cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4121
Views
0
Helpful
12
Replies

Decrypt errors occurred for client

larsthobiasen
Level 1
Level 1

Hello

Has any one seen this error on a Cisco 4402 Wireless LAN controller:

0 Mon Sep 24 10:51:00 2007 Decrypt errors occurred for client 00:19:d2:65:09:a0 using WPA key on 802.11b/g interface of AP 00:0b:85:8d:45:40

1 Mon Sep 24 10:51:00 2007 Decrypt errors occurred for client 00:13:02:38:a0:d2 using WPA key on 802.11b/g interface of AP 00:0b:85:8d:45:b0

2 Mon Sep 24 10:50:56 2007 WPA MIC Error counter measure activated on Radio with MAC 00:0b:85:8d:45:f0 and Slot ID 1. Station MAC Address is 00:13:02:1d:62:bf and WLAN ID is 1.

3 Mon Sep 24 10:49:56 2007 WPA MIC Error counter measure activated on Radio with MAC 00:0b:85:8d:4a:60 and Slot ID 0. Station MAC Address is 00:19:d2:65:09:a0 and WLAN ID is 1.

12 Replies 12

jowallander
Level 1
Level 1

Hi Lars,

I'm having a customer who's also experiencing decrypt error in a wlc 4400 environment. I'll check tommorrow to verify that it's the same error message.

Best regards,

Jan-Olov Wallander

Hello Jan-Olov

I am now running WEP, whith no errors, but I will run WPA-TKIP if possible.

Best regards

Lars Thobiasen

Hi again,

I was also asked to change this to WEP but it wasn't possible in my case, due to security constraints. I need to have it working with WPA!

My gut-feeling is that packets are being dropped

between the WLC and the ACS and attempts has been made to increase the timers! It didn't solve the problem and I'll escalate the case now.

I have a client also having issues with WPA1-PSK clients. What APs are you using? Who asked you to change to WEP, Cisco TAC?

Hallo

No. it was not Cisco TAC.

i found it on another forum, where the workaround was to change for WPA2-AES or WEP - but not all my client can run WPA2

whanson
Level 2
Level 2

were you ever able to get this issue resolved. We are having the same problem big time.

menace1320
Level 1
Level 1

We are seeing the same thing.

Running 4.1.185 code.

What is happening to the clients when this error hits the controller?

any chance you are using cisco cards and cisco client? Strange but we seem to have no problems with laptops with builtin cards.

We are using about 200 IBM X41's with Intel 2915's and around 200 IBM X41's with Atheros chipsets, depending on when we purchased the devices. I haven't taken the time yet to track down which chipset is giving us the most problems.

In what appears to be a random pattern, depending of adapter card, if you're running Vista or XP etcetera, you'll see disconnects when this hits the WLC.

This is caused by the 4-way handshake not being handled correctly.

Two important things in our case, which hopefully will lead to a solution today, is that we're running IAS as the Radius server and that the AP's are 1131. When we replaced the AP's with 1000-series the problem was gone but since we're moving towards 1131 in most of our customer setup we need to solve it on this platform.

I'll get back to you when the solution has been tested.

We have the same issue with AP1010 and WLC4402 with 4.2.61.0.

In another location with a single AP1131 using the same controller this problem does not appear.

CSCsj94675

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: