I work in the IT department for the residential housing area at my university (network operations is separate from ours). I've wondered how is it that when someone registers a MAC address on our device registration portal [to get wired internet access on campus], BluCat Address Manager is able to detect whether it is a wired or wireless MAC address and assign an IP address from the campus specific ranges accordingly. I know that there's some companies that require you do remote work from a computer that has to be on a wired connection, and they have a programs bundled with the software they give you that can tell the difference, but I have no clue how such a thing would be implemented. Do you have any idea how this is done? Is it right to assume that if a program can figure it out, there's something about the content of the MAC address, or other identifier of the device, that can be looked to determine this? I would like to make a shell program that can replicate this for fun. In every case, this will be for a remote computer on the same network as mine, if that simplifies things.
Do not use MAC address for security or authentication purposes. Those addresses can be trivially changed.
Instead, implement a (or use your existing) network access control solution. These use some combination of actual authentication, device and application fingerprinting, user agents, and integration with other means of device management.
Wireless APs can, and probably do, offer different subnets than the wired access switches. Different physical layer, different design constraints, and possibly a different vendor's equipment.