Unfortunately, the random MAC is tied to the SSID on the phone. SSID1 always uses the same random MAC, and SSID 2 will be the same. I would suggest implementing a Captive Portal (it can be the same as guest) on the MPSK SSID as the default or initial role. Once they register, they can either be pointed to the same MACAuth Service as Guest, or you can create a copy as an MPSK MACAuth Service. This is assuming you already have Guest Web logging with MAC Caching set up already.
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022
If my post was useful accept solution and/or give kudos
------------------------------
Original Message:
Sent: Sep 02, 2022 07:52 AM
From: Zsolt Kardos
Subject: Random MAC, MPSK, device registration problem
Hi All,
We would like to use MPSK for company phones with captive portal device registration to automate the registration process. With IPhone mobiles it works perfectly because there is an option to turn off the random mac feature before we connect to the device registration captive portal based SSID. But on the Android phones there is option to do that only if we already authenticate to an SSID. So our problem is if we connect to the captive portal SSID with random mac (no other option) the ClearPass will register the device with a virtual mac, and on the MPSK SSID connect to a different one or physical one but it will be not match what we provide on the device reg portal.
So is there any option to handle this behavior or is it know issue with Android phones?
Br.,
Cs