Novell Home

My Favorites

Close

Please to see your favorites.

802.1x authentication fails with Windows XP SP3 and Windows Server 2008 R2 RADIUS server

This document (7007679) is provided subject to the disclaimer at the end of this document.

Environment

Novell Client for Windows XP/2003
Microsoft Windows XP SP3
Microsoft Windows 2008 R2 Server

Situation

After upgrading from Windows XP SP2 to Windows XP SP3, 802.1x wireless authentication fails against a Windows Server 2008 R2 RADIUS server. Without the Novell Client 802.1x functionality enabled, an 802.1x connection is successfully established in 3 seconds over the wireless adapter installed on the workstation. But, after enabling 802.1x on the Novell Client, the 802.1x connection fails after 60 seconds. Novell Client displays the error:
 
802.1x Authentication failed. Timeout waiting for authentication to finish. Network Login not attempted.
 
The Windows Server 2008 R2 NPS RADIUS server log records the error:
 
Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.

Resolution

Use a different RADIUS server, such as FreeRADIUS instead of the Microsoft Windows 2008 R2 NPS RADIUS server.

Additional Information

Novell's NOVEAP.DLL 802.1x MSCHAPv2 provider isn't handling one or more Crypto-Binding TLVs being sent from the Microsoft Server 2008 R2 NPS RADIUS server. The default NPS server behavior of sending all the supported options is not configurable. Other (non-Microsoft) third-party supplicants have experienced the same problem.
 
Due to the substantial engineering resources required, and the fact that on October 14, 2010 the Novell Client 4.91 entered the Extended Support phase of its lifecycle, Novell does not expect to implement support for this configuration. (During Extended Support, only security or strategic fixes will be made. http://support.novell.com/lifecycle/faq.jsp#extsupport)

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7007679
  • Creation Date:26-JAN-11
  • Modified Date:26-APR-12
    • NovellClient

Did this document solve your problem? Provide Feedback