a dropped ceiling, you need the
mounting plate, two track clips, and two Keps nuts, all of which ship with the HiveAP 320. You
also need a screwdriver and—most likely—a ladder. For narrower tracks that are 1/2" to 9/16" wide
(1.27 - 1.43 cm), use the clips available separately in the AH-ACC-9-16-CLIP-KIT accessory.
Track Clips
a
Insert the screws through
the mounting plate and
thread them into the track
clips, fastening the clips
loosely to the plate.
Note: The mounting plate is depicted as
transparent to show the position
of the two screws below the holes
in the plate.
b
Adjust the track clips so
that their tabs can pass
on either side of a ceiling
track.
c
Ceiling Track
Press the clips against the
ceiling track and swivel
them until they snap into
place, gripping the edges
of the track.
1
When you have the mounting plate in the correct location, cut or drill a hole in the ceiling
through which you can then pass the Ethernet and power cables. Pass the cables through the
hole and attach them to the HiveAP 320, leaving some slack so that you can easily maneuver
the HiveAP into place, attaching it to the mounting plate.
Note: For clarity, the power and Ethernet cables are not shown in the illustration.
2
Nudge the ceiling tiles slightly away from the track to clear some space Attach the
track clips and mounting plate to the ceiling track.
Snap! Snap!
Push HiveAP
With the HiveAP 320 upside down, align the round tab and security screw hole extension
on the mounting plate with the keyhole opening and security screw cavity on the HiveAP
320, and press the HiveAP upward.
3Pushing from the LED end of the HiveAP, slide it
toward the bottom end of the plate until the two
rippled tabs on the mounting plate snap over the
nubs on the underside of the HiveAP.
When done, adjust the ceiling tiles back into their former position.
You can use the mounting plate to attach the HiveAP 320 to any surface that supports its weight,
and to which you can screw or nail the plate. First, mount the plate to the surface. Then, through
the large opening in the lower part of the plate, make a hole in the wall so that you can pass the
cables through to the HiveAP.
Finally, attach the device to the plate, and connect the cables.
Orient the mounting plate as shown and
attach it to a secure object such as a
wall, post, or beam. Use #6 screws.
Cut or drill a hole through the large space
near the bottom of the mounting plate to
pass the cables through to the HiveAP 320.
Insert the tabs on the mounting plate into
the slots on the underside of the HiveAP
320. Then push the HiveAP 320 downward
to lock it in place.
Connect the cables to the HiveAP 320.
Depending on how the device is powered
and how it connects to the network,
connect a power cable and one or two
Ethernet cables.
Note: There are various holes through which you can screw or nail the plate in place. Choose
the two or three that best suit the object to which you are attaching it.
Note: BecauseEthernetcablestsnuglyintheETH0andETH1ports,trytousecablesthat
do not have protective boots over their connectors.
1
Mount the HiveAP 320 on a wall as explained below.
If you do not pass the cables through a hole, you can run them along the wall between the wall
and the mounting plate. To create space for the cables, attach the rubber feet to the mounting
plate before attaching it to the wall.
(side view)
HiveAP 320
Mounting
Plate
wall
(side view)
Rubber Feet
Cables
side of wall
HiveAP 320
Mounting Plate
Attach the four rubber feet here.
Run all the cables between
the mounting plate and
the wall before fastening
the plate in place with the
screws. The rubber feet
provide clearance for the
cables to pass.
Connect the cables to the
ETH0 and ETH1 ports and
power connector.
Attach the HiveAP 320 to
the mounting plate.
2
3
4
1
2
3
4
Locking the HiveAP 320
To lock the HiveAP 320 to the mounting plate, use the security screw, which is included in the
mounting kit. You also need a Torx tri-wing torsion insert bit for size #1 tri-wing security screws
and a screw driver that will accept the bit. The correct bits are available from Aerohive in sets
of three (AH-ACC-SEC-BIT-3PK).
Security Screw
Insert the security screw through the hole
in the HiveAP 320 and begin to thread it
into the hole in the mounting plate.
1
With the insert bit in a screw driver,
tighten the screw into place, securing the
HiveAP to the mounting plate.
2
Screws
(
below
mounting
plate)
Mounting Plate
(with track clips attached)
Ceiling Mount
Surface Mount
Technical Documentation
Aerohive provides various technical documents for its products. For information about CLI
commands, see the CLI reference guides available in HTML format. For information about
HiveManager and HiveAP hardware and software topics, see the Aerohive Deployment Guide
(PDF). The deployment guide contains information about HiveAPs and HiveManager appliances,
WLAN deployment considerations, and detailed conguration instructions for commonly used
features. For instructions about setting up a HiveAP to manage other HiveAPs through the
HiveUI, see the Aerohive QuickStart: HiveAP as a Management AP (PDF). To access Aerohive
product documentation, visit www.aerohive.com/techdocs.
