Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

MPSK with Third Party Device

This thread has been viewed 6 times
  • 1.  MPSK with Third Party Device

    Posted Nov 24, 2023 09:11 AM
    Hey guys, okay?
     
     
     
    Has anyone integrated the MPSK function with a third-party device?
     
    Without being Cisco and Aruba!!
     
    I would like to try to make it work with a UNIFI controller, but I am having difficulties. Is this possible?
     
    If anyone has already done this, I would just like to know more or less which configuration was used.
     
    Thanks in advance.


  • 2.  RE: MPSK with Third Party Device
    Best Answer

    MVP
    Posted Nov 27, 2023 11:32 AM

    From a quick Google search, Ubiquiti appears to have recently introduced a feature called PPSK (Private PSK), similar to MPSK in Aruba and ISPK in Cisco, amongst others. I found this post explaining how to set it up:  https://community.ui.com/questions/Proof-of-Concept-Private-PSK-Personal-PSK-PPSK-with-dynamic-VLAN-via-RADIUS-MAC-auth/68f3097a-dcc1-4c31-bb51-ede39e706e30

    Since this was posted on Airheads, I'll assume you're using ClearPass as your RADIUS server to handle the MAC auth request? If using ClearPass, it looks like the enforcement is leveraging "Tunnel-Password", so set the Type to RADIUS:IETF, Name is Tunnel-Password, and Value to the key you expect the device to send. 



    ------------------------------
    Michael Haring
    ------------------------------