Frequent Contributor I

Re: Encrypting Guest traffic

Hi Tarnold,


but I will still need to create a SSID Profile on my e.g. Windows Computer. You cannot connect to the SSID without having the user doing something.


I think this wil not be a 'easy' solution for the typical dumb guest user  

Sven - AMFX #35

Re: Encrypting Guest traffic

Most devices now support simple connection to a secure ssid. No matter what way you choose PEAP, WPA, WEP the users will still need to add a profile.

Like you say for most users it might still be too complicated so most customers deploy an open ssid with captive portal.

It all comes down to do you want the data secured over the air and most WEP and WPA can be broken pretty quick. With using PEAP it gives each user it's own unique encryption when the connect.
Thank You,

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Regular Contributor I

Re: Encrypting Guest traffic

Could you use onboarding with clearpass?

Aruba Employee

Re: Encrypting Guest traffic

Onboarding visitors is not a good idea. It would mean making them go through the process of Onboarding for internet access which is an overkill. Best solution is to use PEAP-Public. 


Also, check this out


Note, we do not have many clients that support WPA-3 yet.



Search Airheads
Showing results for 
Search instead for 
Did you mean: