Solved: Re: Apple users lose authentication

alfonso-urgel · ‎02-25-2026

Good morning,
I have an SSID with:
- Open security
- Authentication with Splash Page and Sign-on with Radius (Azure)
- External DHCP server for clients
- Valid accounts are assigned for 30 days

I notice that with Windows and Android devices, the accounts work correctly, but with Apple devices, every time the device loses connection, it asks for a new authentication through the Splash Page even though the log indicates that users have been assigned 2,592,000 seconds (30 days).
Is there any solution so that Apple devices do not request new authentications?

alfonso-urgel · ‎03-16-2026

Sharing that I have already found the problem with the re-authentications of devices.
It is important to highlight that these re-authentications occurred on Windows, Android, and Apple devices, but they were more clearly and recurrently presented on Apple devices.

The solution lies in the "Data-Carrier Detect" parameter in the RADIUS section of the SSID.
This parameter is disabled by default, thus it does not force a new authentication every time the device loses connectivity with the SSID.

Thanks to everyone for the suggestions!

View solution in original post

CMR · ‎02-25-2026

Do the Apple devices have MAC randomisation on? If they do then this needs to be set to retain a particular MAC for the SSID, or turned off completely. Otherwise the network sees the device as a new one each time.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

Kevin_Monsta · ‎02-25-2026

change the mac address to 'Use Mac Device'

aleabrahao · ‎02-25-2026

This is what @Kevin_Monsta is talking about.

https://dhcp.msu.edu/help/randommac.html

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

alfonso-urgel · ‎02-25-2026

Thanks for the suggestions, I’m going to try them on some devices and I’ll share the results.

alfonso-urgel · ‎03-05-2026

Hello,
I have been conducting various tests without success. We have changed on the Apple devices to always use the same MAC address, or MAC addresses in "off" mode, and the response is the same: Every time an Apple device disconnects from the network and reconnects, it requires authentication.

I am going to try to create a sponsored SSID to rule out RADIUS Authentication and report the results.

alfonso-urgel · ‎03-16-2026

Sharing that I have already found the problem with the re-authentications of devices.
It is important to highlight that these re-authentications occurred on Windows, Android, and Apple devices, but they were more clearly and recurrently presented on Apple devices.

The solution lies in the "Data-Carrier Detect" parameter in the RADIUS section of the SSID.
This parameter is disabled by default, thus it does not force a new authentication every time the device loses connectivity with the SSID.

Thanks to everyone for the suggestions!

aleabrahao · ‎03-16-2026

I just checked here and the parameter is enabled by default; you probably disabled it at some point.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

alfonso-urgel · ‎03-16-2026

Right, by default it is set to Enable and I have changed it to Disable so that it does not ask me for new authentications for users who are already authenticated.