WPA-AES - Decrypt Errors

Unanswered Question
Jun 26th, 2009

Hi,

After seeing some TKIP-MIC errors for a few wireless clients and reading the benefits of AES over TKIP I switched our encryption to WPA-AES.

The majority of our clients have migrated well, however I am seeing a lot of decrypt errors on the wireless controllers.

"Decrypt errors occurred for client 00:21:63:ba:af:9f using WPA key on 802.11b/g interface of AP 00:1f:ca:82:c9:70"

It's not a particular machine, but rather a large number of them. They appear to be associating and authenticating but the trap log is filling quickly with a large number of these errors.

I'd prefer to stay with AES, but TKIP gave me a lot less errors. :)

We're using:

Cisco 4404 WLC's

Cisco 1131AG LWAPP's

RADIUS Authentication via Microsoft IAS

PEAP Authentication

WPA-AES

Thanks,

Rob

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
CFayNTAdmin83 Thu, 07/02/2009 - 04:44

Wow, small world. I have the same behavior on my network.

I'm running the following...

-Cisco 1242's , LWAPP

-4402 WLC, 4.2.205.0

-MS IAS / RADIUS service

-Funk OAS RADIUS

-WPA2-AES

-PEAP MS-CHAPv2

cchitwood1 Tue, 07/07/2009 - 06:57

I have seen this also, make sure your clients are running the latest version of the WLAN NIC drivers. We've found PEAP support to be improved with every new version of software.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode