This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Team,
I am working on ISE opportunity where I am demonstrating guest use case. Customer wants to use PSK with guest CWA. I have read couple of articles and I know it is not supported. I just want to confirm this before communicating this to customer.
Is there any way we can achieve this customer requirement?
Thanks,
Neelesh Marathe
Solved! Go to Solution.
Can you explain the final goal? Like Hosuk says 8.3 wireless code will support PSK + CWA
If you simply want to stop people from using the Hotspot or Credentialed portals than we have the option of them having to enter a passcode before they can login or create an account
if its encrypting guest then your options are:
•WPA-PSK with LWA*
•shared key + portal login
•CWA not supported
•Point to single PSN (HA requires LoadBalancer)
•WPA2 with CWA*
•shared user/pass + portal login (regular guest accounts)
•WPA2 without portal*
•sponsored credentials (guest type requires - Allow guest to bypass the Guest portal)
* These options can also be used to protect your SSID from people you don't want using it (example taking up DHCP addresses)
It will be available with WLC AireOS 8.3. For now you can do 802.1X + CWA.
Can you explain the final goal? Like Hosuk says 8.3 wireless code will support PSK + CWA
If you simply want to stop people from using the Hotspot or Credentialed portals than we have the option of them having to enter a passcode before they can login or create an account
if its encrypting guest then your options are:
•WPA-PSK with LWA*
•shared key + portal login
•CWA not supported
•Point to single PSN (HA requires LoadBalancer)
•WPA2 with CWA*
•shared user/pass + portal login (regular guest accounts)
•WPA2 without portal*
•sponsored credentials (guest type requires - Allow guest to bypass the Guest portal)
* These options can also be used to protect your SSID from people you don't want using it (example taking up DHCP addresses)
Thanks Jason for wonderful explanation. It answers all my questions. Final goal here is encrypting guest traffic.
Thanks,
Neelesh Marathe