Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Instant IAP MIC error integrity check

This thread has been viewed 2 times

  • 1.  Instant IAP MIC error integrity check

    Posted Feb 22, 2016 12:23 PM

    Good day all

    I have three IAP units - 103, 104, 105.  All run v. 6.4.2.6-4.1.1.6_50009.  I manage them as a group.

     

    Recently some clients that used to connect without error now fail to connect because "...the integrity check of the recieved message (MIC) has failed.".  I see where reasons for this error are given as a) system congestion, b) hacking, or c) incorrect or outdated client settings/drivers.

     

    I have two wifi SSIDs - Guest and Main. Guest runs through VLAN 4 and Main through VLAN 1.

     

    I waited for the weekend when there were just three or four devices connected to wifi. I then used a Win7 and a Win10 endpoint both of which had started failing to connect.  On the Win7 machine I manually created a new wifi connection and specified WPA2 with AES. That failed to connect.  On the Win10 machine I rechecked the settings and tried again. That also failed.  Interestingly the Win10 machine WILL connect to the Guest network.

     

    I used putty and CLI to check that no DHCP errors were in the mix.  I used debug pkt match mac, debug pkt mac XX:XX:XX:XX:XX, debug pkt type dhcp, and debug pkt dump.  No traffic during the failed connect attempts as was expected.

     

    I ran AP LOG ALL under support and see the MIC errors for the mac addresses, but not much else.

     

    I am stumped here - any help would be appreciated. I trust this is just a "Doh!" moment for me.

     

    Thanks for any thoughts or comments.

     

     

    2016-02-25 Update.  

    * I updated both Main and Guest networks change from strict WPA2 to WPA2 & WPA.  I rebooted all IAPs.

    ----- no changes observed. Certain machines still get integrity check errors. Failing machines are mostly fully patched Dell or Microsoft Win10 devices.

     

    * I used an iPhone6 that was attached to the Guest network and working correctly. I removed the connect on the phone using the Forget Network option.  I then tried to reconnect to the Guest network.

    -----  the Aruba devices now complain that this device has an encryption problem and I see an entry in the Client table with 0.0.0.0 and the phone's MAC address, but no connection is registered on the phone

     

     

     

     

     



  • 2.  RE: Instant IAP MIC error integrity check

    Posted Aug 23, 2018 07:52 AM

    Pl find below links which is very helpful to recity,

     

    https://www.arubanetworks.com/techdocs/Instant_40_Mobile/Advanced/Content/UG_files/Instant_user_interface/Alerts.htm