Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7275
Views
15
Helpful
4
Replies

MAC Randomization using IOS14 and Android 10 and above

Go to solution
MacKake
Cisco Employee
Cisco Employee

‎09-21-2020 09:14 AM

I've been through some issues when these updates were massively deployed such as:

1. Group Policies not being applied as they should and all clients fall into Normal policy with new IP-MA address combination

2. Exhausted DHCP

3. Duplicated IP Address Alerts

I've done the following:

1. DCHP to last at most 1 day instead of 1 week,

2. Advise my users with this OS to turn off privacy settings for the corporate SSID

Apple IOS14: https://support.apple.com/en-us/HT211227

Android 10:

Wi-Fi settings
  1. Open the Settings app.
  2. Tap Network & Internet.
  3. Tap Wi-Fi.
  4. Tap the gear icon associated with the wireless connection to be configured.
  5. Tap Advanced.
  6. Tap Privacy.
  7. Tap Use device MAC

But I wonder if I can use something in Systems Manager to prevent MAC Randomization or what is the best option for preventing this.

Greeting from Victor Hernandez
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎09-21-2020 12:02 PM

There isn't a good solution at the moment.

Larger customers can use group policy assignment via RADIUS, but there is no simple solution for static assignment of group policies.

View solution in original post

4 Replies 4

Go to solution
kYutobi
Level 11
Level 11

‎09-21-2020 11:06 AM

Thanks @MacKake for publishing. Not many people have had a "forced" update to start using randomized MAC addresses but do you think that will soon start to affect things when all updates are pushed?

Enthusiast
0 Helpful

Go to solution
Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎09-21-2020 12:02 PM

There isn't a good solution at the moment.

Larger customers can use group policy assignment via RADIUS, but there is no simple solution for static assignment of group policies.

Go to solution
BlakeRichardson
Meraki Community All-Star
Meraki Community All-Star
In response to Philip D'Ath

‎09-21-2020 04:01 PM

This is just the next step in the privacy vs practicality debate..

Thanks for sharing @MacKake

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Go to solution
MacKake
Cisco Employee
Cisco Employee
In response to Philip D'Ath

‎09-21-2020 08:14 PM

Thanks @PhillipDAth Actually this happened to a huge Mall that can host 32000 daily guests with different networks to manage them all but with this randomization every time the devices are re-joined to the paid network, they lose the access, so the only way to make this work is to ask the user to turn off privacy settings...

BTW I've also found that Meraki Systems Manager can help with this but only for BYOD or Owned Devices: in a brand new Meraki Minute video: https://youtu.be/Bj9Gg7h50Gk
Greeting from Victor Hernandez
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card