"802.1X authentication failed. Timeout waiting for authentication to finish."

  • 7008119
  • 14-Mar-2011
  • 27-Apr-2012

Environment

Novell Client for Windows 2000/XP/2003 4.91 Support Pack 5 Login

Situation

When attempting to login with 802.1x authentication enabled, an error is seen:
 
"802.1X Authentication failed.  Timeout waiting for authentication to finish. Logging in to the workstation only."

The workstation logs in "workstation only." At some point, the 802.1x authentication does succeed, as once logged in "Workstation only," the user is able to access the network without any other actions.  But, he is not logged into eDirectory and does not have any mapped drives. Subsequent logins via the Red N also fail if he has the "Login using 802.1X" checkbox set on the 802.1X tab. After deselecting this checkbox, the user can login to eDir and, at that point, is working normally.

Resolution

Upgrade to Novell Client 4.91 Post-SP5 (IR1) or later. The fix is documented in the readme as: "Wireless interfaces configured for 802.1x authentication type of "DOT11_AUTH_ALGO_RSNA" not correctly recognized."

Additional Information

The  NOVEAP WinLogon debug log shows a line similar to the followng:

[NOVEAP-winlogon-47C-98418] Check8021xTypeAndState dot11AuthAlgorithm is DOT11_AUTH_ALGO_RSNA (6); EAPOLSTATE_UNDEFINED.

This indicates that the adapter is configured for RSNA, but the Novell Client mistakenly interprets this as an 802.1x authentication type it does not support.