Welcome to Cisco Support Community. We would love to have your feedback.
For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.
After seeing some TKIP-MIC errors for a few wireless clients and reading the benefits of AES over TKIP I switched our encryption to WPA-AES.
The majority of our clients have migrated well, however I am seeing a lot of decrypt errors on the wireless controllers.
"Decrypt errors occurred for client 00:21:63:ba:af:9f using WPA key on 802.11b/g interface of AP 00:1f:ca:82:c9:70"
It's not a particular machine, but rather a large number of them. They appear to be associating and authenticating but the trap log is filling quickly with a large number of these errors.
I'd prefer to stay with AES, but TKIP gave me a lot less errors. :)
Cisco 4404 WLC's
Cisco 1131AG LWAPP's
RADIUS Authentication via Microsoft IAS
Wow, small world. I have the same behavior on my network.
I'm running the following...
-Cisco 1242's , LWAPP
-4402 WLC, 188.8.131.52
-MS IAS / RADIUS service
-Funk OAS RADIUS
I have seen this also, make sure your clients are running the latest version of the WLAN NIC drivers. We've found PEAP support to be improved with every new version of software.