DOT11-TKIP_MIC_FAILURE_REPEATED: Two TKIP Michael MIC failures were detected
within [number] seconds on [interface] interface. The interface will be put on MIC
failure hold state for next [number] seconds
Explanation Because MIC failures usually indicate an active attack on your network, the interface will be put on hold for the configured time. During this hold time, stations using TKIP ciphers are disassociated and cannot reassociate until the hold time ends. At the end of the hold time, the interface operates normally.
Recommended Action Michael MIC failures usually indicate an active attack on your network. Search for and remove potential rogue devices from your wireless LAN. If this is a false alarm and the interface should not be on hold this long, use the countermeasure tkip hold-time command to adjust the hold time.
Re: Two TKIP Michael MIC failures were detected within 0 seconds
Have you tried to use this command: countermeasure tkip hold-time????
countermeasure tkip hold-time
Use the countermeasure tkip hold-time configuration interface command to configure a TKIP MIC failure holdtime. If the access point detects two MIC failures within 60 seconds, it blocks all the TKIP clients on that interface for the holdtime period.
countermeasure tkip hold-time seconds
Specifies the length of the TKIP holdtime in seconds (if the holdtime is 0, TKIP MIC failure hold is disabled)
TKIP holdtime is enabled by default, and the default holdtime is 60 seconds.