ClearPass – custom MPSK

Multiple PreShared Key (MPSK) is the ideal replace for the old-fashioned static PSK environments. MPSK provides the flexibility and scalability which traditional PSK networks are lacking. MPSK provides a per device pre shared key. Aruba ClearPass is the authentication server to verify the pre shared key entered on a device. To create a pre shared key, you have to register a device in the Guest Device Repository in ClearPass.

During the registration and afterwards when editing the device, you don’t have the option to manually generate a MPSK. However there is an option to manually set the MPSK by importing a device and setting the MPSK in the Excel / CSV file. You can achieve this by adding to extra columns to the CSV file, called mpsk and mpsk_enable.

mpsk_enable should have a fixed value of 1 and mpsk is the actual key you like to use for the device.

This way you still have the flexibility to add / import multiple devices at once and generate the MPSK manually per device of use the same MPSK for multiple devices, like Sonos or Ring endpoints.

The following two tabs change content below.

René Jorissen

Co-owner and Solution Specialist at 4IP Solutions
René Jorissen works as Solution Specialist for 4IP in the Netherlands. Network Infrastructures are the primary focus. René works with equipment of multiple vendors, like Cisco, Aruba Networks, FortiNet, HP Networking, Juniper Networks, RSA SecurID, AeroHive, Microsoft and many more. René is Aruba Certified Edge Expert (ACEX #26), Aruba Certified Mobility Expert (ACMX #438), Aruba Certified ClearPass Expert (ACCX #725), Aruba Certified Design Expert (ACDX #760), CCNP R&S, FCNSP and Certified Ethical Hacker (CEF) certified. You can follow René on Twitter and LinkedIn.

Latest posts by René Jorissen (see all)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.