Table of Contents

Basics

HiveOS uses the default management interface (mgt0) to communicate with the CAPWAP server. If you need to refresh the behaviour, take a look here:

http://blog.aerohive.ninja/post/capwap/

In certain circumstances you may need to use different path to reach out the CAPWAP server. For example, you need to do NAT over the mgt0, offload the main connectivity, testing and so on.

Route traffic through a subinterface

HiveOS has one main interface (mgt0) for the management and sixteen subinterfaces (mgt0.1 -> 16) in 802.1Q for other needs. If you configure a subinterface and a 802.1Q tag, you can route CAPWAP traffic through it, just adding a S-CLI command under HiveManager (both NG and Classic).

Network details Principal connectivity

mgt0 ip:	172.23.164.48/24
mgt0 gw:	172.23.164.1 (MPLS Router)

Second Line

mgt0.3 ip:	192.168.85.2/24
mgt0.3 gw:	192.168.85.254 (ADSL Router)

S-CLI

In order to get the right AWS Net-Block, the FQDN must be resolved. The most used in Europe are:

cloud.aerohive.com
cloud-ie.aerohive.com
hmng-prd-ie-cwpm-01.aerohive.com
hmng-prd-ie-cwps-01.aerohive.com
hmng-prd-ie-cwps-02.aerohive.com
hmng-prd-ie-cwps-03.aerohive.com
hmng-prd-ie-cwps-04.aerohive.com

But they may change.

Time to add S-CLI under HiveManager

! Define the ADSL subinterface 
interface mgt0.3 vlan 14
interface mgt0.3 ip 192.168.85.2/24
!
! Route all necessary CAPWAP traffic through the ADSL/second gateway
!
ip route net 54.154.0.0 255.255.0.0 gateway 192.168.85.254
ip route net 54.165.0.0 255.255.0.0 gateway 192.168.85.254
ip route net 52.210.0.0 255.255.0.0 gateway 192.168.85.254
ip route net 52.49.0.0 255.255.0.0 gateway 192.168.85.254
ip route net 52.2.0.0 255.255.0.0 gateway 192.168.85.254
ip route net 34.249.0.0 255.255.0.0 gateway 192.168.85.254
!
! Route also SSH Proxy, NTP, DNS and other stuff
!
ip route host 79.125.111.180 gateway 192.168.85.254
ip route host 54.247.117.188 gateway 192.168.85.254
ip route host 185.19.184.35 gateway 192.168.85.254
ip route host 94.177.187.22 gateway 192.168.85.254
ip route host 8.8.8.8 gateway 192.168.85.254
!

Of course your AP need to be configured in switch port trunk 802.1Q:

interface 1/0/8
switchport mode trunk
switchport trunk native vlan 51
switchport trunk allowed vlan 1,14,51

Nothing is needed to be changed under the default AP configuration in HiveManager: Uplink pass natively 802.1Q tag.

You’re now able to reach your AP through mgt0.3 interface (ADSL). Bear in mind the actual Amazon AWS’s IP address may change and so you can suffer the CAPWAP instability. HiveOS can route only network or host and not FQDN (like cloud.aerohive.com) so you’ve to manually resolve them and put them into the routing table. In this example I used a very large AWS Net-Block just to be sure everything continue to works.

Have fun!