Cisco WLC - WPA MIC Errors.....all AP's same syptoms

We have a 4402 controller using WPA 1 TKIP & 2 AES, and we are getting MIC Error counter measures on all AP's with clients connected.

Most clients are Intel, but I have tested with my Cisco card too, and the same thing occurs.....you are associated with an AP, then it forces the MIC counter measure, and forces all clients off for 60 seconds.

Is this a controller hardware issue? as its the same with a default config

Reply to
d.azzopardi
Loading thread data ...

snipped-for-privacy@caeuk.com crashed Echelon writing news: snipped-for-privacy@m36g2000hse.googlegroups.com:

I have seen this on different vendor equipment. We never found any real good explanation for the behaviour, but what it seemed like was clients with Intel 2200BG cards and running with Intel Wireless Client.

With newer updated driver and Windows XPs own WIFI zero configuration client, the problematic clients seemed to go away.

Reply to
Bjarke Andersen

~ We have a 4402 controller using WPA 1 TKIP & 2 AES, and we are getting ~ MIC Error counter measures on all AP's with clients connected. ~ ~ Most clients are Intel, but I have tested with my Cisco card too, and ~ the same thing occurs.....you are associated with an AP, then it ~ forces the MIC counter measure, and forces all clients off for 60 ~ seconds. ~ ~ Is this a controller hardware issue? as its the same with a default ~ config

No, this is not a controller hardware nor even software issue. As far as I know, this behavior, which is mandated by the WPA standard, is always triggered by a client bug.

To fix this problem, fix the clients.

To work around this problem, use WPA2-AES rather than WPA1-TKIP.

Another workaround, if running 4.1, is to configure the WLC to (in violation of the standard) reduce the countermeasure hold-down period:

(Cisco Controller) >config wlan security tkip hold-down 0 ? Enter WLAN Identifier between 1 and 16.

Regards,

Aaron

Reply to
Aaron Leonard

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.