Wireless Access

last person joined: 5 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

\|dot1x-proc:2\| MIC failed in WPA2 Key Message 2

  • 1.  \|dot1x-proc:2\| MIC failed in WPA2 Key Message 2

    Posted Jul 30, 2020 04:49 AM

    Hi,

     

    I have recently setup syslog server for our WLAN controllers.  There are two devices that are continually generating the message:

     

    \|dot1x-proc:2\| MIC failed in WPA2 Key Message 2

     

    I can't track the mac addresses but they are generating hundreds of alerts over and over.  Is there a way to stop this message or work out what is causing it?  If I blacklisted the mac address would it disappear?  I have the alerting level set to warning.

     

    Thanks



  • 2.  RE: \|dot1x-proc:2\| MIC failed in WPA2 Key Message 2

    Posted Jul 30, 2020 07:39 AM

    You should blacklist the mac addresses, but they would appear in different logs.



  • 3.  RE: \|dot1x-proc:2\| MIC failed in WPA2 Key Message 2

    Posted Jul 30, 2020 07:59 AM

    Thanks.

    I have blacklisted the addresses and they do appear in a different log although a lot less frequent which is better thanks for your help.

     

    Would you say that this means someone has been continually trying to connect to the wireless network and failing?



  • 4.  RE: \|dot1x-proc:2\| MIC failed in WPA2 Key Message 2

    Posted Jul 30, 2020 08:01 AM

    The device seems to be using the wrong preshared key.  It might be a device that was provisioned with that SSID in the past with an old preshared key.



  • 5.  RE: \|dot1x-proc:2\| MIC failed in WPA2 Key Message 2

    Posted Jul 30, 2020 08:11 AM

    Is there any way to tell what SSID it is using ? We have two one guest using WPA2-PSK and one using WPA2-AES 


    As it said key message i believed it would be the WPA2-PSK SSID but wasn't sure 100%