iOS 14 Beta allows for private mac addresses...

thewizard1241

Regular Contributor
So this makes it a problem for bandwidth limiting as for QoS you must bind mac and ip addresses. But the mac address is dynamic everytime you connect to the network, is there any way to deal with this?
 

techcafe

Regular Contributor
So this makes it a problem for bandwidth limiting as for QoS you must bind mac and ip addresses. But the mac address is dynamic everytime you connect to the network, is there any way to deal with this?
I would enable the Wireless MAC Filter on the router (Advanced, Wireless) and populate the filter lists with the real (non-spoofed) MAC addresses of all your wireless client devices. That's what I've done on our network, so only known devices are allowed to connect, all others are rejected. There are two wireless MAC filters, one for each band (2.4 and 5GHz), and normally the 2.4GHz filter is used in Accept Mode; and 5GHz is disabled or set to Reject Mode. Populate the 2.4GHz filter list with all of your known-accepted client devices. This allows Guest devices to connect when they are within close proximity to the router, only on the 5GHz band; all unknown clients on the 2.4GHz band get rejected. As you probably know, longer wavelengths / lower frequencies (2.4GHz) propagate over longer distances and pass more easily through walls / obstructions than shorter wavelengths (5GHz). That's why I've set the 2.4GHz filter to Accept and 5GHz to disabled. However, if client devices are using spoofed / private MAC addresses, then the 5GHz MAC filter will also need to be set to Accept Mode and populated with the same device addresses in the the 2.4GHz filter list. Guest MACs will then need to be added manually to both filters, if you wish to allow them to connect.
 
Last edited:

thewizard1241

Regular Contributor
I would enable the Wireless MAC Filter on the router (Advanced, Wireless) and populate the filter lists with the real (non-spoofed) MAC addresses of all your wireless client devices. That's what I've done on our network, so only known devices are allowed to connect, all others are rejected. There are two wireless MAC filters, one for each band (2.4 and 5GHz), and normally the 2.4GHz filter is used in Accept Mode; and 5GHz is disabled or set to Reject Mode. Populate the 2.4GHz filter list with all of your known-accepted client devices. This allows Guest devices to connect when they are within close proximity to the router, only on the 5GHz band; all unknown clients on the 2.4GHz band get rejected. As you probably know, longer wavelengths / lower frequencies (2.4GHz) propagate over longer distances and pass more easily through walls / obstructions than shorter wavelengths (5GHz). That's why I've set the 2.4GHz filter to Accept and 5GHz to disabled. However, if client devices are using spoofed / private MAC addresses, then the 5GHz MAC filter will also need to be set to Accept Mode and populated with the same device addresses in the the 2.4GHz filter list. Guest MACs will then need to be added manually to both filters, if you wish to allow them to connect.
Thank you this is a good method ill apply this today! I put all my clients strictly on the 2.4ghz channel and reserve the 5ghz band for more important devices
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top