802.11 Association Status Codes
Code | 802.11 definition | Explanation |
0 | Successful | |
1 | Unspecified failure | For example : when there is no ssid specified in an association request |
10 | Cannot support all requested capabilities in the Capability Information field | Example Test: Reject when privacy bit is set for WLAN not requiring security |
11 | Reassociation denied due to inability to confirm that association exists | NOT SUPPORTED |
12 | Association denied due to reason outside the scope of this standard | Example : When controller receives assoc from an unknown or disabled SSID |
13 | Responding station does not support the specified authentication algorithm | For example, MFP is disabled but was requested by the client. |
14 | Received an Authentication frame with authentication transaction sequence number out of expected sequence |
If the authentication sequence number is not correct. |
15 |
Authentication rejected because of challenge failure | |
16 | Authentication rejected due to timeout waiting for next frame in sequence | |
17 | Association denied because AP is unable to handle additional associated stations | Will happen if you run out of AIDs on the AP; so try associating a large number of stations. |
18 | Association denied due to requesting station not supporting all of the data rates in the BSSBasicRateSet parameter |
Will happen if the rates in the assoc request are not in the BasicRateSet in the beacon. |
19 | Association denied due to requesting station not supporting the short preamble option |
NOT SUPPORTED |
20 | Association denied due to requesting station not supporting the PBCC modulation option |
NOT SUPPORTED |
21 | Association denied due to requesting station not supporting the Channel Agility option |
NOT SUPPORTED |
22 | Association request rejected because Spectrum Management capability is required | NOT SUPPORTED |
23 | Association request rejected because the information in the Power Capability element is unacceptable |
NOT SUPPORTED |
24 | Association request rejected because the information in the Supported Channels element is unacceptable |
NOT SUPPORTED |
25 | Association denied due to requesting station not supporting the Short Slot Time option |
NOT SUPPORTED |
26 | Association denied due to requesting station not supporting the DSSS-OFDM option | NOT SUPPORTED |
27-31 | Reserved | NOT SUPPORTED |
32 | Unspecified, QoS-related failure | NOT SUPPORTED |
33 | Association denied because QAP has insufficient bandwidth to handle another QSTA |
NOT SUPPORTED |
34 | Association denied due to excessive frame loss rates and/or poor conditions on current operating channel |
NOT SUPPORTED |
35 | Association (with QBSS) denied because the requesting STA does not support the QoS facility |
If the WMM is required by the WLAN and the client is not capable of it, the association will get rejected. |
36 | Reserved in 802.11 | This is used in our code ! There is no blackbox test for this status code. |
37 | The request has been declined | This is not used in assoc response; ignore |
38 | The request has not been successful as one or more parameters have invalid values | NOT SUPPORTED |
39 | The TS has not been created because the request cannot be honored; however, a suggested TSPEC is provided so that the initiating QSTA may attempt to set another TS with the suggested changes to the TSPEC |
NOT SUPPORTED |
40 | Invalid information element, i.e., an information element defined in this standard for which the content does not meet the specifications in Clause 7 |
Sent when Aironet IE is not present for a CKIP WLAN |
41 | Invalid group cipher | Used when received unsupported Multicast 802.11i OUI Code |
42 | Invalid pairwise cipher | |
43 | Invalid AKMP | |
44 | Unsupported RSN information element version | If you put anything but version value of 1, you will see this code. |
45 | Invalid RSN information element capabilities | If WPA/RSN IE is malformed, such as incorrect length etc, you will see this code. |
46 | Cipher suite rejected because of security policy | NOT SUPPORTED |
47 | The TS has not been created; however, the HC may be capable of creating a TS, in response to a request, after the time indicated in the TS Delay element |
NOT SUPPORTED |
48 | Direct link is not allowed in the BSS by policy | NOT SUPPORTED |
49 | Destination STA is not present within this QBSS | NOT SUPPORTED |
50 | The Destination STA is not a QSTA | NOT SUPPORTED |
51 | Association denied because the ListenInterval is too large | NOT SUPPORTED |
200 (0xC8) |
Unspecified, QoS-related failure. |
Unspecified QoS Failure. This will happen if the Assoc request contains more than one TSPEC for the same AC. |
201 (0xC9) |
TSPEC request refused due to AP’s policy configuration (e.g., AP is configured to deny all TSPEC requests on this SSID). A TSPEC will not be suggested by the AP for this reason code. Not defined in IEEE, defined in CCXv4 |
This will happen if a TSPEC comes to a WLAN which has lower priority than the WLAN priority settings. For example a Voice TSPEC coming to a Silver WLAN. Only applies to CCXv4 clients. |
202 (0xCA) |
Association Denied due to AP having insufficient bandwidth to handle a new TS. This cause code will be useful while roaming only. Not defined in IEEE, defined in CCXv4 |
|
203 (0xCB) |
Invalid Parameters. The request has not been successful as one or more TSPEC parameters in the request have invalid values. A TSPEC SHALL be present in the response as a suggestion.
