Blocking devices that use Randomized MAC Addresses to connect to SSID

Linda
Linda I dont want to receive any newsletter Posts: 11 image  Freshman Member
First Comment Friend Collector Third Anniversary

I will block devices that are connected to an SSID that they are not supposed to, but because they have randomization turned on, they can get a fresh MAC address and reconnect. Devices are BYOD so I can't force people to turn it off in their settings.

1 votes

Active · Last Updated

Comments

  • PeterUK
    PeterUK I dont want to receive any newsletter Posts: 4,075 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary

    Their is nothing you can do about the device that Randomized MAC it can not be known that it is random MAC only that its a new MAC.

    One way to deal with this is a MAC filter of allowed MAC's but if thats not a option nothing anyone can do about it.

  • Linda
    Linda I dont want to receive any newsletter Posts: 11 image  Freshman Member
    First Comment Friend Collector Third Anniversary

    I believe randomized MAC addresses have 2, 6, A or E as their second digit. So it'd be nice if there is a setting to deny connection from devices with MAC addresses starting with *2, *6, *A, or *E.

  • Zyxel_Melen
    Zyxel_Melen Business and consumer products Posts: 3,876 image  Guru Member
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @Linda,

    We will evaluate this idea. However, it is recommended to use:

    1. 802.1x for authentication. (If your model supports 802.1x)
    2. MAC authentication to allow know MAC address. (Require to learn the MAC addresses of accepted devices.)
    Zyxel Melen