Hello,
i have the following Setup:
1x Single Tree Server with Nw 6.5 SP1a / BM3.8 SP2
This is a simple authentication Server which is placed in our dmz. Some users are synchronized with dirxml from the productive main tree to the authentication tree.
Primary this box is used for client2site vpn with vasco digipass tokens. This setup is working.

Now i wish to use the same box for ichain Radius authentication.
I have setup a 2nd box in the dmz for ichain 2.3. I have made the necessary schema extension on the Authentication server and installed the snapins for ichain.

I tested authentication with ldap to the authentication server.... no problem

Now the problems:
I setup a authentication profile on the ichain server for radius
I configured the authentication servers lpo and radius objects. All this is described in the ichain admin book page 89 (chapter 7 using radius authentication)

When i check the radius console i get the following message:
[DATE TIME] Access Request Dropped
IchainIP, cn, Unknown Radius client

What i did again: I found several tid's where the problem is described. I Changed rights to the lpo, installed the nmas234.tar, changed userprops.....but till now nothing works.

MoreSysinfos:
Radius.nlm V 4.14 / 6.March 2003
nmas.nlm 2.68 / 17.June 2004
nmasldap.nlm V 1.20 / 31.March 2004

Here the RadiusDebugLog, during authentication:
[2004-08-09 02:42:40 PM] Deleting file "sys:etc\radius\log\20040802.log", failed
[2004-08-09 02:42:40 PM] Parameter count = 1
[2004-08-09 02:42:40 PM] argv[0] = SYS:\SYSTEM\RADIUS.NLM
[2004-08-09 02:42:40 PM] Tree Name = "<null>"
[2004-08-09 02:42:40 PM] Login Name = "<null>"
[2004-08-09 02:42:40 PM] Name = "<null>"
[2004-08-09 02:42:40 PM] Workers = 0
[2004-08-09 02:42:40 PM] Port = 0
[2004-08-09 02:42:40 PM] Error encountered = 0
[2004-08-09 02:42:40 PM] Checking if parameters are to be retrieved from Registry
[2004-08-09 02:42:40 PM] Got Tree Name from registry, "<null>"
[2004-08-09 02:42:40 PM] Got Login Name from registry, "<null>"
[2004-08-09 02:42:40 PM] Got Service Name from registry, "<null>"
[2004-08-09 02:42:40 PM] Got Number Threads from registry, 5
[2004-08-09 02:42:40 PM] Got Service Port from registry, 1645
[2004-08-09 02:42:40 PM] Got Accounting Port from registry, 1646
[2004-08-09 02:42:40 PM] Got Accounting Path from registry, "sys:\etc\radius\acct"
[2004-08-09 02:42:40 PM] Got Accounting File Format from registry, "comma"
[2004-08-09 02:42:40 PM] Got RollOver from registry, "daily"
[2004-08-09 02:42:40 PM] Services supported, [2004-08-09 02:42:40 PM] "authentication" [2004-08-09 02:42:40 PM] "accounting" [2004-08-09 02:42:40 PM]
[2004-08-09 02:42:40 PM] Got Accounting Attribute File from registry, sys:\etc\radius\radacct.atr
[2004-08-09 02:42:40 PM] Got Authentication Path from registry, sys:etc\radius
[2004-08-09 02:43:03 PM] Debug logging enabled to file sys:etc\radius\debug\raddbg.log
[2004-08-09 02:43:17 PM] 1) [(ip) 62.200.168.121:1812], Received 43 Bytes (Access-Request (1))
[2004-08-09 02:43:17 PM] [(total=1) (p=0) (d=0) (r=0) (acc=0) (rej=0)]
[2004-08-09 02:43:17 PM] <2> Done GetNextMessage [(ip) 62.200.168.121:1812]: time:208207
[2004-08-09 02:43:17 PM] -------- START : (Access-Request (1)) [(ip) 62.200.168.121:1812]: time:-35971301---
[2004-08-09 02:43:17 PM] CACHE: CacheDomainListExist(ichaindas.ichain.netstal), using cache
[2004-08-09 02:43:17 PM] AuthRequestHandler(), Calling RequestHandler.
[2004-08-09 02:43:17 PM] CACHE: CacheReadSecretForNASAddress(ichaindas.ichain.nets tal), using cache
[2004-08-09 02:43:17 PM] HandleLocalRequest(), CacheReadSecretForNASAddress failed, no such RADIUS client (-822), Packet Dropped
[2004-08-09 02:43:17 PM] -------- END : (Access-Request (1)) [(ip) 62.200.168.121:1812]: time:-35971299---
[2004-08-09 02:43:23 PM] 2) [(ip) 62.200.168.121:1812], Received 43 Bytes (Access-Request (1))
[2004-08-09 02:43:23 PM] [(total=2) (p=1) (d=0) (r=0) (acc=0) (rej=0)]
[2004-08-09 02:43:23 PM] <3> Done GetNextMessage [(ip) 62.200.168.121:1812]: time:266774
[2004-08-09 02:43:23 PM] -------- START : (Access-Request (1)) [(ip) 62.200.168.121:1812]: time:-35912704---
[2004-08-09 02:43:23 PM] CACHE: CacheDomainListExist(ichaindas.ichain.netstal), using cache
[2004-08-09 02:43:23 PM] AuthRequestHandler(), Calling RequestHandler.
[2004-08-09 02:43:23 PM] CACHE: CacheReadSecretForNASAddress(ichaindas.ichain.nets tal), using cache
[2004-08-09 02:43:23 PM] HandleLocalRequest(), CacheReadSecretForNASAddress failed, no such RADIUS client (-822), Packet Dropped
[2004-08-09 02:43:23 PM] -------- END : (Access-Request (1)) [(ip) 62.200.168.121:1812]: time:-35912701---
[2004-08-09 02:48:42 PM] (->)Cacher: NWDSReadObjectInfo(ichaindas.ichain.netstal), succeeded, time:2



Thanks

Stefan