cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1740
Views
5
Helpful
3
Replies

iPSK and randomized MAC addresses (Apple iOS 14)

hm7
Level 1
Level 1

Hello,

 

I have set up a iPSK SSID on a Catalyst 9800-40 controller and this works fine for now.

The MAC address of the device gets checked by ISE and if the WPA2-Key is correct then the device will be assigned the correct VLAN.

 

However, with iOS 14 Apple will introduce randomized MAC addresses and it is enabled by default.

 

As a user I am totally supporting this but as an administrator I think it blows iPSK right out the window.

 

Does anyone have a solution for this when the device changes MAC addresses randomly?

Or am I missing something?

 

cheers,

Harald

3 Replies 3

I do not have devices with iOS 14 yet, but here are my thoughts on this:

It will be configurable per network. So we need to make sure that the feature is switched off for a company network:

  • If the device is company-managed, I assume that the MDM will have the possibility to switch that off. And if it is company managed, we likely use EAP-TLS and won't have a problem with it.
  • If it is a personal device, it probably is all about user-education. When the user is handed out "his" PSK, he should directly get a small tutorial on how to disable private WiFi addresses.

I agree with Karsten. There are a lot of devices like Samsung and Windows that have the feature to randomize the MAC address. MDM and GPO is how we manage that with Corp access. Devices that can’t do 802.1x, they are told to disable that feature prior to on boarding those devices on the network.
-Scott
*** Please rate helpful posts ***

From what I have seen so far with randomised MAC on iOS 14, it seems to keep the same MAC address for a specific SSID. So it is creating a random MAC address per SSID. What I have not tried yet is whether the MAC address changes in an enterprise situation with multiple access points and therefore is changing per BSSID. Has anyone tested this?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: