iOS disable "Private Address"

alessio_tedesco
New Contributor III

hi all,
is there a way to enforce the setting "Private Address" turned off?
We actually have a Cisco ISE in our internal network that uses mac address to detect if it is an iPhone (we push mac addresses in a specific group) and then moves the iPhones to another network. Since Private Address is on, it transmits to the network controller a different MAC address and breaks our rule.

1 ACCEPTED SOLUTION

Tribruin
Contributor III
Contributor III

It is available in the WiFi Configuration Profile setting: Disable MAC Address Randomization (iOS 14 or later)

Originally an MDM could change the setting, but it was user overridable. But as os iOS14.1 (or 14.2), the setting can not be overridden by the user anymore if set by a profile.

View solution in original post

10 REPLIES 10

Tribruin
Contributor III
Contributor III

It is available in the WiFi Configuration Profile setting: Disable MAC Address Randomization (iOS 14 or later)

Originally an MDM could change the setting, but it was user overridable. But as os iOS14.1 (or 14.2), the setting can not be overridden by the user anymore if set by a profile.

View solution in original post

I am trying to employ this limitation for the iPads in my school district, but it is not working. I have created a configuration profile using the “Disable MAC Address Randomization (iOS 14 or later)” as prescribed; however, it is not working. The Private Address option on the iPad is still active and can be turned on and off by the user. Is anyone else seeing this issue and if so, is there a solution?

I am trying to employ this limitation for the iPads in my school district, but it is not working. I have created a configuration profile using the “Disable MAC Address Randomization (iOS 14 or later)” as prescribed; however, it is not working. The Private Address option on the iPad is still active and can be turned on and off by the user. Is anyone else seeing this issue and if so, is there a solution?

wdpickle
Contributor

Do you know if this applies to all SSIDs the iPad can connect to or is it just the specified SSID associated in the config profile?

mainelysteve
Valued Contributor

@wdpickle Just the specified SSID in your profile.

user-hRLOJfwMia
New Contributor

This is absolutely terrible. Is there really no way to turn off the Private Wi-Fi address for all SSIDs? We have several networks here that are controlled by RADIUS, and have constantly aborts in the network because of this ... special feature.

mainelysteve
Valued Contributor

@user-hRLOJfwMia It is and no it's still per SSID. Provide feedback to Apple to get that changed to a system wide setting. I've complained about it to my state SE's and questioned it during a regional SE meeting back in the fall.

david_yenzer
Contributor II

*grumble* This one bit us again at the start of this school year.

In my own experimentation with it, I have found that I can get it to take but it requires wiping the device; which doesn't make a lot of sense for a configuration profile. To this end, I feel it's better to turn off the private network manually but keep this option running so as devices get wiped, it will retain this option. No sense in wiping 6000+ devices just to get this one feature working properly.

joeharden
New Contributor II

Still seeing this up to 14.8... haven't tried much with ios15 yet.