Skip to main content
Skip table of contents

Dynamic PGPSK Configuration

The Dynamic PGPSK Configuration screen is used to create Dynamic Private Group PSK (PGPSK) profiles in the UPAM database. The Dynamic PGPSK profiles are checked when Dynamic PGPSK is enabled for an SSID. If a PSK entry in one of the profiles matches a device authenticating through the SSID, the device is saved to the list of devices authenticated through UPAM PSK in the Dynamic Private Group PSK MAC tab.

Use the Dynamic PGPSK Configuration screen to display information about all of the configured Dynamic PGPSK profiles in the UPAM database and view the devices connected through PSK authentication. This screen also allows you to create, edit, and delete profiles. To access the Dynamic PGPSK Configuration screen, click on Network Access > Accounts > Dynamic PGPSK Configuration under the “Configure” section of the OmniVista Cirrus Menu.

image-20241120-193957.png

There are two tabs available on the Dynamic PGPSK screen:

Using the Dynamic Private Group PSK Tab

The Dynamic Private Group PSK tab provides a list of all configured Dynamic PGPSK profiles. Use this tab to create, edit, or delete Dynamic PGPSK profiles.

Each profile contains one or more PSK entries that are configured in the UPAM database. Each client device specifies a Passphrase when connecting to an SSID. If the passphrase matches any of the PSK entries in a Dynamic PGPSK profile, the client is placed in the specified VLAN ID or Access Role Profile.

Note that UPAM checks the Company Property list first to see if there’s a match for the device; if not, the list of entries in the Private Group PSK UPAM database are checked. When a device is authenticated through Dynamic Private Group PSK, the matched entry is added to the Dynamic Private Group PSK MAC tab.

Creating a Dynamic Private Group PSK Profile

To create a PGPSK profile, click Create Dynamic Private Group PSK Profile. The Create Dynamic Private Group PSK Profile screen opens.

image-20241120-001108.png

Complete the following fields as described below:

  • Profile Name - Enter a unique name to identify the PGPSK profile.

  • SSID - The name of the SSID that is configured for a Protected Network with Dynamic Group PSK enabled. Note that only SSIDs with this configuration are included for selection from the drop-down list.

  • PSK Entries - There are two methods for creating a PSK Entry (see Guidelines for Configuring PSK Entries):

  • Dynamic Private Group Mac Persistency - Enter the number of days for the MAC persistency duration that is applied to devices authenticated through the Dynamic PGPSK profile.

Guidelines for Configuring PSK Entries

Consider the following guidelines when configuring PSK entries for Dynamic Private Group PSK profiles.

  • Configuring PSK entries within the same profile:

    • You must use a unique name for each PSK entry.

    • You must use a unique passphrase for each PSK entry.

  • Configuring PSK entries across different profiles that are configured with the same SSID:

    • You can create PSK entries with the same name but with a different passphrase.

    • You cannot create PSK entries with the same passphrase.

  • Configuring PSK entries across different profiles with different SSIDs:

    • You can create PSK entries with the same name

    • You can create PSK entries with the same passphrase.

Manually Configure a PSK Entry

To manually create a new PSK entry, select Configure PSK Entries (the default) and click Add Entry.

image-20241120-235759.png
image-20241121-000228.png

Enter the following information to configure the PSK entry (see Guidelines for Configuring PSK Entries):

  • Name - Enter a unique name for the entry.

  • Passphrase - Enter a unique PSK Passphrase for authentication.

  • Max Device Number - The maximum number of devices for this PSK entry.

  • VLAN-ID - The VLAN ID assignment for the PSK device. Note that either a VLAN ID or an Access Role Profile is required.

  • Access Role Profile - Select the name of an existing Access Role Profile or click on Create Access Role Profile to create a new profile to use (see the Access Role Profile online help). Note that either an Access Role Profile or VLAN ID is required.

Click on Add more entries for each PSK Entry that you want to create. When you are done adding PSK entries, click on Create to create the profile configured with the PSK entries.

Import Multiple PSK Entries

To import multiple PSK entries, select Import PSK Entries and click on Download XLSX template. You are then prompted to specify where you would like to save the template file.

image-20241121-000906.png

The following sample template file is an example of the template provided for adding multiple PSK entries:

image-20241121-001754.png

Fill out the template with information for each PSK entry that you want to import (see Guidelines for Configuring PSK Entries), then save the template file . Next, click in the Choose File field to find and select the existing template file to import.

Once the import is complete, the PSK Entries list is populated with the imported PSK entries. Click on Create to create the profile with the imported PSK entries.

Customizing a Dynamic Private Group PSK Profile

You can customize a Dynamic Private Group PSK profile by accessing the Customize Dynamic Private Group PSK screen. To access the Customize Dynamic Private Group PSK screen, use one of the following methods:

  • Select the Dynamic Private Group PSK profile to edit by clicking on the checkbox next to the profile, click on Actions, then select Edit from the drop-down menu.

