Wireless Access

Reply
New Contributor
Posts: 1
Registered: ‎06-20-2012

MIC failed in WPA2 Key Message 2

Hi everyone,

 

I was analyzing  the securtiy logs of Aruba controller. 

The controller's model is 650. And its version  6.1.3.5

 I have recognized that some of the devices get   Mic failed. 

I try  to understand why it happens. 

Can it be a driver problem? Have you ever experienced these kind of problems?

 

Here is the some logs.

 

Dec 24 11:00:00 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:01:14 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:02:22 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:03:30 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:04:38 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:05:05 :126087: <WARN> |wms| |ids| AP(6c:f3:7f:17:90:40@PRO-K6-AP2-6c:f3:7f:c9:79:04): Block ACK DoS Attack: An AP detected a data frame which indicates a possible Block ACK DoS Attack. The frame from 50:63:13:c3:02:bf to ff:ff:ff:ff:ff:ff (BSSID 6c:f3:7f:17:90:40 on CHANNEL 11 with SNR 50) is outside the current sequence number window, and thus may be dropped. Associated WVE ID(s): WVE-2008-0006.
Dec 24 11:05:15 :126087: <WARN> |wms| |ids| AP(6c:f3:7f:17:8f:e0@PRO-K5-AP2-6c:f3:7f:c9:78:fe): Block ACK DoS Attack: An AP detected a data frame which indicates a possible Block ACK DoS Attack. The frame from 00:50:56:aa:0d:e0 to 68:5d:43:fb:1e:4a (BSSID 6c:f3:7f:17:91:60 on CHANNEL 11 with SNR 19) is outside the current sequence number window, and thus may be dropped. Associated WVE ID(s): WVE-2008-0006.
Dec 24 11:05:46 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:05:52 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station ec:85:2f:84:eb:ee 6c:f3:7f:17:91:60 PRO-K5-AP1-6c:f3:7f:c9:79:16
Dec 24 11:06:54 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:08:02 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:09:10 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:09:14 :126005: <WARN> |wms| |ids| Interfering AP: The system classified an access point (BSSID 00:1c:c5:09:d0:79 and SSID iskender on CHANNEL 11) as interfering. Additional Info: Detector-AP-Name:PRO-K5-AP1-6c:f3:7f:c9:79:16; Detector-AP-MAC:6c:f3:7f:17:91:60; Detector-AP-Radio:2.
Dec 24 11:09:15 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
Dec 24 11:09:49 :126005: <WARN> |wms| |ids| Interfering AP: The system classified an access point (BSSID 00:04:ed:49:aa:41 and SSID wlan-ap on CHANNEL 1) as interfering. Additional Info: Detector-AP-Name:PRO-K6-AP1-6c:f3:7f:c9:79:14; Detector-AP-MAC:6c:f3:7f:17:91:40; Detector-AP-Radio:2.

Guru Elite
Posts: 21,286
Registered: ‎03-29-2007

Re: MIC failed in WPA2 Key Message 2

Yes.  Please update the client driver, if possible.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 3,009
Registered: ‎10-25-2011

Re: MIC failed in WPA2 Key Message 2

If the lastest driver does not solve it because the card is too old or you cannot find new good drivers  that support the WPA/WPA2 Key Messages  interval... you can try changing that setting

 

Thats on security authentication  in  aaa profile  in the  profile  you search and inside the 802.1x profile authentication  profile in advance you should find it.   the default value is 1000 change it to 3000  i jmean the Interval between WPA/WPA2 Key Messages value

 

That if you cannot find a good driver that solve the issue.... try first what Collin said, if that does not work then try this.

 

Cheers

Carlos

 

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Contributor II
Posts: 42
Registered: ‎08-22-2011

Re: MIC failed in WPA2 Key Message 2

When i get this error the device i am working with will not connect or it connects and drops after a short period of time. 

Are you experiencing connection issues with these devices? what is the opmode of the wlan ssid-profile?

Search Airheads
Showing results for 
Search instead for 
Did you mean: