This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

how to add aerohive ap to a xiq va on-premise?

how to add aerohive ap to a xiq va on-premise?

Go to solution
zlinuxboy
Contributor

‎04-22-2021 12:45 AM

hi, community.

I have setup a xiq va on-premise, and config the ap with:


#show run | inc capwap
capwap client server name 172.16.220.250
capwap client server backup name 172.16.220.250

#show capwap client
AH-491600#show capwap client
CAPWAP client:   Enabled
CAPWAP transport mode:  UDP
RUN state: Connected securely to the CAPWAP server
CAPWAP client IP:        192.168.9.150
CAPWAP server IP:        172.16.220.250
HiveManager Primary Name:172.16.220.250
HiveManager Backup Name: 172.16.220.250
CAPWAP Default Server Name: redirector.aerohive.com
Virtual HiveManager Name:
Server destination Port: 12222
CAPWAP send event:       Enabled
CAPWAP DTLS state:       Enabled
CAPWAP DTLS negotiation: Enabled
     DTLS next connect status:   Enable
     DTLS always accept bootstrap passphrase: Enabled
     DTLS session status: Connected
     DTLS key type: passphrase
     DTLS session cut interval:     5 seconds
     DTLS handshake wait interval: 60 seconds
     DTLS Max retry count:          3
     DTLS authorize failed:         0
     DTLS reconnect count:          0
Discovery interval:      5 seconds
Heartbeat interval:     30 seconds
Max discovery interval: 10 seconds
Neighbor dead interval:105 seconds
Silent interval:        15 seconds
Wait join interval:     60 seconds
Discovery count:         0
Max discovery count:     3
Retransmit count:        0
Max retransmit count:    2
Primary server tries:    0
Backup server tries:     0
Keepalives lost/sent:    0/969
Event packet drop due to buffer shortage: 0
Event packet drop due to loss connection: 3

here are my question:

  1. does this ap successfully form a dtls with xiq va?
  2. why the ap is still offline on the xiq va manage > device page?
  3. is there any tutorial about how to add ap to xiq va on-premise?
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
SamPirok
Community Manager Community Manager
Community Manager

‎04-29-2021 02:48 PM

Hi there, thank you for your patience. I haven’t been able to find anything in those logs and the engineers I’ve asked requested that we open a case for this. Would you be able to open a support case for this question? 

View solution in original post

0 Kudos
7 REPLIES 7

Go to solution
SamPirok
Community Manager Community Manager
Community Manager

‎04-30-2021 02:43 PM

You would want to log in to extremeportal.force.com and then go to Support to open a case. If you don’t have a current support contract with us, I can get you in touch with a local SE in your area to see about getting you a support contract, either as a one time deal or longer term. If you need to speak with an SE, please let me know generally where you are located so I can find someone in your area. 

0 Kudos

Go to solution
zlinuxboy
Contributor

‎04-29-2021 11:28 PM

yes, of cos, but how to open a support case?

0 Kudos

Go to solution
SamPirok
Community Manager Community Manager
Community Manager

‎04-29-2021 02:48 PM

Hi there, thank you for your patience. I haven’t been able to find anything in those logs and the engineers I’ve asked requested that we open a case for this. Would you be able to open a support case for this question? 

0 Kudos

Go to solution
zlinuxboy
Contributor

‎04-22-2021 11:30 PM

@Sam Pirok 

here is the tcpdump data:

tcpdump -nvi wg0 port 12222

tcpdump: listening on wg0, link-type RAW (Raw IP), capture size 262144 bytes
07:18:53.751931 IP (tos 0x0, ttl 63, id 51753, offset 0, flags [none], proto UDP (17), length 125)
    172.16.230.5.49674 > 172.16.220.250.12222: LWAPP version 1 packet not supported
07:18:53.753092 IP (tos 0x0, ttl 63, id 32414, offset 0, flags [DF], proto UDP (17), length 141)
    172.16.220.250.12222 > 172.16.230.5.49674: LWAPP version 1 packet not supported
07:19:23.907938 IP (tos 0x0, ttl 63, id 8224, offset 0, flags [none], proto UDP (17), length 125)
    172.16.230.5.49674 > 172.16.220.250.12222: LWAPP version 1 packet not supported
07:19:23.909260 IP (tos 0x0, ttl 63, id 59164, offset 0, flags [DF], proto UDP (17), length 141)
    172.16.220.250.12222 > 172.16.230.5.49674: LWAPP version 1 packet not supported

my network environment is a little complicated.

 

ap-->vpn node(wireguard-client)-→ dsl gateway -→ Internet-→ server (wireguard-server) --→ bridge-→ xiq va

the wireguard-client and wireguard-server form a secure vpn tunnel.

 

xiq va vm(172.16.220.250)’s nic is a member to the bridge logic nic(172.16.220.254)

ap’s ip is 192.168.9.150, vpn node’s ip is 192.168.9.200,I add some static route on ap:

ip route net 172.16.220.0 255.255.255.0 gateway 192.168.9.200
ip route net 172.16.230.0 255.255.255.0 gateway 192.168.9.200

when the traffice from ap to visit xiq va, the src ip of ap will be masq to 172.16.230.5

wireguard-server’s ip is 172.16.230.1

wireguard-client’s ip is 172.16.230.5

any hints?

0 Kudos
GTM-P2G8KFN