HiveManager Help System
The HiveManager Help system contains a wealth of information about all the features you can
congure through HiveManager. To access it, click the Help icon in the upper right corner off
the GUI. A Help topic that pertains to the currently active GUI page appears. To see other Help
topics, use the table of contents to browse the system or the search tool to nd information
about a specic subject.
Support Site
Access technical support services, documentation, and software at www.aerohive.com/
support/login.html. After submitting an account registration, you will be sent a user name and
password to enter when logging in. You can contact Support for assistance through the web
Training
Aerohive offers courses covering the Aerohive cooperative control concepts, the installation
and conguration of Aerohive products, and how to troubleshoot issues and optimize
performance. For more information, visit www.aerohive.com/support/training.html.
Aerohive also offers CBT (computer-based training) modules. CBTs are online ash tutorials
that explain Aerohive concepts and walk you through conguration procedures step by step.
You can use CBTs to familiarize yourself with the HiveManager GUI and learn how to congure
HiveAPs. Aerohive CBTs are available for free online at www.aerohive.com/techdocs.
Where to go for more information
The following are some tips and suggestions to help you troubleshoot a few common problems
that might arise when setting up the HiveAP 320:
• If the client fails to authenticate to an SSID using a PSK (preshared key), check that the
PSK on the client matches that on the HiveAP and reset one or both keys if necessary.
• If you manage the HiveAP through HiveManager Online and it does not show up on the
Monitor > Access Points > HiveAPs page, do the following:
– Check if the HiveAP is still listed in the staging server (click Navigate MyHive >
Staging Server > Monitor > HiveAP). If so, select it, and then click Redirect to move
it to your HiveManager Online system.
– Check connectivity to HiveManager Online:
ping staging.aerohive.com
ping hm-online.aerohive.com
– Ensure that any intervening rewalls allow one of the following sets of services from
the HiveAP to HiveManager Online:
CAPWAP (UDP 12222), SSH (TCP 22), and HTTPS (TCP 443)
or
HTTP (TCP 80) and HTTPS (TCP 443)
• If a client cannot form an association, check that the client is within range and that it is
congured to use the same authentication method as the SSID. For example, if the client
is congured to use Open or WEP authentication but the SSID is set for WPA or WPA2, the
client will not be able to associate with the HiveAP. To see the security settings for an
SSID, click WLAN > Congure WLAN/SSID, and look at the key management, encryption
and authentication methods, and SSID type listed in the table at the bottom of the page.
• If the client associates and authenticates itself, but the HiveAP cannot forward trafc,
check that the HiveAP is assigning the correct user prole and, if so, that it is also
assigning the correct VLAN. To see the user prole and VLAN that a HiveAP assigns a
client, enter show ssid <string> station, and check the UPID (user prole ID) and
VLAN columns. If those are correct, then check that the client has received its network
settings through DHCP. To check connectivity to the DHCP server, make a console or SSH
connection to the HiveAP, send a probe, and see if it elicits a response: interface
mgt0 dhcp-probe vlan-range <vlan1> <vlan2>. Also check that the VLAN
conguration for the port on the connecting switch is correct.
To remove all settings and return the conguration to its factory default settings, enter the
reset cong command or use a pin to press the Reset button on the chassis and hold it
down for at least 5 seconds.
Deployment and Conguration Tips
Other manuals for HiveAP 320
2
Other Aerohive Wireless Access Point manuals
Aerohive
Aerohive AP370 User manual
Aerohive
Aerohive AP630 Installation manual
Aerohive
Aerohive HiveAP 20 ag Quick reference guide
Aerohive
Aerohive access point Quick reference guide
Aerohive
Aerohive HiveAP 20 Quick reference guide
Aerohive
Aerohive HiveAP 28 Quick reference guide
Aerohive
Aerohive HIVEAP 170 User manual
Aerohive
Aerohive HiveAP 320 User manual
Aerohive
Aerohive AP330 User manual
Aerohive
Aerohive AP230 User manual
Aerohive
Aerohive HiveAP 340 User manual
Aerohive
Aerohive HiveAP 330 User manual
Aerohive
Aerohive AP150W Installation manual
Aerohive
Aerohive Atom AP30 Installation manual
Aerohive
Aerohive HiveAP 340 User manual
Aerohive
Aerohive AP130 User manual
Aerohive
Aerohive AP1130 User manual
Aerohive
Aerohive AP245X Installation manual
Aerohive
Aerohive AP122 Installation manual
Aerohive
Aerohive HiveAP 100 Series User manual
Popular Wireless Access Point manuals by other brands
Sophos
Sophos APX Series Safety Instructions and Regulatory Information
ADTRAN
ADTRAN NetVanta 900 Series Configuration guide
Ruijie
Ruijie RG-AP720-L Series Hardware installation and reference guide
AMX
AMX Modero NXA-WAP200G quick start guide
TRENDnet
TRENDnet TPL-410AP user guide
D-Link
D-Link NUCLIAS CONNECT DAP-2680 Quick installation guide
