Meraki

Community

MAC Randomization using IOS14 and Android 10 and above

Solved
Lord_Mackake
Meraki Employee
Meraki Employee
‎Sep 21 2020 9:14 AM
‎Sep 21 2020 9:14 AM

MAC Randomization using IOS14 and Android 10 and above

I've been through some issues when these updates were massively deployed such as:

 

1. Group Policies not being applied as they should and all clients fall into Normal policy with new IP-MA address combination

2. Exhausted DHCP

3. Duplicated IP Address Alerts

 

I've done the following:

1. DCHP to last at most 1 day instead of 1 week, 

2. Advise my users with this OS to turn off privacy settings for the corporate SSID

Apple IOS14: https://support.apple.com/en-us/HT211227

Android 10: 

Wi-Fi settings
  1. Open the Settings app.
  2. Tap Network & Internet.
  3. Tap Wi-Fi.
  4. Tap the gear icon associated with the wireless connection to be configured.
  5. Tap Advanced.
  6. Tap Privacy.
  7. Tap Use device MAC

But I wonder if I can use something in Systems Manager to prevent MAC Randomization or what is the best option for preventing this.

Greeting from Victor Hernandez
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 12:02 PM
‎Sep 21 2020 12:02 PM

There isn't a good solution at the moment.

 

Larger customers can use group policy assignment via RADIUS, but there is no simple solution for static assignment of group policies.

View solution in original post

4 Replies 4
kYutobi
Kind of a big deal
‎Sep 21 2020 11:06 AM
‎Sep 21 2020 11:06 AM

Thanks @Lord_Mackake for publishing. Not many people have had a "forced" update to start using randomized MAC addresses but do you think that will soon start to affect things when all updates are pushed?

Enthusiast
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 12:02 PM
‎Sep 21 2020 12:02 PM

There isn't a good solution at the moment.

 

Larger customers can use group policy assignment via RADIUS, but there is no simple solution for static assignment of group policies.

In response to PhilipDAth
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Sep 21 2020 4:01 PM
‎Sep 21 2020 4:01 PM

This is just the next step in the privacy vs practicality debate..

 

Thanks for sharing @Lord_Mackake 

 

 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
In response to PhilipDAth
Lord_Mackake
Meraki Employee
Meraki Employee
‎Sep 21 2020 8:14 PM
‎Sep 21 2020 8:14 PM

Thanks @PhillipDAth Actually this happened to a huge Mall that can host 32000 daily guests with different networks to manage them all but with this randomization every time the devices are re-joined to the paid network, they lose the access, so the only way to make this work is to ask the user to turn off privacy settings...

BTW I've also found that Meraki Systems Manager can help with this but only for BYOD or Owned Devices: in a brand new Meraki Minute video: https://youtu.be/Bj9Gg7h50Gk
Greeting from Victor Hernandez
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.