Hello, I am having an issue with a few users and their PPSK credentials. I have a mixture of PPSKs that are assigned via wiflex.eu using Azure AD creds and some that are manually created and distributed. My BYOD policy is set to only allow 1 device to connect per PPSK. I have a handful of users that constantly get disconnected with the "PPSK Session Limit Exceeded" error in XIQ. I have gone through with each user to make sure this is not the case. I have had to just delete the users and have them either re-register or I will assign them a PPSK. It works for a few hours or maybe an entire day and then the same thing happens again. Most users/devices are unaffected, and work as expected.
Any advice on how to troubleshoot this?
Update: looks like this was the issue, however the users/devices weren't shown as connected in XIQ. I raised the device limit for an immediate solution. Do you have any other recommendations for this scenario?
Depending on your devices, MAC binding can be effective. Once the device MAC is bound to the PPSK only that device can connect.
We have used this for our BYOD program for many years but in the last few years mobile devices using MAC Randomization has lead to more maintenance. For instance, if a device is away for a time or if the user 'forgets' the network and re-enters their credentials it may connect with a different MAC the what it was bound to. When this happens we delete and re-create the PPSK.
Unfortunately not. The user has to continuously reconnect to the network daily or multiple times throughout the day. Eventually the device just wont connect anymore and I get the "Session limit exceeded" error but the user associated with that ppsk is not active.