This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Using PPSK with MAC binding; seeing PPSK-MAC Bind Failure on some "connected" devices; any way to determine what PPSK they tried to use to find out who may be trying to reuse a PPSK?

Using PPSK with MAC binding; seeing PPSK-MAC Bind Failure on some "connected" devices; any way to determine what PPSK they tried to use to find out who may be trying to reuse a PPSK?

tsimmons3
New Contributor

‎07-17-2019 04:02 PM

Our current configuration is 1 MAC bind per PPSK; but we occasionally see devices that appears to be connected, but our self-hosted HiveManager under Tools -> Client Monitor shows the device Issue Type to be "Authentication" and the Summary is "PPSK-MAC Bind Failure"; we assume that means the PPSK is already bound to another MAC. Is that correct? Is there any way to track down what PPSK was attempted so we can find the offender?

0 Kudos
1 REPLY 1

samantha_lynn
Esteemed Contributor III

‎07-18-2019 01:15 PM

That message would indicated that the user tried to login with a device that was not tied to their PPSK user record. You could enable auth debugs to record the login attempt in the buffered log, including the user name. You can also see what user is tied to which MAC address with this command: _test auth mac-bind show <ssid profile name> <mac address>

 

This guide reviews how to enable auth debugs, for reference: https://thehivecommunity.aerohive.com/s/article/Authentication-Auth-Debugs

0 Kudos
GTM-P2G8KFN