Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Invalid MIC in msg 2/4 of 4-way handshake

    Scheduled Pinned Locked Moved Wireless
    1 Posts 1 Posters 4.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      reinderien
      last edited by

      This is a cross-post of https://serverfault.com/questions/869591

      I'm using a modern pfSense:

      FreeBSD 10.3-RELEASE-p19 FreeBSD #1 76a12c4e6(RELENG_2_3_4): Fri Jul 14 15:02:35 CDT 2017

      with this wireless chip:

      ral0: <ralink technology="" rt3090=""> at device 0.0 on pci3
ral0: MAC/BBP RT3090 (rev 0x3213), RF RT3020 (MIMO 1T1R)</ralink>

      The wireless interface is configured to use:

      • 802.11g (b disabled) channel 10
      • WPA2 PSK
      • Pure AES
      • Group key rotation = 60
      • Group master key rotation = 3600

      Clients rarely associate successfully. Usually they fail at the auth stage, and the pfSense wireless log shows this repeated until the number of retries hits its limit:

      ral0_wlan0: STA [mac] WPA: sending 1/4 msg of 4-Way Handshake
ral0_wlan0: STA [mac] WPA: received EAPOL-Key frame (2/4 Pairwise)
ral0_wlan0: STA [mac] WPA: invalid MIC in msg 2/4 of 4-Way Handshake
ral0_wlan0: STA [mac] WPA: EAPOL-Key timeout

      This happens regardless of distance to the router. Signal strength is good. Wifi Analyser on my phone shows -52dBm and "green" strength, and the graph shows that the channel neighbourhood is relatively clear. There are no other APs on channel 10, and a couple of weak (-90) ones on channel 11.

      Could it be a bad chip? Or bad kernel module?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.