802.1X & WiFi fails at EAP-Response/Identity

Hello,

I have a small issue with 802.1X-authentication. Basically, it halts - and I

want to kick it off again. =)

The setup consist of

- WinXP w/ SP2 (WZC and native supplicant software)

- Cisco 4400 Wireless Controller

- Win2K3 IAS

- EAP-PEAP w/ MSChapv2 (WPA-TKIP)

And this is how the story goes.

The client has been configured to connect to the wireless network with an

EAP-START and logs in either using the logon-credentials or manually type it.

What happens: When connecting, Windows just stays at the same daft "Waiting

for the network"-picture.

If we go a bit under the skin, we'll learn the following statements are true:

- Client sends EAP-Start

- Controller responds with EAP-Request/Identity

- The Client does _not_ send any more frames (we are expecting an

EAP-Response at this point)

Ok, so we have verified that the last component to do something is the Cisco

4400 Wireless Controller - And we know the client has received the frame.

If we look under the EAP-header-hood of the frame, we'll find the following

Code: Request (1)

Id: 1

Length: 55

Type: Identity [RFC3748] (1)

Identity (50 bytes): \000networkid=Adminnett, nasid=Cisco_92:0f:a3,portid=1

So if we enable a trace (netsh ras set tra * ena) and have a look in the

EAPOL.log we'll find a few interesting lines of ASCII-characters.

[1980] 16:27:18:689: ElParseIdentityString: LocalIdString =

networkid=Adminnett,nasid=Cisco_92:0f:a3,portid=1

[1980] 16:27:18:689: ElParseIdentityString: LocalIdString Length = 50

[1980] 16:27:18:689: ElParseIdentityString: NetworkID Size = 10

[1980] 16:27:18:689: Got NetworkId = Adminnett

[1980] 16:27:18:689: Got NASId = Cisco_92:0f:a3

[1980] 16:27:18:689: ElParseIdentityString: For PortId, length = 1

[1980] 16:27:18:689: Got PortId = 1

/* So it has found the correct information regarding SSID, NAS and port */

/* Shortly after we'll find this bit, where I think everything is stops */

[1980] 16:27:18:689: ElParseIdentityString: Calling NLARegister_802_1X with

params {6752365D-89C9-489E-8AC4-27970FDF904B} and

networkid=Adminnett,nasid=Cisco_92:0f:a3,portid=1

[1980] 16:27:18:689: NLARegister_802_1X: Entered

[1980] 16:27:18:689: NLARegister_802_1X: g_hNLA_LPC_Port != NULL

[1980] 16:27:18:689: NLARegister_802_1X: Completed with status = 0

[1980] 16:27:18:689: ElParseIdentityString: Returned after calling

NLARegister_802_1X

[1980] 16:27:18:689: ElGetIdentity: Userlogged, Prev !Machine auth

[1980] 16:27:18:689: ElGetIdentity: Userlogged,