Dialup authentication says it works, but doesn't.

[Ernie Dunbar]

We have a Cisco AS5300 for our dialup pool. It is able to log into our new
FreeRadius server and make authentication requests, but users are not able
to authenticate.

It's very strange, because FreeRadius produces logs like this:

Thu Nov  2 11:06:24 2006 : Auth: Login OK: [XXXXXX/XXXXXX] (from client
dialup port 8)

But the client gets "Error 691: Your username or password are incorrect".

I can tell that it's authenticating properly, because when a user gets
their password wrong, I see this instead:

Thu Nov  2 11:02:20 2006 : Auth: Login incorrect: [user1/somepass] (from
client dialup port 13)
Thu Nov  2 11:02:20 2006 : Auth: Login incorrect: [user1/somepass] (from
client dialup port 13)

We're using FreeRadius' mysql support for authentication, and I'm
absolutely positive that part is working fine. It even creates accounting
data in the database.

Something else that might be interesting is what happens when I try to set
up a user in /etc/freeradius/users. The relevent stanza in the users file
is this:

foobar  Auth-Type := Local, User-Password == "asdf1234"
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-IP-Netmask = 255.255.255.0,
        Framed-Routing = Broadcast-Listen,
        Framed-Filter-Id = "std.ppp",
        Framed-MTU = 1500,
        Framed-Compression = Van-Jacobsen-TCP-IP,
        Fall-Through = No

The logs FreeRadius produces say this:

Thu Nov  2 12:09:09 2006 : Auth: Login incorrect (No password configured
for the user): [foobar/asdf1234] (from client dialup port 85)
Thu Nov  2 12:09:09 2006 : Auth: Login incorrect: [foobar/asdf1234] (from
client dialup port 85)
Thu Nov  2 12:09:09 2006 : Auth: Login incorrect (No password configured
for the user): [foobar/asdf1234] (from client dialup port 85)
Thu Nov  2 12:09:09 2006 : Auth: Login incorrect: [foobar/asdf1234] (from
client dialup port 85)