Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Two TKIP Michael MIC failures were detected within 0 seconds on Dot11Radio0

Hi NetPro,

anyone who has encountered or seen this before ?

Error Msg - Two TKIP Michael MIC failures were detected within 0 seconds on Dot11Radio0 interface. The interface will be put on MIC failure hold state for next 60 seconds.

Warning Msg - Received TKIP Michael MIC failure report from the station 0019.d2be.fd3d on the packet (TSC=0x0) encrypted and protected by group key.

Warning Msg - Received TKIP Michael MIC failure report from the station 001b.7706.c63f on the packet (TSC=0x0) encrypted and protected by group key.

your reply will be higly appreciated.

thanks.

Regards,

Jack

4 REPLIES
Hall of Fame Super Silver

Re: Two TKIP Michael MIC failures were detected within 0 seconds

You can find an explanation here:

http://cisco.com/en/US/docs/ios/12_4t/wlan/configuration/guide/wlcgerr.html

Error Message

DOT11-TKIP_MIC_FAILURE_REPEATED: Two TKIP Michael MIC failures were detected

within [number] seconds on [interface] interface. The interface will be put on MIC

failure hold state for next [number] seconds

Explanation Because MIC failures usually indicate an active attack on your network, the interface will be put on hold for the configured time. During this hold time, stations using TKIP ciphers are disassociated and cannot reassociate until the hold time ends. At the end of the hold time, the interface operates normally.

Recommended Action Michael MIC failures usually indicate an active attack on your network. Search for and remove potential rogue devices from your wireless LAN. If this is a false alarm and the interface should not be on hold this long, use the countermeasure tkip hold-time command to adjust the hold time.

-Scott
*** Please rate helpful posts ***
New Member

Re: Two TKIP Michael MIC failures were detected within 0 seconds

Hi Fella,

thanks for your information, but would you mind to show / guide me how to do ?

your reply will be higly appreciated.

thanks.

regards,

Jack

Hall of Fame Super Silver

Re: Two TKIP Michael MIC failures were detected within 0 seconds

Have you tried to use this command: countermeasure tkip hold-time????

countermeasure tkip hold-time

Use the countermeasure tkip hold-time configuration interface command to configure a TKIP MIC failure holdtime. If the access point detects two MIC failures within 60 seconds, it blocks all the TKIP clients on that interface for the holdtime period.

countermeasure tkip hold-time seconds

Syntax Description

seconds

Specifies the length of the TKIP holdtime in seconds (if the holdtime is 0, TKIP MIC failure hold is disabled)

Defaults

TKIP holdtime is enabled by default, and the default holdtime is 60 seconds.

Command Modes

Configuration interface

-Scott
*** Please rate helpful posts ***
New Member

Re: Two TKIP Michael MIC failures were detected within 0 seconds

Fella5,

Specifies the length of the TKIP holdtime in seconds (if the holdtime is 0, TKIP MIC failure hold is disabled)

is TKIP MIC hold is disabled or it does shutdown and come right back up....

I do see my user get disconnect and reconnect... and error message is MIC failure (WPA2/AES) user

9297
Views
7
Helpful
4
Replies