I'm testing a STA device (under development) with the aironet 1200 12.3(8)ja2.
The session security is WPA, TKIP encryption (using TLS authentication).
The AP is configured for periodic re-authentication.
In addition, I also have unicast downlink traffic transmitted (from the AP's LAN side to my STA) by a PC.
Oh, and I'm also working in power-save :)
(I'd be happy to supply AP config.txt).
Anyway...to the issue:
After the TLS reauthentication and the key handshake, my STA reports MIC failures on several frames.
The whole session is encrypted so I can't actually see which frames got the bad MIC.
I've used debug prints (on my STA) to trace the problem, and I can see the bad MIC frames are detected right after the unicast key is actually installed. (any new frames received later on will be decrypted and MIC-checked using the new key).
I would assume that if this is a key-installation-timing issue, then the frames should be dropped due to "decryption failure" (bad ICV).
Is my assumption correct?
for now, I assume this is my own STA's bug (since I tried testing same scenario with Cisco STA and no MICs occured).
I'd be happy if anyone could give some general information as to how exactly the reauthentication process occurs from the AP's point of view (when exactly is the key changed to the new key and new MIC? after the GTK is installed on all clients?)
After successful authentication of the client to Radius server a dynamic key is handled to access point from Radius server . This key is called Pairwise Master key (PMK)which I assume is already generated by the client . So PMK is never transmitted over air to client . After this a key called Pairwise Transient key (PTK)which is derived from PMK . PTK is negotiated between access point and the client from which the actual key for encryption is derived. GTK is encrypted with this final key and sent to the client.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...