Radius Authentication / 802.1x with Multi-forest

Hello,

I am migrating to a new windows 2003 forest for consolidation. I am
currently using Radius for 802.1x authentication on the switches. I have
brought up a new Radius server in the new Forest/Domain and have pointed one
of the switches to the new Radius Server. I am able to authenticate if the
computer is a member of new the Domain/Forest. However, I can't get the
computers that exist in the old Domain/Forest to authenticate. Here are the
bullet points:

* 2 forests each with one domain; both Windows 2003 native domain and forest
functional.
* 1 Radius Server in the old and new domains.
* Two-way trust (domain-wide)
* Both Windows 2003 enterprise servers
* COMPUTER ONLY AUTHENTICATION, no user (requiring reg hack)
* I have gone into the existing domain and added the new IAS server in the
new domain to it's "RAS and IAS Server" security group.
* Works great with computers in the new domain which this problem radius
server is a member of
* All computers in the test are in their respective security groups and the
access policies match the existing radius, except for the addition of the new
& old domain names.

I get this error everytime (on the new Radius Server in new domain) when I
take a computer that is a member of the OLD domain:

Source: IAS
Event ID: 2

User host/computername.domain.local was denied access.

Fully qualified-user-name = NEWDOMAIN/host\computername.domain.local(<-- why
is it trying to go to the new domain when it is a member of the old domain) \

---

What I dont understand is why the error is spitting out the new domain when
the computer that is in question is a member of the old domain.

Any clues?

-Greg