WPA-AES - Decrypt Errors

Unanswered Question
Jun 26th, 2009
User Badges:


After seeing some TKIP-MIC errors for a few wireless clients and reading the benefits of AES over TKIP I switched our encryption to WPA-AES.

The majority of our clients have migrated well, however I am seeing a lot of decrypt errors on the wireless controllers.

"Decrypt errors occurred for client 00:21:63:ba:af:9f using WPA key on 802.11b/g interface of AP 00:1f:ca:82:c9:70"

It's not a particular machine, but rather a large number of them. They appear to be associating and authenticating but the trap log is filling quickly with a large number of these errors.

I'd prefer to stay with AES, but TKIP gave me a lot less errors. :)

We're using:

Cisco 4404 WLC's

Cisco 1131AG LWAPP's

RADIUS Authentication via Microsoft IAS

PEAP Authentication




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
CFayNTAdmin83 Thu, 07/02/2009 - 04:44
User Badges:

Wow, small world. I have the same behavior on my network.

I'm running the following...

-Cisco 1242's , LWAPP

-4402 WLC,

-MS IAS / RADIUS service




cchitwood1 Tue, 07/07/2009 - 06:57
User Badges:

I have seen this also, make sure your clients are running the latest version of the WLAN NIC drivers. We've found PEAP support to be improved with every new version of software.


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode