Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Other MAC Address changed, but didn’t

Bballrob

Bballrob

macrumors 6502a
Original poster
Jul 11, 2017
616
706
Alaska
So I discovered something very odd today. I was checking some WiFi settings in my Airport Utility. I saw a couple of MAC addresses that weren’t at all familiar, so I set up blocks for them. After resetting the AirPort, I couldn’t connect to the WiFi with my own device. I ended up grabbing my sons iPod and doing some experimenting to figure out what had happened.

Basically, my iPhone XR has a new MAC address, at least that it is broadcasting, and this was one of the new MAC addresses that I had just blocked. The thing is, when I go to Settings>General>About, the original MAC address is still showing on the phone.

The other “changed” MAC address was my iPad Air 2.

I have no idea what caused this. I updated both of those to iOS 14 about a day after it was released.

I’m not using a VPN or anything like that and never have on either of these devices.

Any ideas as to what could be causing this?
 
Go to WiFi in settings, click “I” next to network your connected to

The Private Address deal, turn it off. Google iOS 14 and Private Address and you’ll get all the info you need. :)

18b794b1eff71cce2655f8673211c555.png


Meh, here...

Use private Wi-Fi addresses on Apple devices - Apple Support

To improve privacy, your device uses a different MAC address with each Wi-Fi network.
support.apple.com support.apple.com

9to5mac.com

How to use private Wi-Fi MAC address on iPhone in iOS 14 - 9to5Mac

This step by step guide with screenshots covers how to use a private Wi-Fi MAC address on iPhone and iPad with iOS 14 and iPadOS 14.
9to5mac.com 9to5mac.com
 
  • Like
Reactions: krifor03 and akash.nu
blaine07 is correct.

Know though that this is a feature that outside of know private home networks (or corporate networks that do MAC filtering for those BYOD places), is best left ON. By using the random MAC address it helps your device from being fingerprinted out in the wild
 
  • Like
Reactions: blaine07
This was the issue. Thanks for the help.

I don’t like this because if I’ve blocked a MAC address for my airport, the user of the blocked device can turn this on and get right back on.

When you use this private address feature, does it generate a new MAC address each time you toggle it on and off? Or is it the same private address every time??
 
Bballrob said:
This was the issue. Thanks for the help.

I don’t like this because if I’ve blocked a MAC address for my airport, the user of the blocked device can turn this on and get right back on.

When you use this private address feature, does it generate a new MAC address each time you toggle it on and off? Or is it the same private address every time??
Click to expand...

I think it re-generates every time you connect to a WiFi network but not sure. Sorry
 
Bballrob said:
This was the issue. Thanks for the help.

I don’t like this because if I’ve blocked a MAC address for my airport, the user of the blocked device can turn this on and get right back on.

When you use this private address feature, does it generate a new MAC address each time you toggle it on and off? Or is it the same private address every time??
Click to expand...

In my experience it will keep the same random MAC for each network for a period of time, then regenerate...like DHCP issued IP addresses. For my home network, If I turn the feature off, then restart my phone, when I turn my phone back on and the randomized MAC feature it is the same random MAC it was before. So again, I believe the phone is keeping a log of SSID's and the assigned MAC, and those MACs are on a lease system, like IP addresses
 
  • Like
Reactions: brucemr
Bballrob said:
I don’t like this because if I’ve blocked a MAC address for my airport, the user of the blocked device can turn this on and get right back on.
Click to expand...

And now you have first-hand experience with how MAC filtering isn't and wasn't really a reliable security feature. It's a bit better if you whitelist instead of blacklist, though.
 
  • Like
Reactions: chrfr
BrianBaughn said:
And now you have first-hand experience with how MAC filtering isn't and wasn't really a reliable security feature. It's a bit better if you whitelist instead of blacklist, though.
Click to expand...

wha??...yes you are correct, in a blacklist situation there are holes. But in the whitelist, like you mentioned, unless an attacker has access to that list as spoofs there MAC....how are they getting in🤨. The MAC works as advertised
 
BrianBaughn said:
And now you have first-hand experience with how MAC filtering isn't and wasn't really a reliable security feature. It's a bit better if you whitelist instead of blacklist, though.
Click to expand...

Is there a way to whitelist instead of blacklist on an airport device?
 
BrianBaughn said:
I think you're going to have to use the password for access control.
Click to expand...

Which I already do. What I’m running up against is, I’m trying to limit the access my children have to the network via their iPods and other devices. Before I could simply do it by setting the limits by MAC address in the airport. But once their time has expired, if they just switch to this “private” network, they can log right in because the password is already saved to their device. If there was a way to whitelist certain Mac addresses, they wouldn’t have this workaround even though they’d have the password saved in their devices. The device flashing the new MAC address wouldn’t be allowed on the WiFi at all.
 
Bballrob said:
Which I already do. What I’m running up against is, I’m trying to limit the access my children have to the network via their iPods and other devices. Before I could simply do it by setting the limits by MAC address in the airport. But once their time has expired, if they just switch to this “private” network, they can log right in because the password is already saved to their device. If there was a way to whitelist certain Mac addresses, they wouldn’t have this workaround even though they’d have the password saved in their devices. The device flashing the new MAC address wouldn’t be allowed on the WiFi at all.
Click to expand...

Correct…and there's just about zero chance of Apple adding anything to the firmware on their seven-year-old routers.

To get what you're wanting I'm pretty sure you'll have to replace it or at the least add a new device to the chain that will do the filtering you need.

I suppose you've already looked into what controls the devices have onboard.
 
Bballrob said:
Which I already do. What I’m running up against is, I’m trying to limit the access my children have to the network via their iPods and other devices. Before I could simply do it by setting the limits by MAC address in the airport. But once their time has expired, if they just switch to this “private” network, they can log right in because the password is already saved to their device. If there was a way to whitelist certain Mac addresses, they wouldn’t have this workaround even though they’d have the password saved in their devices. The device flashing the new MAC address wouldn’t be allowed on the WiFi at all.
Click to expand...
Could you not set screentime limits on their devices instead?
 
  • Like
Reactions: Bballrob
mrochester said:
Could you not set screentime limits on their devices instead?
Click to expand...

That light do it but I think I found a solution. I had posted a similar thread called Blocking From Airport and I think I got a solution in there that will give me exactly what I need.
 
Bballrob said:
So I discovered something very odd today. I was checking some WiFi settings in my Airport Utility. I saw a couple of MAC addresses that weren’t at all familiar, so I set up blocks for them. After resetting the AirPort, I couldn’t connect to the WiFi with my own device. I ended up grabbing my sons iPod and doing some experimenting to figure out what had happened.

Basically, my iPhone XR has a new MAC address, at least that it is broadcasting, and this was one of the new MAC addresses that I had just blocked. The thing is, when I go to Settings>General>About, the original MAC address is still showing on the phone.

The other “changed” MAC address was my iPad Air 2.

I have no idea what caused this. I updated both of those to iOS 14 about a day after it was released.

I’m not using a VPN or anything like that and never have on either of these devices.

Any ideas as to what could be causing this?
Click to expand...

I doesn't make sense to me at all. I had the same issue. All the MAC addresses of all my devices are set using Airport Utility. No access for all other MAC addresses.

This feature in iOS should be turned ON on my opinion. It shows the MAC address as I have entered in Aiport Utility for this iPhone. Why does wifi connect fail if turned on ???

iPhone is getting more and more a smartphone for developers but no longer for users with more more settings coming in after every iOS update. That's my opinion. iPhone has become a smartphone for developers!
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back