Hi, I think I already know the answer, but I've been asked to investigate encrypting our guest network.
Currently we have a single guest SSID that's open and goes to a ClearPass captive portal login.
As I understand it, the only way to have an encrypted guest network is to either use PSK (which isn't really more secure if everyone knows the PSK), or use some sort of complicated CoA trickery after authenticating with CPPM.
Am I correct? Is there another method that works? I have enough issues with people unable to figure out how a captive portal works, it scares me to make it more complicated.
Thanks,
--Ben