Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

4.2 increased decyption errors?

I've got three APs of differing models running off a 2006 in my home. I've run these APs in autonmous mode and on various versions of LWAPP code.

I have multiple client devices that the 2006 WLC is now saying are exhibiting high rates of decrypt errors where none (or practically none) were ever seen before. This is right after an upgrade to 4.2.61. Anyone else seeing similar behavior on 4.2? I'm wondering if it's an issue with AP firmware in 4.2.

Devices are variably using either WPA-PSK or WPA2-PSK. I have a spectrum analyzer, there's no interference, the devices all have excellent SNR, latest drivers, etc...only variable I see is WLC code.

2 REPLIES

Re: 4.2 increased decyption errors?

Ed my man, you live!!!! Hope life is good in NY. I have had the same issue. Funny, we both have this in our homes. I also noticed it really is worse on my Vista mmachines. XP seems to mitigate the problem some. Broadcom cards also have more problems than intel. You coming to the VT is January? If you're not aware I left Outsource after 10 years and am now the Practice Manager at Internetwork Engineering.

dholmes@ineteng.com

Silver

Re: 4.2 increased decyption errors?

No, you're not going crazy.

We observed the same problem after the upgrade. Significantly, this was on a wireless network that uses NO layer2 encryption (authentication is performed further into the network - customer's decision). This is yet another example indicating that the Wireless IDS needs some serious review - a statement not uncommon to hear from me on the forum for the past year and a half.

With Cisco's current implementation of wireless IDS, there is an unusually high number of false-positives and a very limited mechnisms for adjusting the parameters of the WIDS system. Not to mention an overall black-hole when it comes to documentation.

When you speak with Cisco about this, their response is, "we can only test so much". My response to them is, why not periodically upload anonymous WIDS statistics from field-installed controllers? That way, when the number of certain types of Wireless IDS alarms skyrocket after a code upgrade, further review could be performed.

For example, is this problem specific to a particular manufacturer? (using the first three digits (OUI) of the client MAC address). That may point to a specific issue with a driver or brand of NIC. This information would help the Cisco developers know what types of additional clients they may need to perform further testing with.

- John

117
Views
5
Helpful
2
Replies
CreatePlease to create content