1)Message Integrity Check (MIC) incorporated in Wi-Fi Protected Access (WPA) includes a frame counter which prevents a man-in-the-middle attack. This error means someone in the network is trying to replay the message that was sent by the original client, or it might mean that the client is faulty. If a client repeatedly fails the MIC check, the controller disables that WLAN for 60 seconds as per the WPA protocol requirements. This prevents a possible attack on the encryption scheme. These MIC errors cannot be turned off on the controllers.
2)Use the "countermeasure tkip hold-time" configuration interface command to configure a TKIP MIC failure holdtime. If the access point detects two MIC failures within 60 seconds, it blocks all the TKIP clients on that interface for the holdtime period.Default is 60 seconds which is a good value to be configured.If needed the time can be reduced.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...