Not defined in IEEE, defined in CCXv4 |
This happens in cases such as PHY rate mismatch. If the TSRS IE contains a phy rate not supported by the controller, for example. Other examples include sending a TSPEC with bad parameters, such as sending a date rate of 85K for a narrowband TSPEC. |
802.11 Deauth Reason Codes
When running a client debug, this code will match the ReasonCode from the output: “Scheduling mobile for deletion with delete Reason x, reasonCode y”
Code | 802.11 definition | Explanation |
0 | Reserved | NOT SUPPORTED |
1 | Unspecified reason | TBD |
2 | Previous authentication no longer valid | NOT SUPPORTED |
3 | station is leaving (or has left) IBSS or ESS | NOT SUPPORTED |
4 | Disassociated due to inactivity | Do not send any data after association; |
5 | Disassociated because AP is unable to handle all currently associated stations | TBD |
6 | Class 2 frame received from nonauthenticated station |
NOT SUPPORTED |
7 | Class 3 frame received from nonassociated station | NOT SUPPORTED |
8 | Disassociated because sending station is leaving (or has left) BSS | TBD |
9 | Station requesting (re)association is not authenticated with responding station | NOT SUPPORTED |
10 | Disassociated because the information in the Power Capability element is unacceptable | NOT SUPPORTED |
11 | Disassociated because the information in the Supported Channels element is unacceptable | NOT SUPPORTED |
12 | Reserved | NOT SUPPORTED |
13 | Invalid information element, i.e., an information element defined in this standard for which the content does not meet the specifications in Clause 7 |
NOT SUPPORTED |
14 | Message integrity code (MIC) failure | NOT SUPPORTED |
15 | 4-Way Handshake timeout | NOT SUPPORTED |
16 | Group Key Handshake timeout | NOT SUPPORTED |
17 | Information element in 4-Way Handshake different from (Re)Association Request/Probe Response/Beacon frame |
NOT SUPPORTED |
18 | Invalid group cipher | NOT SUPPORTED |
19 | Invalid pairwise cipher | NOT SUPPORTED |
20 | Invalid AKMP | NOT SUPPORTED |
21 | Unsupported RSN information element version | NOT SUPPORTED |
22 | Invalid RSN information element capabilities | NOT SUPPORTED |
23 | IEEE 802.1X authentication failed | NOT SUPPORTED |
24 | Cipher suite rejected because of the security policy | NOT SUPPORTED |
25-31 | Reserved | NOT SUPPORTED |
32 | Disassociated for unspecified, QoS-related reason | NOT SUPPORTED |
33 | Disassociated because QAP lacks sufficient bandwidth for this QSTA | NOT SUPPORTED |
34 | Disassociated because excessive number of frames need to be acknowledged, but are not acknowledged due to AP transmissions and/or poor channel conditions |
NOT SUPPORTED |
35 | Disassociated because QSTA is transmitting outside the limits of its TXOPs | NOT SUPPORTED |
36 | Requested from peer QSTA as the QSTA is leaving the QBSS (or resetting) | NOT SUPPORTED |
37 | Requested from peer QSTA as it does not want to use the mechanism | NOT SUPPORTED |
38 | Requested from peer QSTA as the QSTA received frames using the mechanism for which a setup is required |
NOT SUPPORTED |
39 | Requested from peer QSTA due to timeout | NOT SUPPORTED |
40 | Peer QSTA does not support the requested cipher suite | NOT SUPPORTED |
46-65535 | 46–65 535 Reserved | NOT SUPPORTED |
98 | Cisco defined | TBD |
99 | Cisco defined Used when the reason code sent in a deassoc req or deauth by the client is invalid – invalid length, invalid value etc |
Example: Send a Deauth to the AP with the reason code to be invalid, say zero |