%DOT11-6-ASSOC: Interface Dot11Radio0, Station XXXX.XXXX.XXXX Associated KEY_MGMT[WPA]
Oct 22 17:04:38.370: %DOT11-4-TKIP_MIC_FAILURE_REPORT:Received TKIP Michael MIC failure report from the station XXXX.XXXX.XXXX on the packet (TSC=0x0) encrypted and protected by group key.
Oct 22 17:04:39.978: %DOT11-4-TKIP_MIC_FAILURE_REPORT: Received TKIP Michael MIC failure report from the station XXXX.XXXX.XXXX on the packet (TSC=0x0) encrypted and protected by group key.
Oct 22 17:04:39.978: %DOT11-3-TKIP_MIC_FAILURE_REPEATED: Two TKIP Michael MIC failures were detected within 1 seconds on Dot11Radio0 interface. The interface will be put on MIC failure hold state for next 60 seconds.
Oct 22 17:04:39.978: %DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating Station XXXX.XXXX.XXXX Reason: Invalid MIC
Oct 22 17:04:39.978: %DOT11-4-MAXRETRIES: Packet to client XXXX.XXXX.XXXX reached max retries, removing the client
I made several test changing the configuration of the AP (I am not able to change de wlan profile of the machines), but none of them was successfull.
Then I made last two successful tests:
The firts thing I tried (as a suggestion by googling and TAC) was to use encryption AES (just AES, NOT AES+TKIP) and it worked good. I didnt get desconnected and anything, but the issue was that the AP is going to work with clients that have to use TKIP becuase the wlan profile on the machine cant be changed that easily for different reasons.
The last one was to go to another room where there is very few wlan signal noise around (where I was originaly testing the AP, there are a lot of SSIDs flying around).
And that was it, using TKIP on this new room work just perfect.
We are pleased to announce the immediate availability of the IOS-XE release 17.4.1 for the Catalyst Wireless Controllers. The new code is now posted on the CCO and can be found at this link:
Securing devices without 802.1X
PSK (Pre-Shared-Key) WLAN is widely used for consumer & enterprise IoT onboarding as most of IoT device doesn’t support 802.1X. While PSK WLAN provides an easy way to onboard IoT, it also introduces challenges as...
Due to the certificate expiration, any new Control and Provisioning of Wireless Access Points (CAPWAP) or Light Weight Access Point Protocol (LWAPP) connection will fail to establish. The main feature that is affected will be the Acce...