AP250 Device Updates are failing (dhcp fingerprint issue?)

  • 1
  • Question
  • Updated 5 months ago
I'm trying to set up some AP250s. However, despite there being network connectivity between them and our HiveNG server, they refuse to update.

When I hover over the "Update Failed" text, I can see a pop-up that states:

"The CLI 'save dhcp-fingerprint option55 https://:443/afs-webapp/hiveos/osobject/os_dhcp_fingerprints.tar.gz admin VHM-XXXXXXVA password *** basic".

I've assigned DHCP reservations for these APs (although since they have contacted the Hive server, I have had to switch the reservations around), and I wonder if this is what has caused the problem.

Has anyone come across something similar? Does anyone have any suggestions to try to resolve?

Thanks

Tom
Photo of TomM

TomM

  • 3 Posts
  • 1 Reply Like

Posted 5 months ago

  • 1
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi TomM,

Firstly, I suspect you have removed the FQDN of your HM instance from the CLI error to anonymise this. Can you confirm that?

I suspect that this error is caused by HiveOS not being able to resolve the FQDN via DNS inside the component that fetches resources via HTTP/HTTPS.

If you try and ping the FQDN via the APs shell, does this resolve to an IP (irrespective of success or failure of the ping)? If not, there is your problem. If it does resolve, does it to so quickly or only after a delay?

Thanks,

Nick
Photo of TomM

TomM

  • 3 Posts
  • 1 Reply Like
Thanks for the response, Nick.

Yes, I redacted host portion of url to anonymise.

I will try to check this tomorrow.

One thing I noticed is that I am unable to ssh into the APs on their dhcp assigned addresses. I did look at the AP-> ssh menu on our HiveNG server web interface but it was grayed out and no option to enable.

Unfortunately these APs are remote so cannot get console connection. Is there any way to get cli access to APs via the HiveNG web interface?

Thanks!

TomM
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi TomM,

The other likely issue is that the HTTPS communication from the AP to HiveManager are instead being blocked or being interfered with if DNS is completing reliably. The DHCP signatures are the first to be fetched which is why you see those in the error message. I suggest you check this too.

Clearly, CAPWAP is working, so, yes, you should be able to execute CLI commands in the console within NG.

Thanks,

Nick
(Edited)
Photo of TomM

TomM

  • 3 Posts
  • 1 Reply Like
hey Nick- thanks for the advice, I changed the DNS servers that the DHCP server assigned to one which knew about the internal HiveManager FQDN and 6 of the 7 AP250s immediately updated their config.

I still have one problematic AP250 though that refuses to update despite attempting partial/complete/rebooting etc, but I've just started holiday today, and wont be back at work to look further at this until late next week.