Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

MIC failed in WPA Key Message 2 from Station

  • 1.  MIC failed in WPA Key Message 2 from Station

    Posted Apr 07, 2014 01:25 AM

    Hi Guys,

     

    I am receiving this authmgr error logs.

     

    Apr 4 18:03:21 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 00:21:6a:55:d1:12 00:1a:1e:69:d8:70 L7_AP9
    Apr 4 18:03:21 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 6c:88:14:92:70:50 00:1a:1e:69:d8:70 L7_AP9
    Apr 4 18:03:21 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 00:21:6a:55:d1:12 00:1a:1e:69:d8:70 L7_AP9
    Apr 4 18:03:21 <authmgr 132093> <ERRS> |authmgr| WPA Key message 2 from Station 00:21:6a:55:d1:12 00:1a:1e:69:d8:70 L7_AP9 did not match the replay counter
    01 vs 02
    Apr 4 18:03:21 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 00:21:6a:55:d1:12 00:1a:1e:69:d8:70 L7_AP9
    Apr 4 18:03:21 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 6c:88:14:92:70:50 00:1a:1e:69:e4:50 L6_AP20
    Apr 4 18:03:22 <authmgr 132093> <ERRS> |authmgr| WPA Key message 2 from Station 00:21:6a:55:d1:12 00:1a:1e:69:e3:70 L6_AP18 did not match the replay counter
    01 vs 02
    Apr 4 18:03:22 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 00:21:6a:55:d1:12 00:1a:1e:69:e3:70 L6_AP18
    Apr 4 18:03:22 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 6c:88:14:92:70:50 00:1a:1e:69:e4:50 L6_AP20
    Apr 4 18:03:22 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 00:21:6a:55:d1:12 00:1a:1e:69:e3:70 L6_AP18
    Apr 4 18:03:22 <authmgr 132094> <CRIT> |authmgr| MIC failed in WPA Key Message 2 from Station 6c:88:14:92:70:50 00:1a:1e:69:d8:70 L7_AP9
    Apr 4 18:03:22 <authmgr 132093> <ERRS> |authmgr| WPA Key message 2 from Station 00:21:6a:55:d1:12 00:1a:1e:69:d8:70 L7_AP9 did not match the replay counter
    01 vs 02

     

    Is this related to password change?

    I restarted WLC and AP's and error logs still occur.

     



  • 2.  RE: MIC failed in WPA Key Message 2 from Station

    Posted Apr 07, 2014 03:12 AM
    Read this :

    https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-1218

    Try updating the drivers on that device


  • 3.  RE: MIC failed in WPA Key Message 2 from Station

    Posted Apr 07, 2014 03:42 AM

     

    Thank you for your reply victorfabian, are you refering on all wireless machine host devices all their drivers needs to be updated?

     



  • 4.  RE: MIC failed in WPA Key Message 2 from Station

    Posted Apr 07, 2014 04:01 AM

    I am receiving this error after I change the password.

     

    show log system all

    325017:  <CRIT> |authmgr|  Max user capacity of 768 reached

    325017:  <CRIT> |authmgr|  Max user capacity of 768 reached
    325017:  <CRIT> |authmgr|  Max user capacity of 768 reached
    325017:  <CRIT> |authmgr|  Max user capacity of 768 reached

     

    show log user all

    522027:  <WARN> |authmgr|  MAC=00:e0:81:4f:90:d4 IP=74.125.200.113 IP Spoof from MAC=f8:66:f2:2d:16:54 role=logon/(null)
    522027:  <WARN> |authmgr|  MAC=00:e0:81:4f:90:d4 IP=203.211.153.9 IP Spoof from MAC=f8:66:f2:2d:16:54 role=logon/(null)
    522027:  <WARN> |authmgr|  MAC=00:e0:81:4f:90:d4 IP=74.125.200.113 IP Spoof from MAC=f8:66:f2:2d:16:54 role=logon/(null)
    501074:  <WARN> |stm|  wifi_deauth_sta: bad data, dropping. mac: 60:67:20:e2:3b:00 bssid: 00:1a:1e:69:e3:70
    522027:  <WARN> |authmgr|  MAC=00:e0:81:4f:90:d4 IP=74.125.200.113 IP Spoof from MAC=f8:66:f2:2d:16:54 role=logon/(null)

     

    show log security all

    132094:  <CRIT> |authmgr|  MIC failed in WPA Key Message 2 from Station 18:3d:a2:8f:da:5c 00:1a:1e:69:e6:10 L5_AP48
    132094:  <CRIT> |authmgr|  MIC failed in WPA Key Message 2 from Station 60:67:20:d1:24:b0 00:1a:1e:69:e6:10 L5_AP48
    132093:  <ERRS> |authmgr|  WPA Key message 2 from Station 60:67:20:d1:24:b0 00:1a:1e:69:e3:70 L6_AP18 did not match the replay counter 02 vs 03
    132094:  <CRIT> |authmgr|  MIC failed in WPA Key Message 2 from Station 18:3d:a2:8f:da:5c 00:1a:1e:69:e4:50 L6_AP20

     

    I increase the wpa-key-time to 5000 but the log still shows



  • 5.  RE: MIC failed in WPA Key Message 2 from Station

    Posted Apr 07, 2014 06:46 AM

    Waveseeker,

     

    What is the output of "show aaa timer"?  What is the output of "show ap essid"?

     

    It looks like your controller is unable to accept any more new clients due to an issue.

     



  • 6.  RE: MIC failed in WPA Key Message 2 from Station

    Posted Apr 07, 2014 10:30 AM

    After updating the driver if you still get that message try this:

    On security authentication  in  aaa profile  in the  profile  you search and inside the 802.1x profile authentication  profile in advance you should find it.   the default value is 1000 change it to 3000  i jmean the Interval between WPA/WPA2 Key Messages value

     

    Cheers

    Carlos



  • 7.  RE: MIC failed in WPA Key Message 2 from Station

    Posted Jul 28, 2015 11:11 PM

    Hi,

     

    How does the change of "WPA/WPA2 Key Messages value" from 1000 to 3000 help in this situation? 

    Does 3000 reduce or eliminate the error of "MIC failed in WPA Key Message 2" in this case? 

     

    Just trying to understand better.



  • 8.  RE: MIC failed in WPA Key Message 2 from Station

    Posted Jul 28, 2015 11:34 PM

    It suppose that it helps to reduce it.

    I had once problems with that, and the TAC changed that value 1000 to 3000 to reduce the MIC failed.

     

    Cheers

    Carlos