Meraki

Boyan1 · ‎May 9 2024

Hi everyone,

When the little slider "Private Wi Fi address" is ON for any iOS device it generates random MAC addresses; which are different from the Apple's factory Wi Fi adapter MAC address.

Is there any way to track these deices on a Meraki network? Obviously the APs see that random MAC address so there's no way to marry MAC to a device. Is there a viable way to track a device on a WPA2 SSID (everyone uses the same password)

Thanks

~B

alemabrahao · ‎May 9 2024

Unfortunately not.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Boyan1 · ‎May 9 2024

Thank you; I was finishing for some less known thing about the 802.x alliance wireless standards where one can pass parameters via the protocol itself, which Meraki could then harvest and expose on the dashboard. I control the end points so if such thing exists it would be easy to implement....

alemabrahao · ‎May 9 2024

Maybe with Meraki MDM, but it's not an easy challenge to deal with.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

KarstenI · ‎May 9 2024

Use 802.1X and each device has either it's own username or it's own certificate.

But even with randomized MACs you should be able to see the device name:

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Boyan1 · ‎May 9 2024

That's the thing, I see some randomly generated name instead of the more human readable name you see, any idea why that might be?

KarstenI · ‎May 9 2024

This is the UUID (based on RFC 4122). Yes, there was a reason when this was shown ... But I forgot it. Perhaps I remember (or even better, someone else knows it).

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Boyan1 · ‎May 9 2024

Yah but how come in your case (your screen shot) it shows hostname and in my case it shows UUID? Did you do something special in the dashboard to have host shown rather than UUID as it is on mine?

BlakeRichardson · ‎May 9 2024

If the device's are managed via an MDM you can disable private MAC. Otherwise there's no easy way to marry what device is what.

802.1x authentication is a better approach.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

PhilipDAth · ‎May 9 2024

If you are doing WPA2 Entperise mode authentication, go Network-Wide/Clients, click on the settings cog on

the right hand side:

And then tick the "User" box.

You can now see the username of each device, and you can search on username.

Boyan1 · ‎May 9 2024

nah it's not enterprise, just password based WPA2 - it's a guest network

Meraki

Community

Is there any way to track iOS devices connecting via WPA2 password association SSID?

Is there any way to track iOS devices connecting via WPA2 password association SSID?