topic Using PPSK with MAC binding; seeing PPSK-MAC Bind Failure on some "connected" devices; any way to determine what PPSK they tried to use to find out who may be trying to reuse a PPSK? in Aerohive Migrated Content

Using PPSK with MAC binding; seeing PPSK-MAC Bind Failure on some "connected" devices; any way to determine what PPSK they tried to use to find out who may be trying to reuse a PPSK?

tsimmons3 — Wed, 17 Jul 2019 23:02:09 GMT

Our current configuration is 1 MAC bind per PPSK; but we occasionally see devices that appears to be connected, but our self-hosted HiveManager under Tools -> Client Monitor shows the device Issue Type to be "Authentication" and the Summary is "PPSK-MAC Bind Failure"; we assume that means the PPSK is already bound to another MAC. Is that correct? Is there any way to track down what PPSK was attempted so we can find the offender?

Re: Using PPSK with MAC binding; seeing PPSK-MAC Bind Failure on some "connected" devices; any way to determine what PPSK they tried to use to find out who may be trying to reuse a PPSK?

samantha_lynn — Thu, 18 Jul 2019 20:15:28 GMT

That message would indicated that the user tried to login with a device that was not tied to their PPSK user record. You could enable auth debugs to record the login attempt in the buffered log, including the user name. You can also see what user is tied to which MAC address with this command: _test auth mac-bind show <ssid profile name> <mac address>

This guide reviews how to enable auth debugs, for reference: https://thehivecommunity.aerohive.com/s/article/Authentication-Auth-Debugs