VMware Workspace ONE Community
Bravehrt
Contributor
Contributor

Turn off private addressing in Airwatch

Hello everyone. I am trying to create a new IOS 15.X profile to distribute to our iPads, and I am kind of new to Airwatch / Workspace One. 

I do not see a location within the client to permanently disable private addressing? We need this to be permanently switched off. 

Can anyone please tell me *exactly* where to find / locate it within to client so I can save this profile?

Thank you very much!

 

 

Labels (1)
Reply
0 Kudos
12 Replies
Bravehrt
Contributor
Contributor

Bueller? Anybody?

somemdm
Enthusiast
Enthusiast

You'll need to create a Wi-Fi profile for the intended wireless network and check the box 'Prevent MAC address randomization'.

JacquesPerrolle
Enthusiast
Enthusiast

What @somemdm said. That's the only way to manage it for iOS. There is no way to manage it for Android. Quite the bummer if you're also using a Network Access Control.

Reply
0 Kudos
Bravehrt
Contributor
Contributor

Do you mean, even with "powered by 2010" there IS a way to turn it off, but NOT to turn it back on again, 

 

OR

Are you saying there's no way to manage that feature whatsoever ?

Reply
0 Kudos
JacquesPerrolle
Enthusiast
Enthusiast

The only way to disable the randomized MAC address feature in iOS is in a Wi-Fi profile. And that only applies to whatever wifi SSID you're trying to connect the users to, if that is even a road you want to go down. Beyond that, there is no way to "permanently disable" private addressing. In my testing, even disabling it in the wi-fi profile was hit or miss to the point I just gave up.

Reply
0 Kudos
Bravehrt
Contributor
Contributor

I'm sorry I wasn't clear. I was referring to the previous comment referring Androids. 

Tags (1)
Reply
0 Kudos
JacquesPerrolle
Enthusiast
Enthusiast

I don't believe there's a way to manage it at all on Androids. I've been unable to find a way to disable private addressing within the profile space.

Reply
0 Kudos
JacquesPerrolle
Enthusiast
Enthusiast

I should note that now in Android 11+, we're seeing all MAC addresses as "02:00:00:00:00:00", which is a real problem for us. Well, more for the Androids as we'll kick them off the network if we cannot see their actual MAC address. This appears to be as designed by Google when there's a COPE enrollment for devices as Hub cannot see the actual MAC address of the device. Thanks Google.

Tags (1)
Reply
0 Kudos
jpjp1
Contributor
Contributor

also interested in this as we bring devices internal using ISE , how to find an secure devices is challenging. 

Reply
0 Kudos
BigMike23
Enthusiast
Enthusiast

Love this reference.

Reply
0 Kudos
jpjp1
Contributor
Contributor

with ios , we published a wifi profile which with the SSID allows disable Mac Randomization, and the trust cert was the ISE fqdn cert , and Identity being provided by either SCEP or internal CA with a device certificate. Unfortunately Androids dont have the ability to do this private addressing and seems to be set by google and not available to the mdm api. 

Reply
0 Kudos
anilspp
Enthusiast
Enthusiast

Thanks for helping here.

Reply
0 Kudos