How is the management VLAN configured?

  • 1
  • Question
  • Updated 2 years ago
Just took over an Aerohive setup and I'm told the management VLAN is say VLAN 1500. Under the configuration of the network policy it shows the management and Native VLAN settings 



Does that mean its actually not configured? Or could there be some sort of setting on the HP switches that put the management interface on VLAN 1500?
Photo of zzzP

zzzP

  • 19 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of BJ

BJ, Champ

  • 374 Posts
  • 45 Reply Likes
Whatever your management vlan is, it must be configured on the upstream switches to allow connectivity. There is a VLAN Probe tool, under the Tools tab in HiveManager to help ensure you have network connectivity.

Best,
BJ 
Photo of zzzP

zzzP

  • 19 Posts
  • 0 Reply Likes
Not really sure how that relates to my question...I have connectivity that isn't an issue. I want to know why the last administrator told me the management VLAN is 1500, when according to the settings (the picture I posted above) it shows VLAN 1. Does the management VLAN need to be configured in Aerohive or could it be configured elsewhere? I obviously know if the management VLAN is configured in Aerohive the switches need to be configured as well.. But what if it's not configured in Aerohive? Why else would the last administrator say the VLAN is 1500? Also, the access points all have static IPs if that matters..
Photo of BJ

BJ, Champ

  • 374 Posts
  • 45 Reply Likes
I made some assumptions and guess I was reading too much into your first post. There is another configuration screen where you can override the network policy management vlan settings. Go to "Configuration," "Devices," "All Devices," and "Modify" an AP. Under "Advanced Settings," there are options to "Override Native VLAN" and "Override MGT VLAN." Those are the only two places in HM to set your MGT VLAN. Otherwise you can set it vlan CLI, but you would see an audit alarm showing the AP out of sync with the HM config.     
You can also verify which VLAN an AP is on via the mac tables on you switches. If you confirm that the APs are actually being addressed on vlan 1, I can't explain your predecessor other than to say he was misinformed.
Are you following protocol having a single subnet/vlan?  

Best,
BJ
Photo of zzzP

zzzP

  • 19 Posts
  • 0 Reply Likes
Thanks BJ. I checked out those settings and on the few APs I checked nothing was changed in the override section. So to me it looks like the management VLAN isn't configured in HM and he was indeed misinformed about the management VLAN...

The only other thing I can think of is that the switches are configured for VLAN 1500 and that is what gives an AP its DHCP address and lets it be seen by HM (using HiveManager On-Premise.) He then gave the APs a static IP. I'm going to test to see if I can setup an AP without using ports that are configured for the VLAN. Also, I'm pretty sure some of our subnets have multiple VLANs, but I'm not 100% sure.
Photo of BJ

BJ, Champ

  • 374 Posts
  • 45 Reply Likes
True, if the upstream switch port is configured as access, or however HP defines an a non-802.1q port, the switch would dictate the vlan and the AP would accespt that traffic as untagged on vlan 1. But no other vlans would be able to traverse that port and it seems unlikely that the switch has a different native vlan, otherwise you's have problems with vlan 1 as your native vlan on the AP.

Best,
BJ    
Photo of Bill W.

Bill W.

  • 222 Posts
  • 35 Reply Likes
The screenshot you posted is the default Aerohive setup. If your predecessor said that the management VLAN is 1500 and your APs have the default VLAN config, then he/she is referring to the setup on the switches. Depending upon your needs and network setup, the default VLAN setting on the APs do not need to be changed and will work fine as is. From the information you have provided, as long as the switch port that the AP is connected to has the untagged VLAN of 1500 your AP will connect fine as configured.