Cisco Bug: CSCuw91763 - Feature "AES Key Wrap" does not work
Jan 24, 2019
- Cisco 5500 Series Wireless Controllers
Known Affected Releases
Symptom: When using 802.1x one can select "Use AES Key Wrap" under the Radius Authentication settings, however WLC rejects the authentications with "Rejecting Cisco MAC Attribute due to MAC mismatch" as soon it receives a Radius Access-Challenge from the Radius Server. In MessageLogs we see: [...] #DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:449 Authentication Aborted for client xx:xx:xx:xx:xx:xx #DOT1X-3-INVALID_KEYWRAP_PKT: 1x_auth_pae.c:3163 Received invalid keywrap packet - invalid interim response [...] Conditions: WLAN with WPA2-Enterprise and AES. Enable "Use AES Key Wrap".
Related Community Discussions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases