Capability to SSH to another access point within same Hive

  • 3
  • Idea
  • Updated 4 years ago
  • Not Planned
There are times when I lose CAPWAP connectivity with new/existing access point. For troubleshooting purposes, I would like to SSH to a working access point then SSH (jump) to non-working access point that has an IP address w/ incorrect default gateway.

This will also assist in configuring new access points that may have been deployed into the field w/out config.
Photo of thewifigeek

thewifigeek, Champ

  • 86 Posts
  • 12 Reply Likes

Posted 5 years ago

  • 3
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
This would be a great feature and it is one that is included on a number of Linux based security appliances. All that would be needed is the ssh and associated libraries so connection to another access point could be made using the CLI command ssh admin@[Access Point's IP Address] (or equivalent).
Photo of thewifigeek

thewifigeek, Champ

  • 86 Posts
  • 12 Reply Likes
Thanks for the support Crowdie.

We would require temp storage of ssh keys for the duration of the session(s) too.
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
Setting expectations here... This is not planned at this time. In general we are working towards deployment scenarios that won't require you to need direct device access.
Photo of thewifigeek

thewifigeek, Champ

  • 86 Posts
  • 12 Reply Likes
Please reconsider.

During installation, the following deployment issues may occur:
1. provisioned IP default gateway is incorrect. Require site visit.
2. no DHCP services available. The Aerohive access point will default to 192.168.1.1 address. Note: Aerohive AP do NOT reboot after x minutes so requires site visit.
3. incorrectly configured switchport. After amendment, we have complete loss of comms to the AP unless we visit site and manually de-power the unit via cable.

To have Telnet/SSH access, we can use a successfully deployed access point as a jump host to get to the problematic access point, correct the CLI so it can capwap ping hive manager then complete upload from HiveManager.
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
Mike are you able to advise whether Aerohive is working on any solutions for the issues raised by geekonastick?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Having some enhanced logic that kicks in to force the DHCP process to periodically invalidate and retry where there is an active lease when there is no connectivity to HiveManager or where an IP has been used in fallback would be useful as it would help mitigate the human error factor.

Where static addressing is in use, I think you're in live by the sword die by the sword territory - use DHCP with static leases based on a reservation.
Photo of Carsten Buchenau

Carsten Buchenau, Champ

  • 356 Posts
  • 117 Reply Likes
From the 6.2r1 training slides:

  • HiveOS 6.2r1 provides SSH client connectivity capabilities to reach otherwise unreachable Aerohive devices on the same subnet.
  • This is an SSH CLI-driven troubleshooting tool for debugging remote Aerohive devices in your wireless network.
  • The outbound SSH client command is:

exec ssh-client server <domain_name or IP address> <optional: port number> user <user_name>

Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
This idea should be changed to implemented!
Photo of Sjoerd de Jong

Sjoerd de Jong, Employee

  • 97 Posts
  • 20 Reply Likes
which is awesome!