VIP Enterprise Gateway validation fails with "Residual Password failed for user [vipuser]....Sending Access-Reject for user [vipuser] , reason=3; Incorrect LDAP Password." with multiple users after ruling out invalid user password and VIP security code. 

Invalid special character in the shared secret. 

The RADIUS shared secret may contain invalid special characters that need to be removed. This include ^ = & "

To verify, create a new Validation Server with the same settings as the problematic server but on an unused port. Start the service, then use the VSRADIUSCLIENT_TEST.EXE to duplicate the issue. Change the shared secret and retest until succesful. The test Validation Server can safely be deleted.