I had call today to check my Hub 3 connected clients and then noticed a 'unknown' client attached to the 5ghz network. It had been assigned an IP address so is connected to the WiFi at around 70mbs.
The MAC address begins CA:95:13 and is not identifiable anywhere on MAC lookup websites.
If I use the Hub 3 ping tool then the IP address has 100% failures. If I ping from my laptop I get intermittent replies.
If I block this MAC address then the entire WiFi collapses and nothing on the WiFi side of things works. On either 2.4 or 5ghz. I have to unblock via an ethernet connected device to get things working again on WiFi.
I'm concerned as to what this device is but it would, from the above, appear to be some internal WiFi loopback type connection??? It only appears on the 5ghz WiFi.
I may try changing the connection password tomorrow to see if, as I expect, that the connection reappears, regardless.
Anyone able to assist or advise??? Any help appreciated.
I have split 2.4 and 5ghz networks, though they share the same password. I also have a network extender to reach the far corner of the house.
The rogue client only ever connects to the Hub 3 5ghz network and if I disable that 'rogue' MAC address ALL wifi functionality ceases for ALL devices (including the extender) across both 2.4 and 5ghz networks until the 'rogue' MAC is reinstated.
Does the rogue MAC have any link to the extender? Is your network extender a 'powerline' type of device (connecting across your home electrical wiring). If so, have you set up a unique encrypted password for the powerline link from the hub to extender? There have been some mentions in past topics of customers seeing rogue devices on their network (from neighbouring properties) using powerline connections and default passwords, which are being linked by a common electrical power connection.
The MAC is unrelated to the extender and I have confirmed the extender MACs on the Hub 3 so they are all accounted for. They also show up on the MAC address lookup website as belonging to the company that made them.
The extender is WiFi based so doesn't use powerline. I have disabled a couple of clients previously on it which appear to be the neighbours Sky Q and Sky extenders trying to connect. They never get as far as IP addresses so I know they aren't actually connected like the current rogue one is.
I'm obviously concerned about the rogue device as it is unlikely my password was ever compromised. Only 2 poeple know it and all my devices are up to date with security patches etc, so not sure how it would ever get out. I'm going to try and change it temporarily in the morning to see if the rogue device reappears. That way I'll know if its a some sort of internal thing at least. The strange thing is the MAC prefix is unknown and like I said if I disable it's MAC my entire WiFi (Hub 3 and Extender) networks collapse. The 2 WiFi networks for 2.4 nd 5ghz stay active and visible (my iphone is still connected) but nothing works on the internet. Its like the outbound functionailty just stops for WiFi ONLY as my Philips Hue lights, on Hub 3 ethernet, carry on working.
So to reiterate: Hub 3 5ghz wifi only. Happens with extender off. Unknown MAC prefix. Disabling causes all outgoing WiFi traffic to fail.
OK, so its 00:50 in the morning and I've finally solved my issue.
Suffice to say it was 50% a technical issue and 50% human 'error' 😒
I won't go into any details to save my embarrassment but all is now fine and 'fixed' but I will say this......
If you are experiencing 'rogue' devices on your network that you don't recognise and they are up to date Apple devices running iOS or WatchOS, check your 'rogue' MAC addresses against the 'Private Address' your device may actually be using. This is different to it's default MAC address.