This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Legacy
- Aerohive Migrated Content
- Re: How can you get PPSK passwords from an externa...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How can you get PPSK passwords from an external source (e.g., RADIUS, LDAP, SQL)?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
04-25-2018 06:56 PM
I've set up PPSK SSIDs with local users, but would like to pull password dynamically from an external source. If I select "Use GuestManager for PSK validation" it gives me an option to select a RADIUS server and User Group. I've created a user in RADIUS that matches a local user in that group but that doesn't seem to work. Is this the right approach, or how can we add and update PPSK passwords without needing to push a new config?
Thanks.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
05-01-2018 10:26 PM
Hi Dan,
IDM did use a RADSEC proxy, but the function it served was to authenticate PPSK credentials from AP to the external IDM server. That is the closest PPSK Authentication comes to using RADIUS.
Could you explain/screenshot where you are having trouble?
From what I observed in my lab instance of Classic On premise, at the SSID level, the authentication type we choose is mutually exclusive, in that it can only be one of the possible types. WPA2-PSK, WEP, PPSK, or RADIUS.
Additionally, once PPSK is selected, Local Users and Local User Groups are required.
From the PPSK documentation available on the community, I can not find anything that indicates using an external directory for PPSK Users/Groups.
https://thehivecommunity.aerohive.com/s/global-search/PPSK
Please advise if this was helpful, if you have further questions, or if there is anything I could do to assist.
Happy to help,
David
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
05-02-2018 12:04 AM
Hi David,
Unfortunately I'm out of town and likely won't be able to attach a screenshot until Monday. Thanks for your answer and I'll try to respond as soon as I'm able.
-Dan
Unfortunately I'm out of town and likely won't be able to attach a screenshot until Monday. Thanks for your answer and I'll try to respond as soon as I'm able.
-Dan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
05-01-2018 10:26 PM
Hi Dan,
IDM did use a RADSEC proxy, but the function it served was to authenticate PPSK credentials from AP to the external IDM server. That is the closest PPSK Authentication comes to using RADIUS.
Could you explain/screenshot where you are having trouble?
From what I observed in my lab instance of Classic On premise, at the SSID level, the authentication type we choose is mutually exclusive, in that it can only be one of the possible types. WPA2-PSK, WEP, PPSK, or RADIUS.
Additionally, once PPSK is selected, Local Users and Local User Groups are required.
From the PPSK documentation available on the community, I can not find anything that indicates using an external directory for PPSK Users/Groups.
https://thehivecommunity.aerohive.com/s/global-search/PPSK
Please advise if this was helpful, if you have further questions, or if there is anything I could do to assist.
Happy to help,
David
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
04-30-2018 10:27 PM
Thanks. I'm aware Guest Manager is EOS but I don't need or want a management system like that (or ID Manager).
When you create a new PPSK SSID and select RADIUS authentication, you can select a server and a local user group (as opposed to a RADIUS user/group), but I'm trying to figure out how to get that last part working.
When you create a new PPSK SSID and select RADIUS authentication, you can select a server and a local user group (as opposed to a RADIUS user/group), but I'm trying to figure out how to get that last part working.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
04-30-2018 08:39 PM
Thank you. Guest Manager is no longer supported, it reached end of life in 2016 (https://www.aerohive.com/support/end-of-life-products/). It was replaced with ID Manager, which does give you more PPSK options (such as making credentials that are only valid for a certain time period, or only valid for so long after creation or so long after first log in, etc). To use ID Manager (IDM), you will need a myhive account and separate licensing.
