Accessing AP's that are not in Hive Manager

  • 1
  • Question
  • Updated 9 months ago

Is there a way of accessing AP's that are not in Hive manager for whatever reason but are visible by other access points?

I know you can access APs after connecting to its emergency ssid assuming you are within its range but I'd like to use another AP that's fully accessible and in Hive manager.

the below is the access point that I'm trying to access

-AP02#show acsp neighbor
wifi0(8) ACSP neighbor list:
Bssid               Mode     Ssid/Hive           Chan  Rssi(dBm)  Aerohive AP  CU CRC STA Channel-width

885b:dd82:e754      Access   AH-82e740_ac        5    -83         yes          14 0   0   20


Photo of Patryk Szenfeld

Patryk Szenfeld

  • 38 Posts
  • 0 Reply Likes

Posted 10 months ago

  • 1
Photo of Edu Tan

Edu Tan

  • 8 Posts
  • 0 Reply Likes

You can access the AP by the IP-address (hhtp://<ip address>). Check the DHCP list on the DHCP server.

Photo of Nathaniel Moore

Nathaniel Moore, Employee

  • 56 Posts
  • 16 Reply Likes
Hi Patryk,

Are you able to see the IP address of the APs in your DHCP server? You can then SSH to the AP CLI and identify why they are unable to connect to HiveManager. If they haven't yet connected to HiveManager they will be using the default username/password of admin/aerohive.

Kind regards,

Nathaniel
Photo of Gary Smith

Gary Smith, Official Rep

  • 299 Posts
  • 61 Reply Likes
In addition to Nathaniel's post, you can SSH from one AP to another;
From the AP CLI;

exec ssh-client server ?

    <string>      Enter the domain name (1-64 chars) or IP address and,

                  optionally, the port number (Default port: 22; Range:

                  1024-65535; Format: name:port or ip:port) 

You might also find the AP IP/Mac address using "show amrp neighbour"
Photo of Patryk Szenfeld

Patryk Szenfeld

  • 38 Posts
  • 0 Reply Likes

Thanks for your quick responses.

That is the problem, those AP's for some reason are not getting through to DHCP server or hive manager. I suspect issues with cabling, different story.

I do realize you can ssh into AP's when they have received IP addresses.

What I wonder is whether you can somehow access AP that has no config/IP address assigned by DHCP by its default IP address as I can access it by ssh-ing to 1.1.1.1 when I'm connected to its emergency SSID if I make sense

(Edited)
Photo of Nathaniel Moore

Nathaniel Moore, Employee

  • 56 Posts
  • 16 Reply Likes
Hi Patryk,

I do not believe the AP itself has a default IP address that you can SSH to. The 1.1.1.1 address simply acts as a loopback which you can connect to for the emergency SSID. Outside of the emergency SSID, you can use the RJ-45 console connector to connect via CLI.

That said, the most common cause of APs not connecting to a DHCP server that I have seen in the past is incorrect VLAN configuration on the switches to which they are connected. You should ensure the APs are connected to suitable trunk ports (or access) and the native VLAN has access to the relevant services including DHCP.

If you're able to connect via console, you will of course be able to verify one way or another.

Kind regards,

Nathaniel
Photo of Patryk Szenfeld

Patryk Szenfeld

  • 38 Posts
  • 0 Reply Likes

It does, I'm able to ssh to an AP that can't be accessed through our network while standing underneath, see the below


Photo of Patryk Szenfeld

Patryk Szenfeld

  • 38 Posts
  • 0 Reply Likes

I've posted them in wrong order but as you can see interface of my phone wlan0 gets an IP of 1.1.1.2 after being connected to the ap and I'm able to ssh into 1.1.1.1 which is ap itself

(Edited)
Photo of Nathaniel Moore

Nathaniel Moore, Employee

  • 56 Posts
  • 16 Reply Likes
Hi Patryk,

Understood, I am not disagreeing that the AP has a default IP address as part of the emergency SSID. I mean in general, outside of that, the AP does not use a default IP address.

Regardless, if you are able to access the CLI, you can run 'show capwap client' to see if the AP is able to connect to HM or not.

It may also be worth running 'capwap ping redirector.aerohive.com' to verify the AP has an open line to our cloud redirection service.

Kind regards,

Nathaniel
Photo of Patryk Szenfeld

Patryk Szenfeld

  • 38 Posts
  • 0 Reply Likes

I'm just trying to be too convenient here, mostly curious.

Idea was not to walk around the building with almost 200 APs to hunt down those that can't be reached over the network but to use other access points to connect to "unreachable" ones

So let me rephrase, can I replicate what I did on my phone on access point,

@Gary Smith yes I'm aware of ssh capabilities - took me a while to figure I must admit but in my case there's no IP in common range that I use for all the AP's  to ssh into, emergency ssid only

(Edited)