Wireless Access

last person joined: 35 minutes ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

MIC failed in WPA2 Key Message 2

  • 1.  MIC failed in WPA2 Key Message 2

    Posted Dec 24, 2012 04:10 AM

    Hi everyone,

     

    I was analyzing  the securtiy logs of Aruba controller. 

    The controller's model is 650. And its version  6.1.3.5

     I have recognized that some of the devices get   Mic failed. 

    I try  to understand why it happens. 

    Can it be a driver problem? Have you ever experienced these kind of problems?

     

    Here is the some logs.

     

    Dec 24 11:00:00 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:01:14 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:02:22 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:03:30 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:04:38 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:05:05 :126087: <WARN> |wms| |ids| AP(6c:f3:7f:17:90:40@PRO-K6-AP2-6c:f3:7f:c9:79:04): Block ACK DoS Attack: An AP detected a data frame which indicates a possible Block ACK DoS Attack. The frame from 50:63:13:c3:02:bf to ff:ff:ff:ff:ff:ff (BSSID 6c:f3:7f:17:90:40 on CHANNEL 11 with SNR 50) is outside the current sequence number window, and thus may be dropped. Associated WVE ID(s): WVE-2008-0006.
    Dec 24 11:05:15 :126087: <WARN> |wms| |ids| AP(6c:f3:7f:17:8f:e0@PRO-K5-AP2-6c:f3:7f:c9:78:fe): Block ACK DoS Attack: An AP detected a data frame which indicates a possible Block ACK DoS Attack. The frame from 00:50:56:aa:0d:e0 to 68:5d:43:fb:1e:4a (BSSID 6c:f3:7f:17:91:60 on CHANNEL 11 with SNR 19) is outside the current sequence number window, and thus may be dropped. Associated WVE ID(s): WVE-2008-0006.
    Dec 24 11:05:46 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:05:52 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station ec:85:2f:84:eb:ee 6c:f3:7f:17:91:60 PRO-K5-AP1-6c:f3:7f:c9:79:16
    Dec 24 11:06:54 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:08:02 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:09:10 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:09:14 :126005: <WARN> |wms| |ids| Interfering AP: The system classified an access point (BSSID 00:1c:c5:09:d0:79 and SSID iskender on CHANNEL 11) as interfering. Additional Info: Detector-AP-Name:PRO-K5-AP1-6c:f3:7f:c9:79:16; Detector-AP-MAC:6c:f3:7f:17:91:60; Detector-AP-Radio:2.
    Dec 24 11:09:15 :132094: <WARN> |authmgr| MIC failed in WPA2 Key Message 2 from Station 00:1c:bf:57:a5:5d 6c:f3:7f:17:90:e8 PRO-K3-AP1-6c:f3:7f:c9:79:0e
    Dec 24 11:09:49 :126005: <WARN> |wms| |ids| Interfering AP: The system classified an access point (BSSID 00:04:ed:49:aa:41 and SSID wlan-ap on CHANNEL 1) as interfering. Additional Info: Detector-AP-Name:PRO-K6-AP1-6c:f3:7f:c9:79:14; Detector-AP-MAC:6c:f3:7f:17:91:40; Detector-AP-Radio:2.



  • 2.  RE: MIC failed in WPA2 Key Message 2

    Posted Dec 24, 2012 04:11 AM

    Yes.  Please update the client driver, if possible.

     



  • 3.  RE: MIC failed in WPA2 Key Message 2

    Posted Dec 26, 2012 09:04 PM

    If the lastest driver does not solve it because the card is too old or you cannot find new good drivers  that support the WPA/WPA2 Key Messages  interval... you can try changing that setting

     

    Thats on security authentication  in  aaa profile  in the  profile  you search and inside the 802.1x profile authentication  profile in advance you should find it.   the default value is 1000 change it to 3000  i jmean the Interval between WPA/WPA2 Key Messages value

     

    That if you cannot find a good driver that solve the issue.... try first what Collin said, if that does not work then try this.

     

    Cheers

    Carlos

     



  • 4.  RE: MIC failed in WPA2 Key Message 2

    Posted Mar 15, 2013 01:59 PM

    When i get this error the device i am working with will not connect or it connects and drops after a short period of time. 

    Are you experiencing connection issues with these devices? what is the opmode of the wlan ssid-profile?