MAC Randomization using IOS14 and Android 10 and above

SOLVED
Lord_Mackake
Meraki Employee
Meraki Employee

MAC Randomization using IOS14 and Android 10 and above

I've been through some issues when these updates were massively deployed such as:

 

1. Group Policies not being applied as they should and all clients fall into Normal policy with new IP-MA address combination

2. Exhausted DHCP

3. Duplicated IP Address Alerts

 

I've done the following:

1. DCHP to last at most 1 day instead of 1 week, 

2. Advise my users with this OS to turn off privacy settings for the corporate SSID

Apple IOS14: https://support.apple.com/en-us/HT211227

Android 10: 

Wi-Fi settings
  1. Open the Settings app.
  2. Tap Network & Internet.
  3. Tap Wi-Fi.
  4. Tap the gear icon associated with the wireless connection to be configured.
  5. Tap Advanced.
  6. Tap Privacy.
  7. Tap Use device MAC

But I wonder if I can use something in Systems Manager to prevent MAC Randomization or what is the best option for preventing this.

Greeting from Victor Hernandez
1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

There isn't a good solution at the moment.

 

Larger customers can use group policy assignment via RADIUS, but there is no simple solution for static assignment of group policies.

View solution in original post

4 REPLIES 4
kYutobi
Kind of a big deal

Thanks @Lord_Mackake for publishing. Not many people have had a "forced" update to start using randomized MAC addresses but do you think that will soon start to affect things when all updates are pushed?

Enthusiast
PhilipDAth
Kind of a big deal
Kind of a big deal

There isn't a good solution at the moment.

 

Larger customers can use group policy assignment via RADIUS, but there is no simple solution for static assignment of group policies.

This is just the next step in the privacy vs practicality debate..

 

Thanks for sharing @Lord_Mackake 

 

 

Thanks @PhillipDAth Actually this happened to a huge Mall that can host 32000 daily guests with different networks to manage them all but with this randomization every time the devices are re-joined to the paid network, they lose the access, so the only way to make this work is to ask the user to turn off privacy settings...

BTW I've also found that Meraki Systems Manager can help with this but only for BYOD or Owned Devices: in a brand new Meraki Minute video: https://youtu.be/Bj9Gg7h50Gk
Greeting from Victor Hernandez
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels