After complaining about crappy WiFi coverage in my apartment, a friend loaned me a fancy fancy Aerohive AP230 – the gotcha was that I wouldn’t have access to the usual online configuration tool (a.k.a. HiveManager), so I had to learn to drive it via the CLI.

My needs are far more basic than the capabilities of this unit, but for my configuration I decided on the following:

  • Same SSID and security as my existing WiFi
  • Drop wireless clients with a weak 2.4 GHz connection
  • Use band steering to encourage use of 5 GHz
  • Turn off that bloody light!

After approximately equal quantities of Googling and swearing, I’ve settled on the following configuration:

no capwap client enable
admin root-admin admin password ***
radio profile Wifi1
radio profile Wifi1 band-steering enable
radio profile Wifi1 band-steering mode prefer-5g
radio profile Wifi1 weak-snr-suppress enable
security-object Wifi1
security-object Wifi1 security protocol-suite wpa2-aes-psk ascii-key ***
ssid SSID
ssid SSID security-object Wifi1
interface wifi0 radio profile Wifi1
interface wifi0 ssid SSID
interface wifi1 ssid SSID
system led brightness off
save config

After factory resetting the AP, connecting it to the network and SSH’ing in with the default user and pass (admin and aerohive respectively), the above configuration can be pretty much copy pasted after adjusting the ***s and the SSIDs.

A lot of the configuration above was stolen from the sites below (and you should definitely visit the first two sites for additional explanation of some of the CLI commands):

Other things I learned about WiFi along the way..:

  • If you have multiple APs, set the SSID and wireless security options to be exactly the same if you want clients to be able to roam easily.
  • Don’t use WPA2-PSK with TKIP (it’s older, slower and less secure). If you’re using pre-shared keys, always use WPA2-PSK with AES/CCMP.
  • Definitely use some sort of WiFi site survey software (I used NetSpot) – without being able to see where the problems are, you really have no idea what the fix needs to be.

5 thoughts on “Basic CLI configuration for an Aerohive AP230

  1. Hello zac,

    Thank you for your post on downloading brightcove videos!
    http://words.bombast.net/download-brightcove-videos/

    That’s some legit info!
    It worked well for me for a while and now I see this message:
    The video you are trying to watch is currently unavailable. Please check back soon.

    My thoughts are the User does not have an associated mp4 file backup of that video?

    your thoughts?

    I welcome them.

    Thanks again for making the internet AWESOME!!
    ben

  2. Hi Ben,

    At a rough guess – yep, no fallback mp4 video. I just re-tested on another site that I know has a fallback option and was able to save the mp4 version of the video.

    – zac.

  3. Hey. I found older Android devices were not able to connect using your config. I had to change the cipher suite to wpa-auto-psk. Here’s the amended config that worked well for me, in case it helps anyone.

    radio profile SSIDNAME
    radio profile SSIDNAME5
    radio profile SSIDNAME5 phymode 11ac
    radio profile SSIDNAME5 channel-width 40
    security-object SSIDNAME
    security-object SSIDNAME security protocol-suite wpa-auto-psk ascii-key ***
    ssid SSIDNAME
    ssid SSIDNAME security-object SSIDNAME
    interface wifi0 radio profile SSIDNAME
    interface wifi1 radio profile SSIDNAME5
    interface wifi0 ssid SSIDNAME
    interface wifi1 ssid SSIDNAME
    admin root-admin admin password ***
    no capwap client enable

  4. Hey Matt, thanks for the updates! 🙂

  5. Nice to see that my post was of some use –
    One reason to go WITH TKIP instead of AES is compatibility. Running WPA2 with AES may cause compatibility issues with older clients. Speed-wise, it shouldn’t make a difference. I was able to run at 300 megs of wireless N on that particular access point with the same configuration that I originally posted.

Comments are closed.