  • Click on the pencil icon under the “Actions” column next to the profile that you want to edit.

image-20241121-172657.png

The following Customize Dynamic Private Group PSK screen opens. This screen displays information about PSK entries assigned to the Dynamic PGPSK profile. Use this screen to add more PSK entries to the profile, edit or delete existing PSK entries, and change the MAC Persistency duration for devices authenticated through the Dynamic PGPSK profile. When you are finished customizing the Dynamic PGPSK profile, click on the arrow in the upper-right corner of the screen, as shown below.

image-20241224-000413.png

Editing a PSK Entry

To edit a PSK Entry, select the entry and click on Actions to select Edit from the drop-down menu or click on the Edit icon under the “Actions” column next to the entry. The Customize PSK Items screen appears.

image-20241223-211939.png

Change any of the PSK entry attributes for the following fields:

  • Name - The name of the PSK entry.

  • Passphrase - The PSK Passphrase used for authentication

  • Max Device Number - The maximum number of devices that can authenticate with this PSK entry.

  • VLAN-ID - The VLAN ID assignment for the PSK device.

  • Access Role Profile - The Access Role Profile assignment for the PSK device. Click on Edit to edit the assigned Access Role Profile or click on Create Access Role Profile to create a new profile to use (see the Access Role Profile online help),

When you are done with editing the PSK entry, click on Save to retain your changes.

Deleting a PSK Entry

To delete a PSK Entry from the Dynamic PGPSK profile, select the entry and click on Actions to select Delete from the drop-down menu or click on the Delete icon under the “Actions” column next to the entry. The following confirmation prompt appears:

image-20241223-214740.png

Click on Delete to remove the PSK entry from the Dynamic PGPSK profile.

Display PSK Entry Information

The PSK Entries list displays information for the PSK entries associated with the Dynamic PGPSK profile. To display information about a specific entry, click on the Additional Information icon under the “Actions” column. The information displayed on this screen is defined below.

image-20241223-195523.png

The following information is displayed for the PSK entry:

  • Name - The name assigned to the PSK entry.

  • Passphrase - The PSK Passphrase for authentication.

  • VLAN-ID - The VLAN ID assignment for the PSK device.

  • Max Device Number - The maximum number of devices that can authenticate with this PSK entry.

  • Access Role Profile - The Access Role Profile assignment for the PSK device.

Adding PSK Entries

Customizing the Dynamic PGPSK profile also allows you to add more PSK entries to the profile. On the Customize Dynamic Private Group PSK screen, click on Add more entries. The Create PSK Item screen appears.

image-20241223-234405.png

Complete the fields as described in Manually Configure a PSK Entry. Click on Add more entries to add another PSK entry. When you are done adding one or more entries, click on Save. The new PSK entries are then added to the Dynamic PGPSK profile.

Changing the MAC Persistency Duration

On the Customize Dynamic Private Group PSK screen, you can also change the MAC Persistency duration value. By default, the duration is set to one day. You can specify a maximum duration up to 365 days maximum.

image-20241223-231831.png

If you want to change the number days for the Dynamic Private Group MAC Persistency, enter the number of days and click on Save.

Deleting a Dynamic Private Group PSK Profile

To delete a Dynamic Private Group PSK profile, use one of the following methods to select the profile that you want to delete:

  • Select the Dynamic Private Group PSK profile to delete by clicking on the checkbox next to the profile, click on Actions, then select Delete from the drop-down menu.

  • Click on the delete icon under the “Actions” column next to the profile that you want to edit.

image-20241121-180856.png

When you select the profile that you want to delete, the following confirmation pop-up appears:

image-20241121-181456.png

Click Delete to confirm that you want to delete the selected Dynamic Private Group PSK profile.

Display Dynamic PGPSK Profile Information

The Dynamic Private Group PSK (PGPSK) list displays information for the configured Dynamic PGPSK profiles. To display detailed information about a specific profile, click on the Additional Information icon under the “Actions” column. The information displayed on this screen is defined below.

image-20241121-191939.png
image-20241223-233408.png

The following information is displayed for each Dynamic PGPSK profile:

  • Profile Name - The unique name assigned to the profile.

  • SSID - The name of the SSID assigned to the profile. Note that only SSIDs with the Dynamic Private Group PSK option enabled are available to assign to a profile.

  • Persistency Days - The number of persistency days for the profile.

  • PSK Entries - The PSK entries configured for the Dynamic PGPSK profile.

Using the Dynamic Private Group MAC Tab

The Dynamic Private Group PSK MAC tab provides a list of devices connected through UPAM PSK authentication. Use this tab to view devices that matched one of the passphrase entries in a Dynamic PGPSK profile. You can also delete and export Dynamic Private Group PSK MAC entries.

image-20241121-195809.png

The Dynamic Private Group MAC Persistency setting configured for the PSK entry to which the device matched determines how long the MAC address remains in the Dynamic Private Group MAC database. During this time, the user will not have to enter the passphrase again to gain network access.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close