How does pfsense handle cloned mac address?
-
If a user is currently online in dhcp.
Then a new device connects but has the same mac address on a client that is currently active.How does pfsense handle the new client?
Will it be given a different ip? -
Is it in the same subnet/L2 as the first client? If so, then your switch would go nuts since that's not a valid scenario. You can't have two different devices with the same MAC. That has nothing to do with pfSense, and would have to be addressed in your AP/Switch/L2 setup.
Even if it did manage to make a DHCP request, pfSense would most likely think it's the same client and give it the same lease, since it would be going by MAC.
If it's on a different interface/switch/L2/subnet, that's OK and it would get an address from the other subnet.
-
client would be on wifi.
im offering a public "paid" wifi.one way people cheat is scanning for users and cloning their mac address.
-
If they weren't connected at the same time, there's no way to tell. However, for a paid service, you should be relying on something better than just the MAC address.
-
There isn't any way for the firewall to tell two MACs apart. You'll need something more. If it's that bad, you need L2 auth (802.1x) in your APs, not firewall controls.