Apple devices are sending accurate information down to the IOS version. We verified this by talking to users in person and comparing their device types to meraki dashboard. So why can't Meraki at least make that work? It's virtually completely non-working since many months ago, it used to work "just a little bit" and now not at all.
I literally manually block these by hand on a daily basis.
Let's not go down the path of talking about using 802.1.x auth and getting away from PSK SSID to prevent personal devices from getting onto a wireless network, we already talked about this above. We have several reasons why we cannot change the password readily for our legacy PSK based SSID, that's why I went down this path hoping this feature would work.
Meraki should come out clean on why this doesn't work and kill this feature already. I've opened at least 3 tickets on this over the years and it has gone nowhere.