User's Manual
Deployment Guide 187
Chapter 12 Traffic Types
This is a list of all the types of traffic that might be involved with a HiveAP and HiveManager deployment. If a
firewall lies between any of the sources and destinations listed below, make sure that it allows these traffic types.
Traffic Supporting Network Access for Wireless Clients
Traffic Supporting Management of HiveAPs
Service Source Destination Protocol
SRC
Port
DST
Port
Notes
DHCP unregistered
wireless client
HiveAP wifi
subinterface in
access mode
17 UDP6867Required for captive web portal
functionality
DNS unregistered
wireless client
HiveAP wifi
subinterface in
access mode
17 UDP 53, or
1024 -
65535
53 Required for captive web portal
functionality
GRE HiveAP mgt0
interface
HiveAP mgt0
interface
47 GRE N.A. N.A. Required to support DNX
*
and layer
3 roaming between members of
different hives
* DNX = dynamic network extensions
HTTP unregistered
wireless client
HiveAP wifi
subinterface in
access mode
6 TCP 1024 -
65535
80 Required for captive web portal
functionality
HTTPS unregistered
wireless client
HiveAP wifi
subinterface in
access mode
6 TCP 1024 -
65535
443 Required for captive web portal
functionality using a server key
RADIUS
accounting
HiveAP mgt0
interface
RADIUS server 17 UDP 1024 -
65535
1813
†
Required to support RADIUS
accounting
RADIUS
authentication
HiveAP mgt0
interface
RADIUS server 17 UDP 1024 -
65535
1812
†
† This is the default destination port number. You can change it to a different port number from 1 to 65535.
Required for 802.1X authentication
of users
Service Source Destination Protocol
SRC
Port
DST
Port
Notes
CAPWAP
*
* Control and Provisioning of Wireless Access Points
HiveAP mgt0
interface
HiveManager
MGT or LAN
port
17 UDP 12222 12222 Required for HiveAPs to discover
the HiveManager and send it
alarms, events, and reports
NTP HiveAP mgt0
interface
HiveManager
MGT or LAN
port
17 UDP 1024 -
65535
123 Required for HiveAP time
synchronization with the
HiveManager