Meraki Community

Boyan1

Hi everyone,

When the little slider "Private Wi Fi address" is ON for any iOS device it generates random MAC addresses; which are different from the Apple's factory Wi Fi adapter MAC address.

Is there any way to track these deices on a Meraki network? Obviously the APs see that random MAC address so there's no way to marry MAC to a device. Is there a viable way to track a device on a WPA2 SSID (everyone uses the same password)

Thanks

~B

alemabrahao

Unfortunately not.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Boyan1

Thank you; I was finishing for some less known thing about the 802.x alliance wireless standards where one can pass parameters via the protocol itself, which Meraki could then harvest and expose on the dashboard. I control the end points so if such thing exists it would be easy to implement....

alemabrahao

Maybe with Meraki MDM, but it's not an easy challenge to deal with.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

KarstenI

Use 802.1X and each device has either it's own username or it's own certificate.

But even with randomized MACs you should be able to see the device name:

Boyan1

That's the thing, I see some randomly generated name instead of the more human readable name you see, any idea why that might be?

KarstenI

This is the UUID (based on RFC 4122). Yes, there was a reason when this was shown ... But I forgot it. Perhaps I remember (or even better, someone else knows it).

Boyan1

Yah but how come in your case (your screen shot) it shows hostname and in my case it shows UUID? Did you do something special in the dashboard to have host shown rather than UUID as it is on mine?

BlakeRichardson

If the device's are managed via an MDM you can disable private MAC. Otherwise there's no easy way to marry what device is what.

802.1x authentication is a better approach.

btr.net.nz

PhilipDAth

If you are doing WPA2 Entperise mode authentication, go Network-Wide/Clients, click on the settings cog on

the right hand side:

And then tick the "User" box.

You can now see the username of each device, and you can search on username.

Boyan1

nah it's not enterprise, just password based WPA2 - it's a guest network

Meraki Community

Is there any way to track iOS devices connecting via WPA2 password association SSID?

Is there any way to track iOS devices connecting via WPA2 password association SSID?