Wireless Access

Is there a way require a password for connectivity to a wireless network? We have students who somehow started sharing our internal wifi via QR code and it as gone to many devices after that. 

Our internal wifi network is WPA2/PSK.

Change your wifi to 802.1x where real users need to authenticate to login.

So are new users able to successfully connect from this QR code?

Is changing the authentication model an option?

If yes, you could use MAC Authentication + PSK so as to avoid unauthorized devices(Devices with unknown) from connecting to your network.

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.

I'm not sure exactly where it started, but more and more personal devices from students are finding it's way onto our network. They are giving more and more users access by using the QR Code and it's spreading. 

We have 2 other networks. One is a wide open network (but locked down with dns filter and Fortigate UTM) and the other is an open network however it has CP and requires AD authentication to log in.

MAC authentication is not really an option. We have over 3400+ devices on the internal network now, and more and more every day.

- Stand up a 802.1x encrypted network that requires username and password

- Start migrating users to that network

- When you have enough users migrated to that network, implement a bandwidth contract on the PSK network that reduces the performance considerably.

You are now forced to do what many other enterprises have done voluntarily in the past to improve their security.

Are you using clearpass?

No

Ok. Just asked as the new MPSK feature might have been handy in your scenario.

You can't stop it. A lot of good suggestions in this thread. Either you migrate to dot1x or you you implement some sort of MAC filter.