Configuring an Aerohive AP on ExtremeCloud IQ

It has been a while I did a blog post, work has been relatively busier post Covid19 lockdown. Some time ago I did a site survey for my home and found insufficient 5GHz coverage. As we are all aiming to have 5 GHz wherever possible why not start with the home.

I had a couple of Cisco 2802 AP but they don’t allow to run in standalone AP mode unless you guys know a method please let me know.

I tried to source a Cisco Meraki AP with a license but could not get one. My workplace is undergoing through wireless upgrade project so we now had a lot of spare Aerohive Extreme AP in stock. Those old AP 230 have a permanent license installed so I wanted to give it a try to set up AP at home. The AP setup for Extreme is pretty straightforward. Even though it is first time venturing in the world of Aerohive/Extreme, I found it pretty easy to navigate and follow the options. The Aerohive CLI commands closely match with Cisco.

IMPORTANT NOTE: Before beginning the procedure, you may need to remove the AP230 from its existing hive manager / extreme inventory. Get the license details from the hive manager so that you can transfer it to the new one.

Setup of Aerohive AP 230

• Logon to https://www.extremenetworks.com/starthere/
• Register your details for the CloudIQ setup – https://www.extremenetworks.com/cloud-networking/
• Complete your account setup with password etc..
• Login with your account details – https://aus.extremecloudiq.com/#/devices
• If you have an AP230 or equivalent, reset it first by pressing on the reset button.
• Use a console cable and connect it to a POE switch or Injector 802.3at POE to power up the AP.
• Let the AP complete the bootup process and then wait for the username prompt.
• The default username/password for Aerohive/Extreme AP is – admin/Aerohive
• Find the details of CAPWAP client/server from hovering over the top right corner and clicking on the name and then “About Extreme IQ”

• Go to “Global Settings” > VIQ Management to acquire the vhm-name (virtual hive manager) as this is needed for AP to point to the correct hive manager.

Logon to AP and configure below settings with the commands.

capwap client server name “<enter from abov>”
capwap client server backup name “<enter from above”>
capwap client vhm-name e.g VNF-SJDJAA (Enter from above)I

Issue the below command on the AP to find the details “show capwap client”

• Issue “show int mgt0” to confirm you have received IP via DHCP.

If there is no DHCP server on the network then configure a static IP with below commands. (example only)

no int mgt0 dhcp client
int mgt0 ip 172.17.17.5 255.255.255.0
ip route net 0.0.0.0 0.0.0.0 gateway 172.17.17.1
dns server-ip 8.8.8.8
dns server-ip 4.4.2.2 second
ntp server 172.17.17.1

Transfer the entitlement key from the old hive manager/extreme to the ExtremeCloudIQ . This can be done from the global settings.

• After this step, check if you can ping from AP to the default gateway and then to Google (8.8.8.8)
• If you cannot ping OK, check if the firewall is blocking UDP port 12222
• You may also try: capwap client transport HTTP
• If everything is OK, you can see the AP come online on the ExtremeCloudIQ as below

• You are now expected to create network policies and deploy SSID, radios configuration etc.
• Each time you make a change you are expected to update the configuration by doing a “configuration delta upgrade”.

The AP password will now change syncing to the one from ExtremeCloudIQ. The new password can be found from the Global Settings. Administration > Device Management Settings > Show Password.

Useful Resources:

Extreme Support Portal
Aerohive CLI Support Guides
https://words.bombast.net/basic-cli-configuration-for-an-aerohive-ap230/