IPSK Authentication Without RADIUS - Tutorial

When setting up an enterprise wireless network, you may want to configure WPA2-PSK authentication in order to onboard different users on to the wireless network. This tutorial will walk you through how to configure IPSK without RADIUS in the Meraki dashboard.

IPSK without RADIUS allows a network admin to use multiple different PSKs per SSID without the use of a RADIUS server. This also allows you to assign group policies in the dashboard based on the PSK used by the client device to authenticate to the WiFi network. A maximum of 50 PSKs can be configured per SSID. Each PSK has to be at least 8 to 63 alphanumeric characters long.

1. First, you'll want to navigate to Wireless, Configure, then Access Control.

2. Under SSID, select the SSID from the drop-down that you want to configure.

3. Select IPSK without RADIUS from the Association Requirements section of the page. *Note that if you do not have any group policies configured on your dashboard, you will be prompted to create one before you are able to proceed with the remaining steps*

4. Select the Add an Identity PSK option.

5. Here, you can define a name for the PSK to Group Policy mapping and define a unique PSK.

6. Once the PSK is defined, you have the option to select the Group Policy from the drop-down that are defined in your Meraki Dashboard.

7. Click Add and Save Changes.

8. Once configured, you can use the 'Show' button to see the PSK configured for each mapping. Clicking on the Name of the PSK will allow you to modify the mapping on the dashboard. Clicking the Add button on the top right will allow to add new PSKs to the SSID and clicking on the checkbox and clicking Delete will allow removing the PSK from the SSID.

Remember that modifying or removing the PSK will cause clients to disconnect using that specific PSK only. Other wireless clients using a different PSK will still be connected without any issues. Adding a new PSK will have no impact on existing client devices connected to the SSID.