~ We have a 4402 controller using WPA 1 TKIP & 2 AES, and we are getting ~ MIC Error counter measures on all AP's with clients connected. ~ ~ Most clients are Intel, but I have tested with my Cisco card too, and ~ the same thing occurs.....you are associated with an AP, then it ~ forces the MIC counter measure, and forces all clients off for 60 ~ seconds. ~ ~ Is this a controller hardware issue? as its the same with a default ~ config
No, this is not a controller hardware nor even software issue. As far as I know, this behavior, which is mandated by the WPA standard, is always triggered by a client bug.
To fix this problem, fix the clients.
To work around this problem, use WPA2-AES rather than WPA1-TKIP.
Another workaround, if running 4.1, is to configure the WLC to (in violation of the standard) reduce the countermeasure hold-down period:
(Cisco Controller) >config wlan security tkip hold-down 0 ? Enter WLAN Identifier between 1 and 16.