Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cisco WLC (WPA-TKIP) & iPad's - WPA MIC Error

Reply
Thread Tools

Cisco WLC (WPA-TKIP) & iPad's - WPA MIC Error

 
 
b_rizza b_rizza is offline
Junior Member
Join Date: May 2010
Posts: 1
 
      05-21-2010
Just throwing this out there to see if anyone else has experienced the same issue. I’m running a Cisco WLC 4402/ACS/ (WPA-TKIP)+PEAP, etc… Over the last few days, clients have been complaining about connectivity issues to the WLAN’s. We have centralized WLC’s @ our HQ location w/ all LAP’s terminating back to the POP. Users began complaining about sporadic Wireless connectivity, primarily @ HQ. Wireless users would have adequate signal, then drop & lose connectivity altogether. Occasionally they would roam to another LAP & connectivity would reestablish though in most cases, they were dead in the water until they bounced their interface or the LAP itself was rebooted.

Looking at the logs I started seeing numerous errors similar to the following:

29 Thu May 20 11:03:29 2010 WPA MIC Error counter measure activated on Radio with MAC 00:19:07:XX:XX:XX and Slot ID 1. Station MAC Address is d8:30:62:XX:XX:XX and WLAN ID is 3.

I sifted through the logs for this error which was primarily associated w/ hardware address: d8:30:62:XX:XX:XX which the coffer mac-address lookup recognized as Apple, Inc. I collected a list of Mac users from IT Support & spammed the site attempting to track the source user. (Mac-Address was not listed as a connected client via the WLC client log) Soon enough, there was a match & the match happened to be a recently acquired iPad. We started seeing other AP’s drop with matches once again to Apple Inc. traced again to... You Guessed it, other iPad’s.

To temporarily remedy the situation, I disabled Message Integrity Check’s on each of the WLAN’s which has stabilized our Wireless Environment, less (MIC) which would be one less check for legitimate MITM attacks.

Command used via CLI to the WLC:

config wlan security tkip hold-down <0-60 seconds> <wlan id>

I set for 0 seconds on each WLAN (requires disabling each WLAN individually via the WebUI or else the command execution will fail), followed by a “save config”. Don’t ask me if it actually writes this setting to the config since It’s nowhere to be found in the WebUI. I guess I’ll find out should we bounce this thing in the future. One thing to keep in mind, You CANNOT turn the MIC Check’s off in WLC’s versions older than version 4.1. We haven’t updated ours in quite awhile though we’re currently running 5.2.157.0 which worked out perfectly.

Could it be a faulty wireless card on the iPad? Maybe… The fact that it affected multiple iPad’s causing failures on every AP on every floor would either point to a bad batch OR, more than likely a behavior/driver issue of the iPad itself. Great product in general though also doubles up as a sneaker-net DDoS for Cisco WLANs. Hopefully a fix will be found soon…

Seacrest Out…
 

Last edited by b_rizza; 05-21-2010 at 09:11 PM.. Reason: Title Change
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Cisco WLC (AIR-WLC2006-K9) Serial Cable scott owens Cisco 1 02-10-2010 06:26 PM
Re: Cisco WLC (AIR-WLC2006-K9) Serial Cable bod43 Cisco 1 02-10-2010 03:33 PM
Web Cam with Mic, Computer with Mic-- Why won't they stop fighting? torey99 Computer Information 1 03-06-2009 10:06 PM
Cisco WLC - WPA MIC Errors.....all AP's same syptoms d.azzopardi@caeuk.com Cisco 2 06-27-2007 11:14 PM
4112 WLC / Cisco 1000 Series - IP Conflict Comwood Cisco 8 06-15-2006 01:03 AM



Advertisments