[NOTE] F/W 4.4.6-release1: MAC Randomization applies only to WAN

  • Device: Flint
  • Firmware: 4.4.6-release1
  • MAC: Randomized

Hello,

I just ran a port scan against my Flint, f/w 4.4.6-release1. Its MAC is a Random (GL GUI → Network → MAC Address → Mode → Manual → Random). The below [redacted] is the physical MAC & not the entirely different random one assigned within the GL GUI.

root@certa:~# nmap 192.168.2.1 -sU -p 51820
Starting Nmap 7.91 ( https://nmap.org ) at 2023-11-13 09:52 EST
Nmap scan report for 192.168.2.1
Host is up (0.0012s latency).

PORT      STATE         SERVICE
51820/udp open|filtered unknown
MAC Address: [redacted] (GL Technologies (Hong Kong) Limited)

Here is an example of a Certa (f/w 4.3.7-release4) being scanned:

nmap certa -sU -p 51820
Starting Nmap 7.80 ( https://nmap.org ) at 2023-11-13 12:20 AST
Nmap scan report for certa (192.168.91.137)
Host is up (0.00045s latency).
rDNS record for 192.168.91.137: certa.local.lan

PORT      STATE         SERVICE
51820/udp open|filtered unknown
MAC Address: CE:[redacted]:15 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 1.10 seconds

Note how it shows (Unknown) for its randomized MAC.

Hello, our MAC address cloning is done on the WAN port, and we used nmap to scan information on the LAN port of the upstream device. In order to check if the cloning was successful, we need to use0 ifconfig to see if the MAC address on the WAN port has changed. Your question is about why, after using MAC cloning and scanning with nmap, Flint’s scan shows MAC Address: [redacted] (GL Technologies (Hong Kong) Limited), while Certa’s scan shows MAC Address: CE:[redacted]:15 (Unknown).

I can see it’s time for me to clean up the rat’s nest. Indeed, Certa’s WAN was connected to Flint’s LAN. ifconfig eth0 from the Flint shows the Flint’s random MAC.

G0Syx