How to access AP-121 console?

  • 1
  • Question
  • Updated 2 years ago
  • Answered
This is a newbie question. How can I access my AP-121 console? The problem is it suddenly became amber during normal use, and reset / hard reset couldn't bring it back. I was not updating firmware or whatsoever, it just got stuck.
Photo of Olive

Olive

  • 10 Posts
  • 0 Reply Likes

Posted 4 years ago

  • 1
Photo of Andrew MacTaggart

Andrew MacTaggart, Champ

  • 483 Posts
  • 86 Reply Likes
You  are going to need RJ45 to DB9 Female Blue Cisco Compatible Console Cable

and a program like putty access the console.
Photo of JM

JM

  • 1 Post
  • 0 Reply Likes
what about when I am Accessing thru console port of Cisco WAP AIR-LAP1042N-A-K9 ? i cant access the WAP thru putty and hyperterminal even my port (device manager) is correct(COM25).. there are no appearance in putty and hyperterminal. is it possible that the WAP console port is disabled even that it is a brand new (from the box) ?
Photo of Olive

Olive

  • 10 Posts
  • 0 Reply Likes
Thanks. I got the cable and putty. Now where can I start from? Is there a document for CLI?
Photo of Andrew MacTaggart

Andrew MacTaggart, Champ

  • 483 Posts
  • 86 Reply Likes
there is a CLI reference guide under the Aerohive support page for your OS version and AP model.

Once you have the console cable connected and putty open for serial and select the correct com port on you computer, varies might be com 1, settings should be the defaults



user will be admin and passwd will be your hive password.
if you can log in you can use the show tech command to see if you can locate issues
http://www.aerohive.com/330000/docs/help/english/documentation/cli_guide121-141_6-1r3.htm#cmd1093

But if  the AP is amber you may want to unplug the power and plug the power in to see if you get any messages during the boot up that would indicate hardware issues.

Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
I recommend that you obtain the cable described by Andrew, commonly called a Cisco roll cable, and connect to the AP-121 with the AP-121 powered down.  Run Putty on your Desktop PC, set it for a serial connection and enabled all character logging.  Start the AP-121 and look for any errors in the boot sequence. I have seen AP-121s fail on boot with flash errors and you will see entries for these type of errors in the boot sequence.  Once the AP-121 boot sequence has completed save the Putty log file as, if required, you can attach this to your Aerohive Support case notes.
Photo of Olive

Olive

  • 10 Posts
  • 0 Reply Likes

I connected to Ap-121 with the console cable. After log in, I unplugged nd plugged the power, got the following:

checking for the az feature of 8035...
Disabling 802.3az feature...
Restart auto-negotiation

current reprogram_nand is 4e4f5250

chip #0: First 0xa last 0xa sector size 0x10000
  10
Hit the space bar to stop the autoboot process:  0

Loading kernel from device 0: ath-nand (offset 0x800000) ... done
Loading rootfs from device 0: ath-nand (offset 0x1200000) ... Skipping bad block[0x27a0000]
done
Mounting local file systems...
Aerohive Wireless Extension 1.0.0 ... INIT!
Aerohive Forwarding Engine module ... INIT!
Image L7 repository version 3, checking existing L7 repository... ...
Existing L7 repository version 3
Nothing to be done with L7 repository version 3
checking for the az feature of 8035...
Disabling 802.3az feature...
Restart auto-negotiation



Welcome to Aerohive Product

AH-575980 login:



What can be possibly wrong?


Photo of Olive

Olive

  • 10 Posts
  • 0 Reply Likes


show tech gives too much data, I don't know which part is useful.


But all date shown in show tech is 1970-01-01. Is it a problem?

(Edited)
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
The incorrect date is due to the AP-121 not having an NTP source so I wouldn't be worried about that.

