This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PPSK Troubleshooting

PPSK Troubleshooting

Kyle_ea
New Contributor

‎05-31-2023 05:30 AM

Hello, I am having an issue with a few users and their PPSK credentials. I have a mixture of PPSKs that are assigned via wiflex.eu using Azure AD creds and some that are manually created and distributed.  My BYOD policy is set to only allow 1 device to connect per PPSK. I have a handful of users that constantly get disconnected with the "PPSK Session Limit Exceeded" error in XIQ. I have gone through with each user to make sure this is not the case. I have had to just delete the users and have them either re-register or I will assign them a PPSK. It works for a few hours or maybe an entire day and then the same thing happens again. Most users/devices are unaffected, and work as expected.

Any advice on how to troubleshoot this?

0 Kudos
4 REPLIES 4

JA
New Contributor III

‎05-31-2023 01:20 PM

Are you able to see if another device has taken the connection in Client360?

In our environment we see AppleWatches taking the connections from the preferred device at times.

Kyle_ea
New Contributor
In response to JA

‎06-02-2023 09:21 AM

Update: looks like this was the issue, however the users/devices weren't shown as connected in XIQ. I raised the device limit for an immediate solution. Do you have any other recommendations for this scenario?

0 Kudos

JA
New Contributor III
In response to Kyle_ea

‎06-05-2023 08:07 AM

Depending on your devices, MAC binding can be effective. Once the device MAC is bound to the PPSK only that device can connect.

We have used this for our BYOD program for many years but in the last few years mobile devices using MAC Randomization has lead to more maintenance. For instance, if a device is away for a time or if the user 'forgets' the network and re-enters their credentials it may connect with a different MAC the what it was bound to. When this happens we delete and re-create the PPSK.

0 Kudos

Kyle_ea
New Contributor
In response to JA

‎06-01-2023 04:43 AM

Unfortunately not. The user has to continuously reconnect to the network daily or multiple times throughout the day. Eventually the device just wont connect anymore and I get the "Session limit exceeded" error but the user associated with that ppsk is not active.

0 Kudos
GTM-P2G8KFN