Random MACs appearing in Omada SDN

I'm scratching my head with this one and so I'm wondering if my FWP could somehow be causing the problem. To summarise, I have an FWP plugged into a fully TP-Link SDN network and I keep seeing random MAC addresses in SDN's client list.

To expand a little I have 3 SDN switches (1 'main' switch that has the FWP plugged into it, and 2 remote switches that are connected via an EAP each) and 5 EAPs. The FWP is running in router mode. I have 5 VLANs (maxing out the FWP and so I have a Gold SE on order :D), one of which is a dedicated management VLAN that the switches and EAPs are configured to use. The single LAN interface of the FWP is unused (no associated devices) as is the LAN interface on SDN.

So, several times a day a device with random MAC address will join SDN as a client. Sometimes I get to see it in the current-clients list but typically I only see it in SDN's 'past connections' list. According to look ups like maclookup.app the MACs are random. The random client's connection always lasts between 5 and 10 minutes and SDN shows that there was no TX or RX, and the SDN logs can show that the client connected to any network (any VLAN or the single LAN interface, seemingly randomly), and the FWP reports nothing whatsoever and so I assume that the client did not attempt to get an IP otherwise a quarantine alarm would been triggered.

These random MACs can appear at almost any time but restarting a switch or EAP will always force one to appear. Notably if a switch is restarted then several MAC's might appear but one will be constant (but not the MAC stamped on the device label) and so I wonder if something is assigning the same random MAC to it (I don't want to factory reset a switch to test that out).

So, a long-shot theory is that the FWP might be scanning the network (BTW I have disabled port scanning on the FWP) and causing SDN to create new clients, maybe? 

Thanks :D