If you log into the AP-121 via the console connection can it make a CAPWAP connection with the HiveManager?  You can use the CAPWAP PING command to test the AP-121's connectivity.
(Edited)
Photo of Olive

Olive

  • 10 Posts
  • 0 Reply Likes

I don't have a local HiveManager. When I used it it was connected to Internet for on-line HiveManager. Now how can I connect to that? I can login on-line HiveManager but it says my device is disconnected.
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
To manually configure an access point to connect to a HiveManager Online (HMOL); assuming it has an IP address and can access the Internet; you need the following two pieces of information:

1.  HiveManager Primary Name
2.  Virtual HiveManager Name

Luckily we can get this information easily from an access point that is already connected to the same HMOL.

When you are next to an access point you can connect a blue Cisco roll cable to the access point’s console port and gain terminal connectivity but if the access point is not in front of you that is not possible.  For this reason you can make a SSH connection to the remote access point through the HiveManager Online and the SSH traffic will be transported through the CAPWAP tunnel between the HiveManager Online and the remote access point.

To start a SSH connection with the access point go to Monitor -> All Devices -> <Access Point> -> Utilities... -> SSH Proxy.

When the SSH Proxy window appears click on the “Start Proxy” button.  A Java applet will now run so you need to ensure that Java is installed and enabled.

The SSH proxy should now be active:



Open a SSH client, such as PuTTY, and set the hostname to “localhost” and the port to the port specified in the SSH proxy module window:



You should now have a SSH connection to the access point:



Note: 
If the access point is offline from the HiveManager Online then there is no CAPWAP tunnel from the HiveManager Online to the access point to transport the SSH traffic.  As such, you cannot make a remote SSH connection to an offline access point.

Login to the access point and execute the command show capwap client.

You are looking for the HiveManager Primary Name (6th line) and Virtual HiveManager Name (7th line) fields.  Screenshot or write down these values.

Now return to the serial console connection to the access point that cannot connect to the HiveManager Online and enter the following three commands:

* capwap client server name <HiveManager Primary Name>
* capwap client vhm-name <Virtual HiveManager Name>
* save config

The access point should now attempt to join the HiveManager Online.  You may need to also enter the following commands to get the connection:

* ntp server <NTP Source IP Address>
* dns server-ip <DNS Server IP Address>

As CAPWAP tunnels are DTLS encrypted if the access point has a different time setting to the HiveManager Online then the encryption will not engage resulting in the CAPWAP tunnel failing to initialise.

After waiting a minute or two execute the show capwap client command again and look at the following fields:

* CAPWAP Client - Should be "Enabled"
* CAPWAP transport mode - Should be "UDP"
* RUN state - Should be "Connected securely to the CAPWAP server"

You can also use the capwap ping <HiveManager Primary Name> command (as long as the CAPWAP transport mode is UDP) to see how long a packet is taking to get from the access point to the HiveManager Online.

(Edited)
Photo of technique

technique

  • 20 Posts
  • 0 Reply Likes
Hi Crowdie,

we are trying to access our AP through SSH but it doesn't work. In fact, we are unable to login. Yet, we have the right credentials to log into HiveManager. Any ideas why I cannot login?
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
Do you have SSH access (TCP port 22) to the access point?  I would recommend using TCPing to determine if you have.  If you can get to the access point login then you have.

Once the access point has successfully received its configuration from the HiveManager or HiveManager Online it will utilise the administration credentials for SSH access (unless this has been configured in the access point's configuration) but before that you should use the default credentials of admin and aerohive.
(Edited)
Photo of Olive

Olive

  • 10 Posts
  • 0 Reply Likes
Thank you Crowdie for the comprehensive explanation.
yesterday I was trying powering cycle and checking console outputs, while suddenly it could connect to HMOL, and it even restored all my configuration (I guess it downloaded it from HMOL), I don't know why.
However your explanation will still be of very much reference. My problem is I have only one AP around my area, it will be difficult for me to get those IP information of HMOL. I think I need to copy them done now.