Issue: Captive Portal "Allowed" MAC addresses drop connections

[MagnaPilot]

This issue has been present since at least the 16 series, and to this point have not found a solution, but have found others with the same issue.

Specifically, when using Captive Portal, and allowing some devices access via the MAC access list, eventually, after a seemingly arbitrary amount of time between minutes and weeks, the devices given access via the MAC list will start to drop connections at random, downloads are impossible and the perception to the user is a very slow network. This issue does not occur at the same time to users who are authenticated via username/password on the same captive portal zone. The issue is present regardless of the status of proxy, IDS, firewall or otherwise. I'm willing to contribute any logs needed to help diagnose, I've been trying to trace this issue for nearly two years without success.

[AdSchellevis]

@MagnaPilot better to open this in core, Captive portal is a core function.

Just out of curiosity, have you tried pinning the client to a specific IP address and whitelist it on ip address? Underneath it's doing almost the same, with the addition of using the arp table to figure out which ip it should whitelist. When the arp entry expires there can be a short time in which the client misses authentication, which usually is resolved automatically once the firewall receives some packets again.

[MagnaPilot]

Thank you, I wasn't sure where it resided exactly, but i will do that. I haven't tried with IP mainly due to the fact that we have 200+ devices that rotate in and out of the network. I'll setup a few static devices and see what happens and report back.