Branch router Update process insides - Push or Pull ?

  • 1
  • Question
  • Updated 3 years ago
I wonder how VHM updates Branch router i.e. BR200-WP. Does VHM pushes/uploads (what port?) or Branch router pulls config from VHM ? Is there documentation I can read ?
Photo of Irek Romaniuk

Irek Romaniuk

  • 26 Posts
  • 1 Reply Like

Posted 3 years ago

  • 1
Photo of Roberto Casula

Roberto Casula, Champ

  • 231 Posts
  • 111 Reply Likes
Aerohive devices update using SCP (after receiving an instruction to do so over the CAPWAP connection), so you need to allow SSH outbound from the device.

In general, you need to allow outbound access from Aerohive devices on UDP port 12222 and TCP port 22. Obviously for a branch router, IKE/IPSec back to the VPN Gateway also needs to be allowed in both directions.

A full list of firewall requirements can be found in the HiveManager Help.
Photo of Irek Romaniuk

Irek Romaniuk

  • 26 Posts
  • 1 Reply Like
I meant configuration update. I have only udp port  12222 opened on VHM for internet inbound  and I am able to update branch router config. So what happens when I click Update branch router on VHM , does VHM send instruction to branch router to pull config from VHM on udp port 12222 ?
Photo of Roberto Casula

Roberto Casula, Champ

  • 231 Posts
  • 111 Reply Likes
Yes, there is an active bi-directional communication channel over UDP between the device and HiveManager. Data can be sent in either direction over this channel. The channel itself is established outbound (i.e. from the device to HiveManager).