Is anyone else having issues when devices use randomized mac addresses on hotspot.
The issue I am having is when a user roams from 1 area to another, and there is a break in signal when it reconnects it randomizes the devices mac address, and therefor is required to log in again.
Some areas the phones can get signal from 2 antennas, and switches at random, and this therefor triggers phone to give a new mac, and the client has to login again.
Is there any solution to this, I have since stopped using hotspot, as this is quite irritating, and also the client eventually gets session limit reached as well, preventing them getting access.
Just wondering if there is a solution or workaround that does not involve client setting phone to use phone mac address.
I think asking/guiding the users of this “Guest” network to disable “Private Network” setting (1 simple setting on Android / iOS) is still the most easy solution without making it technically even more complex (eg. with some Private PSK implementation, Hotspot 2.0 or some 802.1X shizzle)
I also have some environment running where I use DHCP to assign specific IP addresses based on the MAC of the client. These things also break with MAC-randomization. So yeah…
it seems that Mikrotik will not bring a solution to this issue. http cookies are a good solution for verification. http cookies work seamlessly on android , windows and linux devices. ios denies this. I think from now on I will give up microtics and use pfsense.
the private mac should never have been considered a security tool. the work is actually the opposite. what else can it do but make it easier for the person who makes unwanted movements on your network to escape from the logs and make the system administrator disappear into the logs? In the world where Captive Portals are everywhere, phone manufacturers should at least turn off this feature by default. and this feature, which is claimed to provide security, is actually a trap for system administrators. while I have been able to block devices with malicious system movements for years with a few lines of script, I am now hunting for mac logs. for the internet used in the public domain, we cannot make an announcement to turn off the private mac feature, especially to an ignorant society.
terribly slow , selfish apple network devices that require special training to access the open Internet in a public space, and ignorant customers who get a headache because of this. Why is it still preferred?
The issue does not exist anymore because device manufacturers have realized that it causes the above problem, and now they randomize the MAC only on the first connect to a network, not when you later re-connect to the same network.