We have a NetWare 6.5 SP3 server running RADIUS v4.14 which forwards
authentication to an ACE server for SecurID authentication. Recently,
it's developed a glitch where, whenever someone attempts to authenticate
via SecurID, they almost always get a '403 Forbidden - User Name
Mismatch' on the first try, but the second try works.

Any guesses what could be causing this?