877W %DOT11-7-CCKM_AUTH_FAILED

Unanswered Question
Nov 27th, 2008
User Badges:

Sometimes when I connect to 877W router via WiFi Im getting notice (which mentioned on cisco.com site) in logs:

%DOT11-7-CCKM_AUTH_FAILED : Station [enet] CCKM authentication failed

official explanation is: "The station has failed CCKM authentication."

And "Recommended Action" is: "Verify the topology of the APs under the WDS domain."


But 877W does not support WDS commands. And also there no ability to turn CCKM off.

Only one thing helps: reload.


I tried and made some tests with following IOSs:

c870-advipservicesk9-mz.124-22.T

c870-advipservicesk9-mz.124-15.T7


I was using 3 different PC's (two XP's and one OSX Leopard, all of them were with latest updates/patches)


To confirm highly mentioned problem its enough to switch reauth period to 10 seconds:

dot1x reauth-period 10


And after few minutes we'll get many notices like:

%DOT11-7-CCKM_AUTH_FAILED: Station [enet] authentication failed


And all clients which are trying to reassociate or associate with 877w are unable to connect.


I was surfing through forum and noticed following steps for testing:

- to leave only one SSID

- to turn guest-mode off

- to turn off TKIP and allow only AES.


I tried everything and that was useless.

Maybe someone got any idea how to solve this problem?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anatoytyukanov Wed, 12/03/2008 - 04:41
User Badges:

After some series of tests I discovered following.

Bug exists only in IOS 22.T + AES. If im using TKIP encryption or if I turn encryption off everything works perfectly.

beabrams Wed, 12/03/2008 - 06:44
User Badges:
  • Cisco Employee,

CSCsv80189, its a bug in the new 22 code... if you back rev it will work fine.....

russlavbank Thu, 12/04/2008 - 04:38
User Badges:

Yes, 15.T7 work but writes


"*** Not encrypted dot1x packet from [MAC] has been discarded"


while client reauthentication.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode