Wireless Access

last person joined: 13 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

This thread has been viewed 18 times

  • 1.  WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 10:30 PM

    Hi guys,this issue i check on error logs.

     

    What this problems issue and how to solve this problem ?

     

    May 30 18:52:30  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 2 from Station a0:88:b4:78:69:98 d8:c7:c8:0e:d4:b0 L15_AP02 did not match the replay counter 01 vs 02

    May 30 19:10:13  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 2 from Station 20:02:af:17:71:5a d8:c7:c8:0e:d4:b0 L15_AP02 did not match the replay counter 01 vs 02

    May 30 19:10:30  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 2 from Station 20:02:af:17:71:5a d8:c7:c8:0e:d3:f0 L15_AP03 did not match the replay counter 01 vs 02

    May 30 19:11:10  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 2 from Station 20:02:af:17:71:5a d8:c7:c8:0e:d4:b0 L15_AP02 did not match the replay counter 01 vs 02

    May 30 19:24:44  authmgr[1552]: <132076> <ERRS> |authmgr|  Station 48:02:2a:73:90:b7 d8:c7:c8:75:e5:80 L17_AP03 sent invalid number of unicast ciphers 2

    May 30 19:31:40  KERNEL(L16_AP01@10.133.255.166): ieee80211_set_sta_vlan: mac:20:54:76:64:41:83, vlan:12 failed

    May 30 19:40:56  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 2 from Station 20:02:af:17:71:5a d8:c7:c8:75:f4:b0 L15_AP01 did not match the replay counter 01 vs 02

    May 30 19:42:37  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 2 from Station 20:02:af:17:71:5a d8:c7:c8:0e:d4:b0 L15_AP02 did not match the replay counter 01 vs 02

    May 30 19:45:11  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 2 from Station 20:02:af:17:71:5a d8:c7:c8:0e:d3:21 L16_AP01 did not match the replay counter 01 vs 02

    May 30 19:46:48  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 4 from Station 24:ec:99:e3:38:4c d8:c7:c8:0e:d3:b0 L16_AP02 did not match the replay counter 01 vs 02

    May 30 19:50:31  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 4 from Station 1c:69:a5:e4:53:14 d8:c7:c8:75:e5:81 L17_AP03 did not match the replay counter 011 vs 012

    May 30 19:50:31  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 4 from Station 1c:69:a5:e4:53:14 d8:c7:c8:75:e5:81 L17_AP03 did not match the replay counter 011 vs 013

    May 30 19:50:31  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 4 from Station 1c:69:a5:e4:53:14 d8:c7:c8:75:e5:81 L17_AP03 did not match the replay counter 011 vs 014

    May 30 19:50:31  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 4 from Station 1c:69:a5:e4:53:14 d8:c7:c8:75:e5:81 L17_AP03 did not match the replay counter 011 vs 015

    May 30 19:50:31  authmgr[1552]: <132093> <ERRS> |authmgr|  WPA2 Key message 4 from Station 1c:69:a5:e4:53:14 d8:c7:c8:75:e5:81 L17_AP03 did not match the replay counter 011 vs 016

     

    thanks ...

     



  • 2.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 10:33 PM

     

     

    Please read this article :

     

    https://arubanetworkskb.secure.force.com/pkb/articles/Troubleshooting/R-450



  • 3.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 10:43 PM

    thank Victor Fabian,

     

    so i need to change "Interval between WPA/WPA2 key messages from default is 1000 msec ?

    what timer wpa-key-period your suggest ?



  • 4.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 10:49 PM

     

     

    The article suggest 5000 ms but if you want to be a little conservative you should try 3000 ms and see if it helps but 

     

    What type wireless devices are those ? Are you experiencing issues authenticating ?

     

    If you have access to those devices you should consider updating the drivers.

     

     



  • 5.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 11:04 PM

    I used IAP-93 and connected with controller 650..

    This first time I see this issues..

     

    And firmware I upgrade from 6.1.1 to 6.3.1 on controller...

     



  • 6.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 11:12 PM

     

     

     

    Do you mean 6.1.3.1 ?

     

    Did you started having issues after you upgraded ?

     

    Have you opened a TAC case ?



  • 7.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 11:20 PM

    Sorry....

    Yes I mean 6.1.3.1

     

    I have this issue before upgrade firmware and try solve this issue with upgrade firmware



  • 8.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 11:15 PM

    And I check from user log, I see this :

     

    Mar  7 12:28:05  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b4:4e role=PnG-employee/(null)

    Mar  7 12:33:32  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar  7 18:22:44  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar  7 19:04:04  stm[23428]: <501074> <WARN> |stm|  wifi_deauth_sta: bad data, dropping. mac: 20:64:32:4f:94:22 bssid: d8:c7:c8:75:f0:e0

    Mar  7 23:45:45  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=b4:82:fe:d6:68:91 IP=10.133.10.50 IP Spoof from MAC=44:6d:57:4f:76:11 role=PnG-employee/(null)

    Mar  8 11:28:47  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b1:1c role=PnG-employee/(null)

    Mar  8 12:24:16  KERNEL(L17_AP02@10.133.255.177): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar  8 12:33:05  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b4:4e role=PnG-employee/(null)

    Mar  8 12:47:36  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar  8 19:03:01  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar 11 04:10:35  KERNEL(L15_AP01@10.133.255.156): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 11 11:47:51  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b1:1c role=PnG-employee/(null)

    Mar 11 12:44:03  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar 11 18:24:34  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar 11 21:29:04  KERNEL(L15_AP01@10.133.255.156): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 12 11:48:54  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b1:1c role=PnG-employee/(null)

    Mar 12 12:30:28  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b4:4e role=PnG-employee/(null)

    Mar 12 12:40:20  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar 12 15:47:41  stm[23428]: <501074> <WARN> |stm|  wifi_deauth_sta: bad data, dropping. mac: 30:69:4b:5a:5e:09 bssid: d8:c7:c8:75:f0:e1

    Mar 12 17:22:17  KERNEL(L15_AP01@10.133.255.156): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 13 11:31:51  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b1:1c role=PnG-employee/(null)

    Mar 13 12:33:15  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b4:4e role=PnG-employee/(null)

    Mar 13 12:54:38  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar 13 14:20:28  KERNEL(L15_AP01@10.133.255.156): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 13 15:27:26  KERNEL(L16_AP03@10.133.255.168): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 13 15:46:04  KERNEL(L15_AP03@10.133.255.158): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 13 18:23:44  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:a2:62 IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar 13 18:35:55  KERNEL(L15_AP01@10.133.255.156): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 13 18:40:19  KERNEL(L15_AP03@10.133.255.158): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 13 19:39:01  KERNEL(L15_AP01@10.133.255.156): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 13 22:14:14  KERNEL(L15_AP01@10.133.255.156): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

    Mar 14 12:32:07  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:b1:1c IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:b4:4e role=PnG-employee/(null)

    Mar 14 12:40:38  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:b1:1c IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar 14 12:52:09  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:b1:1c IP=10.133.11.255 IP Spoof from MAC=74:e5:0b:55:a2:62 role=PnG-employee/(null)

    Mar 14 13:04:35  authmgr[1552]: <522027> <WARN> |authmgr|  MAC=74:e5:0b:55:b1:1c IP=10.133.11.255 IP Spoof from MAC=cc:af:78:a3:8e:fd role=PnG-employee/(null)

    Mar 14 17:28:45  KERNEL(L15_AP01@10.133.255.156): ath_bstuck_tasklet: Radio 0 stuck beacon; resetting (bmiss count 16)

     

     

    How to solve this problem issue....



  • 9.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 11:21 PM

     

    Can you confirm what AOS version you have installed ?

     

    There's a known bug in certain AOS related to ARP spoofing and IP Spoofing and the work around is to turn it off on the controller



  • 10.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 11:29 PM

     

     

    You should try the following :

     

    - Open an Aruba TAC case

    - Possibly consider upgrading to new AOS 6.1.3.x version  since the one that you have installed came out more than a year ago , newer versions will have more fixes. Make sure you read the release notes before installing the new version

     



  • 11.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 13, 2013 11:37 PM

    F.Y.I this version OS I install on controller this month ArubaOS_6xx_6.1.3.4_34587



  • 12.  RE: WPA2 Key message 2 from Station L15_AP02 did not match the replay counter

    Posted Jun 14, 2013 08:13 AM

     

    Sorry but I don't quite follow your last post .

     

    Do you mean that you guys initially had 6.1.3.4 installed ?