CAPWAP (Control and Provisioning of Wireless Access Points), defined in RFC 5415, is a protocol that allows ACs (access controllers, or CAPWAP servers) to manage WTPs (wireless termination points, or CAPWAP clients) over a network. In an Aerohive wireless network, HiveManager is the CAPWAP server and uses the CAPWAP protocol to manage Aerohive APs.
On startup, there is an optional discovery phase, during which the CAPWAP client begins to send Discovery Request messages periodically, seeking a response from a CAPWAP server. When the CAPWAP server receives the Discovery Request, it sends a Discovery Response message in return. By default, a Aerohive AP acts as a CAPWAP client and begins seeking a CAPWAP server as soon as it joins the network.
When the CAPWAP server receives a Discovery Request message and responds with a Discovery Response, the CAPWAP server and client can then perform a DTLS (Datagram Transport Layer Security) handshake to establish a secure DTLS session. Server and client also authenticate each other by using a pre-shared key that is derived from a passphrase.
In cases where there is no HiveManager and the Aerohive APs are running a version of HiveOS prior to HiveOS 4.0, you can select one Aerohive AP to be a CAPWAP server, called a management Aerohive AP. You can then manage up to 11 other Aerohive APs from the management Aerohive AP using a special GUI (graphical user interface) called the HiveUI.