OpenWiFi
2.7.0
2.7.0
  • OpenWiFi Release 2.7
  • ABOUT
    • About OpenWiFi
    • Supported Hardware
    • Device Partner Information
    • Cloud Partner Information
    • Ordering OpenWiFi APs
    • Example Partner Integrations
  • OPENWIFI STACK
    • Overview
    • SDK
    • Access Points
      • Local Device Settings
    • Cloud Discovery
      • Discovery without Cloud
    • Code Repositories
    • Artifacts
  • SDK
    • Getting Started
    • Architecture
    • Provisioning for Integrators
      • Data Model Introduction
      • Creating a Configuration
    • User Interface for Admins
      • Provisioning
        • Creating Entities
          • Configurations
            • Metrics Settings Example
        • Creating Venues
          • Configurations
            • WAN
            • VAP - SSID
      • Inventory Association
      • Gateway
      • Devices
        • Commands
        • Statistics
        • Command History
      • Firmware
    • Monitoring
      • ELK Integration
  • SDK Installation
    • Overview
    • Deploy using Docker Compose
    • Deploy using Helm
  • Device Feature Configuration Examples
    • Basic Device Provisioning
      • Bridge Mode SSID
      • NAT Gateway Mode SSID
      • Multi-VLAN SSID
    • Advanced Device Feature Configuration Examples
      • Zero Touch Provisioning
      • DHCP Relay
      • Services
      • Metrics
      • GRE
      • L2TP
      • VxLAN
      • WDS
      • Mesh
      • QoS
      • Dynamic Air Time Fairness
      • Advanced Captive Portal
        • External Captive Portal
      • Roaming RRM and SON
      • RADIUS Authenticated SSID
        • Dynamic VLANs with RADIUS
        • WISPr Subscriber Bandwidth
        • Dynamic Multi PSK
        • RADIUS MAC-Auth
      • Multi-PSK (MDU Shared Key)
      • Wireguard
      • Dynamic Air-Time Policy
      • Opportunistic Wireless Encryption (OWE)
      • Passpoint®
        • Configuration Introduction
        • Advertising Services
        • Passpoint® Configuration
  • RELEASE
    • What's New
    • Features
    • Security Updates
    • Resolved Issues
    • Outstanding Items
    • Testing Results
  • DEVELOPER RESOURCES
    • SDK API
      • OpenAPI Definitions
      • Security Service
      • Gateway Service
      • Firmware Management Service
      • Provisioning Service
      • Analytics Service
      • Radio Resource Management Service
      • Postman Collection
    • SDK KAFKA
      • Connection
      • Device Event Queue
      • Device Telemetry
      • Healthcheck
      • Provisioning Change
      • Service Events
      • State
      • WiFi Scan
Powered by GitBook
On this page
  1. Device Feature Configuration Examples
  2. Advanced Device Feature Configuration Examples

Multi-PSK (MDU Shared Key)

TIP OpenWiFi 2.0

Multiple Pre Shared Key is a popular configuration option in Multi Dwelling Unit, dormitory or similar environment where it is costly to implement complex 802.1x security however that same level of per-client security is highly desired.

A SSID when configured for multi-psk can have multiple PSK/VID mappings. Each one of them can be bound to a specific MAC or be a wildcard.

            "ssids": [
                {
                    "name": "MDU Wi-Fi",
                    "wifi-bands": [
                        "5G",
                        "2G"
                    ],
                    "bss-mode": "ap",
                    "encryption": {
                        "proto": "psk2",
                        "ieee80211w": "optional",
                        "key": "OpenWifi"
                    },
                    "multi-psk": [
                        {
                            "key": "akey",
                            "vlan-id": 100
                        },
                        {
                            "key": "bkey"
                            "vlan-id": 200
                        }
                    ],
                    "roaming": {
                        "message-exchange": "ds",
                        "generate-psk": true
                    }
                }
            ]

Note: M-PSK passwords must be unique per vlan-id as the device will attempt to match security key to assigned virtual lan. In the above example, a password of OpenWifi will match the untagged interface of the SSID and unique password of "akey" will match client(s) to virtual lan 100.

PreviousRADIUS MAC-AuthNextWireguard

Last updated 2 years ago