Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Windows client cannot authenticate - EAPOL timeout 8021X_REQD

Hi Guys,

We are running a Cisco Wireless environment with 5508 WLC and 3502i AP's

A selection of clients running Windows XP SP3 are able to authenticate using AAA as host/hostname

But once the user hits ctrl + alt + del and logs in the machine attemps to authenticate as domain/user the dot1x authentication fails and the client is left at the 8021X_REQD state.

Debug dot1x for the client reveals the follow.

*dot1xMsgTask: Nov 16 17:08:59.666: 00:22:fa:ea:08:ba dot1x - moving mobile 00:22:fa:ea:08:ba into Connecting state

*dot1xMsgTask: Nov 16 17:08:59.666: 00:22:fa:ea:08:ba Sending EAP-Request/Identity to mobile 00:22:fa:ea:08:ba (EAP Id 1)

*Dot1x_NW_MsgTask_2: Nov 16 17:08:59.667: 00:22:fa:ea:08:ba Received EAPOL START from mobile 00:22:fa:ea:08:ba

*Dot1x_NW_MsgTask_2: Nov 16 17:08:59.667: 00:22:fa:ea:08:ba dot1x - moving mobile 00:22:fa:ea:08:ba into Connecting state

*Dot1x_NW_MsgTask_2: Nov 16 17:08:59.667: 00:22:fa:ea:08:ba Sending EAP-Request/Identity to mobile 00:22:fa:ea:08:ba (EAP Id 2)

*osapiBsnTimer: Nov 16 17:09:04.569: 00:22:fa:ea:08:ba 802.1x 'txWhen' Timer expired for station 00:22:fa:ea:08:ba and for message = M0

dot1x does not even make it to the AAA server once the user has logged in.

I have increased the advanced EAP and EAPOL timeouts to ensure it is not a timeout issue.

Any assitance apprecieated.

2 REPLIES
Hall of Fame Super Silver

Re: Windows client cannot authenticate - EAPOL timeout 8021X_RE

So you are saying that's it's only a few devices that are not connecting or all? Just. Trying to get an idea of what the issue is. What radius server and what do you see in the logs on the server.

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
New Member

Windows client cannot authenticate - EAPOL timeout 8021X_REQD

Thanks for the reply Scott. I have resolved the issue. It was related to RDP breaking 802.1x as the machines involved were being accessed via RDP.

Cheers,

916
Views
0
Helpful
2
Replies
CreatePlease login to create content