We recently had a few clients being locked down with countermeasures by our WLC 4404 due to TKIP-MIC errors. After doing some reading on the benefits of AES over TKIP I switched our WLAN security settings to AES, and pushed a new wireless policy to our client machines. Every thing appeared to work well, except now the trap log on the 4404 is showing a LOT of WPA decrypt errors. I've checked a few of the clients that appear to have problems, but they've got the right policy and WPA settings to match what is on the WLC.
It's not one particular NIC, it's various clients.
Any thoughts on how I might clear these up?