Solutions Tech Lab

This is a 4x parts series in which we’ll cover MPSK with ClearPass policy manager here, where it can provide better scalability and control.

The overall workflow with MPSK with ClearPass solution is as follows

• Before connecting a device to a MPSK based SSID, the user registers the device on a ClearPass Policy Manager guest-registration or device-registration webpage
• The user receives a device-specific or group-specific MPSK passphrase through the email
• The user then connects their device with their unique PSK to the MPSK based SSID
• The AOS10 AP performs MAC authentication of the client device against the ClearPass Policy Manager server
• On successful MAC authentication, the ClearPass Policy Manager returns Access-Accept with the VSA containing the encrypted passphrase
• The AOS10 AP generates a PSK from the passphrase and performs 4-way key exchange.

In the next part we’ll cover the associated testing.