What does CCMP DecryptErrorsClient is detected mean??

Unanswered Question
Nov 8th, 2007

Sorry for the seemingly silly question, but my WLSE keeps reporting this error and I can't find a reference to what it means.

Here's the entire message:

FaultId: 58

DeviceId: 4191

DeviceIP: X.X.X.X

DeviceName: X.X.X.X

MO: Client_stat 0013e8796489 Data

Change: CCMP DecryptErrorsClient is detected (cnt: 1)

ChangeSeverity: P2

StateChange: CcmpDecryptErrorsClient is Down

AlarmState: Active

OverallSeverity: P2

DeviceType: IOSAccessPoint

Thanks in advance..


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rob.huffman Fri, 11/09/2007 - 06:25

Hi Ron,

Here is some reference material;

Background Information

WPA is a standard-based security solution from the Wi-Fi Alliance that addresses the vulnerabilities in native WLANs. WPA provides enhanced data protection and access control for WLAN systems. WPA addresses all known Wired Equivalent Privacy (WEP) vulnerabilities in the original IEEE 802.11 security implementation and brings an immediate security solution to WLANs in both enterprise and small office, home office (SOHO) environments.

WPA 2 is the next generation of Wi-Fi security. WPA 2 is the Wi-Fi Alliance interoperable implementation of the ratified IEEE 802.11i standard. WPA 2 implements the National Institute of Standards and Technology (NIST)-recommended Advanced Encryption Standard (AES) encryption algorithm with the use of Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). AES Counter Mode is a block cipher that encrypts 128-bit blocks of data at a time with a 128-bit encryption key. The CCMP algorithm produces a message integrity code (MIC) that provides data origin authentication and data integrity for the wireless frame.

Note: CCMP is also referred to as CBC-MAC.

CCMP Based on the Advanced Encryption Standard (AES) defined in the National Institute of Standards and Technology's FIPS Publication 197, AES-CCMP is a symmetric block cipher that can encrypt and decrypt data using keys of 128, 192, and 256 bits. AES-CCMP is superior to WEP encryption and is defined in the IEEE 802.11i standard.

WLSE Fault - Descriptions;


Hope this helps!


rserao Fri, 11/09/2007 - 08:51

Hi Rob,

Thanks for that info.. I had come across the WLSE faults doc which lists the fault but didn't give me any idea of what causes it or how to fix it. it just said to stop the error, increase the threshold. So I'm still not sure why only this one AP, out of 30 is generating this error? Is it a problem with an end device trying to associate, authenticate, etc??

Any insight you can provide on how to fix this would be great.




This Discussion



Trending Topics - Security & Network