This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Why do I have wired client connected to my Hivemanager ?

Why do I have wired client connected to my Hivemanager ?

thomas_berthome
New Contributor

‎07-16-2019 01:09 PM

Hello all,

 

I have deployed some AP-250 for testing, and it worked well until I have seen a lot of wired client connected to my hivemanager.

 

I don't understand why the wired client are connecting to the Hivemanager ... Only Wireless user should be able to connect to it.

 

Currently, we have :

 

  • A MGMT vlan for AP management
  • A User Vlan (for Wired and Wifi client)

 

I think it could be related to the User'mix on User Vlan.

The best practice should be to separate the two client type, but during a test with another company location, we didn't face this situation.

 

The main issue is that I want to deploy another subnets for another SSID and my Company IP scope is not as large as I thought.

 

Do you know if an option exist to avoid wired client ?

 

0 Kudos
8 REPLIES 8

thomas_berthome
New Contributor

‎11-15-2019 09:27 AM

​Hello,

 

I've finally found my issue on the AP. As I've already worked on Cisco controller managed device, I've set up the same configuration to Aerohive AP.

For Controller managed AP, the port for controller was a Trunk port and the port on AP was an Uplink port. Since the AP was controllerless, I thought I will need a Trunk Port on AP.

 Since I have made the change, no problem with connectivity on different VLAN.

 

Too bad we can't find deployement guide to avoid this situation...

0 Kudos

samantha_lynn
Esteemed Contributor III

‎08-09-2019 12:33 PM

Thank you for the detailed question. Since you've ruled out an issue with the VLANs (the AP should be connected to a trunk port when using more than one VLAN, which it sounds like you've confirmed already), I'd like to get a packet capture so we can see the DHCP handshake and which step is failing. To do this, we'll want to follow these steps:

 

  1. Run a remote sniffer packet capture. This guide reviews how to do this: https://thehivecommunity.aerohive.com/s/article/Packet-Capture-in-NG
  2. While the packet capture is running, replicate the issue with a test device that is unable to get an IP address.
  3. Note the MAC address of the client you are using to replicate the issue, we'll need this later.
  4. Send the packet capture and the MAC address of the test client to communityhelp@aerohive.com.

 

Once we can see which DHCP packets are failing, that will narrow down where the issue is originating.

0 Kudos

thomas_berthome
New Contributor

‎08-09-2019 09:22 AM

"What is the correct implementation for aerohive AP ?"

I mean, more the interface switch configuration.

0 Kudos

thomas_berthome
New Contributor

‎08-09-2019 09:15 AM

Hello again,

So all my Wifi network are known on my company (until the RADIUS server,etc.). I have one more issue regarding this.

 

First, I still see my Gateway which is my router on my Management Vlan and the Access Switch (see the picture joined). Still don’t know why.

 

 

Gateway on switch :

c244d3c3bab64d58905ebff59a8bcd7a_0690c000006lKnjAAE.png

Secondly, I have well deployed my Policy on my AP but User on my Wifi Vlan can't obtain any IP address (see the picture joined).

 

To my opinion, the configuration is good on the AP (VLAN mapped with my User Profile associated on the good SSID).

The error I get on client monitor is that the DHCP server is not reachable. So, I suspected a wrong Wired Implementation not related to Wifi AP.

 

User non IP :

Client_AEROHIVE

DHCP error :

 

DHCP_Error_AEROHIVE

The vlan is well created end-to-end, from the router to the Access switch (Interconnexion to the AP port). The Gateway is good and reachable from everywhere.

 

The port where the AP is connected is trunked and all the VLAN are propagated on it (200,210 and 220). 

The switch interface (for ETH0 AP) has the VLAN 200 as native vlan and all the VLAN (200,210 and 220) are tagged on the interface.

 

#############################################

FRARC_SW_06_001(su)->show vlan portinfo port fe.4.21     

 Port      VLAN   Ingress  Egress 

             Filter   Vlan  

-----------------------------------------------------------------

fe.4.21    200    N      tagged: 9,200,210,220,222

#############################################

 

On this configuration, I tried with my own computer and I don't receive any IP from DHCP server. The helper-address/dhcp relay are well configured on router ( when I've plug a computer on interface with VLAN 210 or 220 as native VLAN, no issue with IP so the DHCP server is well configured). So, it's more a switch configuration issue.

 

What is the correct implementation for aerohive AP ?

 

0 Kudos
GTM-P2G8KFN