877W %DOT11-7-CCKM_AUTH_FAILED

Unanswered Question
Nov 27th, 2008

Sometimes when I connect to 877W router via WiFi Im getting notice (which mentioned on cisco.com site) in logs:

%DOT11-7-CCKM_AUTH_FAILED : Station [enet] CCKM authentication failed

official explanation is: "The station has failed CCKM authentication."

And "Recommended Action" is: "Verify the topology of the APs under the WDS domain."

But 877W does not support WDS commands. And also there no ability to turn CCKM off.

Only one thing helps: reload.

I tried and made some tests with following IOSs:

c870-advipservicesk9-mz.124-22.T

c870-advipservicesk9-mz.124-15.T7

I was using 3 different PC's (two XP's and one OSX Leopard, all of them were with latest updates/patches)

To confirm highly mentioned problem its enough to switch reauth period to 10 seconds:

dot1x reauth-period 10

And after few minutes we'll get many notices like:

%DOT11-7-CCKM_AUTH_FAILED: Station [enet] authentication failed

And all clients which are trying to reassociate or associate with 877w are unable to connect.

I was surfing through forum and noticed following steps for testing:

- to leave only one SSID

- to turn guest-mode off

- to turn off TKIP and allow only AES.

I tried everything and that was useless.

Maybe someone got any idea how to solve this problem?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anatoytyukanov Wed, 12/03/2008 - 04:41

After some series of tests I discovered following.

Bug exists only in IOS 22.T + AES. If im using TKIP encryption or if I turn encryption off everything works perfectly.

russlavbank Thu, 12/04/2008 - 04:38

Yes, 15.T7 work but writes

"*** Not encrypted dot1x packet from [MAC] has been discarded"

while client reauthentication.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode