As cjoseph says it's a bug in the IP stack on Windows XP. I've had two customers with this problem in the past month.
The laptop changes the domain computer password every 30ish days by default. When this happens the laptop should authenticate with the old password and sync the new one with AD, but this doesn't work on the wireless connection, only a wired connection will actually update the password.
So as suggested, changing the machine account password timeout or disabling it may fix your problem, otherwise move to EAP-TLS.