Hi,
Is it stable now?
Can an ePSK be used by more than one person at a time?
What could be the cause that from 500 ePSK which I generated a month ago, some are shown invalid if trying to use and some not, no matter if it was in use before?
Thanks, Bálint
HI Balint,
ePSK generated keys can be used more than one user if generated ePSK not mapped to client MAC address. Share your ePSK keys generated at cnMaetro & AP tech-support. Please verify whether you are trying to connect same client MAC address which mapped to specific ePSK key.
Regards,
Raghavendra.N
Hi Raghavendra.N,
None of them are mapped to MAC address. And some are working some not.
Please share your AP configuration & share client passphrase keys which is not onnecting to AP ., Generated EPSK count ? AP passphrase strength ( is it strong or Number or Easy ). I believe you may might be using strong passphrase. Could you please check client using same passpharse. Getting 4 way failure or Invalid passpharse.
Regards,
Raghavendra.N
Hi, any news on new firmware upgrade?
When will be available ePSK username on client list?
Has anyone used ePSK/PPSK/DPSK in production yet ? I have an Ruckus install I want to move to something cheaper , as I've been asked to cut costs across the board.Mikrotiks are a no-go due to poor management and performance of the radios , so I need to find something that gives me Per Device PSK management.
We are using ePSK in production. Have a small boarding house with a few APs in it. We created a VLAN for each room (16 of them) and are using ePSK keys per room. Now the devices can talk to each other per VLAN (room) but not see neighbors.
Has been working well once we got the newest firmware on the APs
Thanks mate .
I've contacted my VAR and see if I can get a 410 unit to see what it can do.
Some of the PPSK featureset looks a bit basic at this stage , but I'm not looking at launching rockets into orbit so should work well.Would be nice if they decide to give more user features like QR Code Scanning as well as auto disable/auto remove of PPSK's that haven't been used in X Days For Guest Networks.
@Au Wireless wrote:We are using ePSK in production. Have a small boarding house with a few APs in it. We created a VLAN for each room (16 of them) and are using ePSK keys per room. Now the devices can talk to each other per VLAN (room) but not see neighbors.
Has been working well once we got the newest firmware on the APs
Hi can you tell me which firmware version are you using?
Thanks
@firefly wrote:
@chimeranzl wrote:Agreed as above, username showing in column for ePSK clients would be considerably useful. Hoping this will be added soon for security reasons... (eg: identifying those who still have an ePSK loaded in - but perhaps shouldn't) as relying on the persons device name isn't really suitable enough (especially in the hospitality industry)
Also the ability to edit an ePSK entry would be convenient too.
Other than that - great this is released, good start as a very nice to have for many of our clients.
yes we are adding the option to have the ePSK username show up in the client dashboard and tables in firmware version 3.11.3 coming out in a couple of weeks.
Ok, after 4 months 3.11.3 is out but no username shows up in the client dashboard and tables.
I really need this feature! Please help.
It's working for me in 3.11.3 r7. Whatever username is configured for a given ePSK entry it shows up in the "User" field for the client stats in cnMaestro UI.
We are running 3.11.3-b10 which was a beta build to fix the ePSK and VLANs. I think the current 3.11.3-r7 is also working.
Is the limit currently 300 or 1024 for ePSK? Any idea when it would be increased to 4000?
Any update on the API lookup so the AP does not have 10 seconds of downtime per ePSK added?
Got some time to play with a demo unit and so far so good.Wireless performance is much much better than the Mikrotiks and I'd wager close to or even better than the Aerohives or Ruckus units that we've used over the years.I'm already in the process of moving one Mikrotik Capsman network over to cnPilot.
There's a couple of options I'd like to see.Maybe it's possible to do some of these but I might have missed it.
1)The ability to tie an email address/cell number to a username , so that when the username gets created they get the password sent to them via email with scannable QR code or sms.
2)Removal of disconnection of all users after a new ePSK gets added should be a top priority.
3)Ability to add inactivity and expiry date to a ePSK. IE when a ePSK goes unused for X amount of days it disables/removes the entry.Expiry date is useful when you have a bunch of contractors come onsite for XX amount of days and want to make sure they don't have access after that.
4)I think a re-look might be needed where the e-PSK's live.I'd recommend having it seperate from WLANS tab on a different tab and using user/group structure from the WANS tab to refer to these ePSK.This would be very very handy in situations where you have a holding or master company and many sister companies underneath that want their own "CompanyA-IOT" and "CompanyB-IOT" SSID's but want those same ePSK's to have the abilty to access these networks.Not a dealbreaker but handy in Parent/Child/Children companies.
5)Auto password option for generation when creating users for the lazy techs/customers I have to deal with.Too easy to make every persons password 12345678
6)Adding to this.Ability to create a locked down dedicated user role ie reception or entry level IT tech that can sit and create these ePSK's.
Hello djdrastic,
Thank you for the feedback. I have forwarded this to the development team.
Ray
Any updates on the ability to have 4000 ePSK and the ability to add and delete without client disconnections ? We are using cloud cnMaestro.
Thanks
ePSK is a great and secure feature. The only difficult part is to manage them. We are creating a solution where we can link the ePSK with Gsuite, Azure or Office365.
Users can onboard themself by logging in with their Gsuite/Azure/Office365 credentials then we return an ePSK. The coolest part is that we segentate based on Gsuite/Azure/Office365 groups. For example we can say if they are in the Gsuite group Teacher we give them an epsk in vlan 20 and if they belong to Gsuite user group Students we give them an epsk in the vlan 30. Also if they are deleted in Gsuite/Azure/Office365 we delete the ePSK. So you ePSK's get in sync without any work for the it department. The solution is fully cloud based.
But our solution will be much easier if you integrate api's in the cloud version, increase the number of epsk's and prevent that users lose there connection when epsk's are created. For the last problem we have a workaround. We create the epsk's in advance during the night.
That sounds really awesome ComplitNetworks
I'd really like to know if Cambium have made any progress on the EPSK limits as well as client disconnection issues when adding/removing EPSK's . I've been stuffed over by AeroHive now that Extreme has removed perpetual licenses from onsite AP's making it non cost effective for a lot of my sites these days.
@djdrastic wrote:
That sounds really awesome ComplitNetworks
I'd really like to know if Cambium have made any progress on the EPSK limits as well as client disconnection issues when adding/removing EPSK's . I've been stuffed over by AeroHive now that Extreme has removed perpetual licenses from onsite AP's making it non cost effective for a lot of my sites these days.
The cnMaestro-based ePSKs (which would increase the limits and also not disconnect clients on addition/removal of PSKs) is still being planned. timeline-wise we intend to release support mid-year. Will post again as we have a firmer date we can share.
Any update?
