We are using a UDM PRO with 1.8.5 firmware and Unifi Network 6.0.43.
We are using a MAC address whitelist along with Radius auth, but we have a user with an iPhone 11 and iPhone 12 that cannot authenticate, they can on the PC/Mac without issue and on older iPhones and iPads.
Not sure why?
Thank you, Blane
I am not an iPhone user, but I think they do some type of dynamic MAC address generation that can be turned off.
Turn off Mac privacy in iOS it is under the setting for the connected Wi-Fi network.
Yes, this is a pain. You’ll probably want to have them authenticate in a different way.
The private address setting is PER AP, so even if you have 100 APs with the same SSID, the iPhone will keep turning back to the private address for each of them, even if you turn it off. You would need to individually connect to each of the 100 APs independently and turn off private network while connected to each one. Once you turn off the private address for an individual AP, it will be remembered for that AP in the future. Not ideal.
Just going to chime in here that Android is now doing this as well in the newer versions. Drill down into the “Privacy” setting in Network Details of each WiFi connection and turn off “Randomized MAC.”
Yeah, it’s my understanding that Android was ahead of Apple on this.
The info at the link you posted says the private MAC address is unique to each wifi network, not access point. Does you experience contradict that?
I’ll test. Now I am questioning myself.
Based on the replies in this thread, we did the following to resolve the issue.
We went in to Wifi Settings on the iPhone, clicked the blue circle “i” button for the network in question.
We then captured the MAC information for that network, added it to our whitelist and now the user can authenticate.
Thanks all!