Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
738
Views
0
Helpful
4
Replies

TKIP_MIC_FAILURE_REPEATED

halsaudi
Cisco Employee
Cisco Employee

‎06-29-2016 03:19 PM - edited ‎07-05-2021 05:20 AM

Hello everyone,

Recently there was such error message appeared in AP log as shown bellow:

Error Message    DOT11-3-TKIP_MIC_FAILURE_REPEATED: Two TKIP Michael MIC failures were 
detected within [number] seconds on [interface] interface. The interface will be 
put on MIC failure hold state for next [number] seconds

Such error have been solved by the following configuration:

config wlan disable <WLAN ID>    

config wlan security tkip hold-down 0 <WLAN ID>

config wlan enable <WLAN ID>

 In case we have several SSIDs configured in our WLC.

Do we have to implement the command that i mentioned in all SSIDs? Or there is a way to determine from which SSID it is being attack?

Labels:
0 Helpful
4 Replies 4

Rasika Nayanajith
VIP Alumni
VIP Alumni

‎06-29-2016 07:34 PM

Completely move away from WPA/TKIP, use WPA2/AES instead.

HTH

Rasika

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to Rasika Nayanajith

‎06-29-2016 07:34 PM

Agreed move away if you can. If you can not then apply to each WLAN that has tkip enabled. 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

halsaudi
Cisco Employee
Cisco Employee
In response to George Stefanick

‎07-04-2016 05:05 AM

Thank you for your confirmation.

0 Helpful

halsaudi
Cisco Employee
Cisco Employee
In response to Rasika Nayanajith

‎07-04-2016 05:04 AM

Thank you for your useful comment :)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card