Skip to menu Skip to content Skip to search
The Spacewalkers Forum

Forum

You have to be logged in to ask a question
Question
Asked by Alan-Eile alan-eile
STELLAR
Asked on 03/09/2019

ssid with PSK and mac auth

Anyone configured PSK ssid with mac auth ? i can reference the company property database but it seems to not be blocking unauthorised devices ??

Answer question
Your vote :
Rating : 0
Answers
Answer by alan-eile
Answered on 17/10/2019

Cheers Alex, shame this is not documented in the available documentation, I actually had it working by using dot1x with dot1x bypass and company account tied to company property.

Your vote :
Rating : 0
Answer by alexanderhaupt
Answered on 16/10/2019

Hi ALAN-EILE, create a SSID with PSK and enable MAC-Athentication. Select UPAMRadiusServer. In Advanced Configuration check that Local Database is selected. In Default Access Role Profile select the appropriate Access Role Profile in which the client should be mapped. In Manage Guest Devices add your Company Property with the correct MAC-address. In the VLAN-ID field add a Dummy VLAN ID (e.g. 999) which leads to nowhere. Click Save and Apply to AP Group!

Now the client connects to the SSID with the correct PSK. Due to the Dummy VLAN the client will not receive an IP-address so far. The MAC-Auth takes place next. If the MAC-address matches with the Company Property an IP-address will be received based on the Default Access Role Profile defined in the Authentication Strategy. If the MAC-address does not match the access will be denied!

Please also refer to TKC article: 000048680

Hope this helps!

Alex

Your vote :
Rating : 0