Security

Reply
Frequent Contributor I

Match on MPSK

I'm guessing the answer is NO based on testing so far, but worth asking all the same.

 

Can you match, using ClearPass role mapping or enforcement policies, on the PSK entered against an MPSK wireless network by the user?

Any amount of Kudos will be greatly appreciated!!!
Guru Elite

Re: Match on MPSK

No, that's not how WPA2-Personal works.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
MVP Guru

Re: Match on MPSK

If you have MPSK deployed, you might be able to do what you try by working indirectly with attributes in other authorization sources like the endpoint database or the guest device database entry.

 

As the MPSK is bound to a device, you can assume that the correct MPSK is used for that device. If you are looking to have different roles depending on the PSK entered, that doesn't work like Tim mentioned as there is only one single PSK that will be accepted for that device. What you still can do is return roles depending on the device, or profiling information, and so on.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Frequent Contributor I

Re: Match on MPSK

@

 

Any amount of Kudos will be greatly appreciated!!!
Highlighted
Guru Elite

Re: Match on MPSK

Unfortunately that's not how WPA2-Personal works.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: