Landis+Gyr E850 - High level security - Invalid password. Server to Client challenge do not match.

Hi,

I'm trying to get a Landis & Gyr E850 to work using high level security with the Gurux.DLMS library (.Net). I am able to get it to work fine in GXDLMSDirector but when I attempt to do the same with my implementation, I am getting "Invalid password. Server to Client challenge do not match." Obviously, I am missing an important step or haven't configured the library correctly, but I just can't spot it.

Here is the comms stream from my application:

S -> 7E A0 07 03 61 93 69 47 7E
R <- 7E A0 1E 61 03 73 B5 7C 81 80 12 05 01 80 06 01 3E 07 04 00 00 00 01 08 04 00 00 00 01 07 22 7E
S -> 7E A8 47 03 61 10 6D BD E6 E6 00 60 3E A1 09 06 07 60 85 74 05 08 01 02 8A 02 07 80 8B 07 60 85 74 05 08 02 02 AC 12 80 10 47 16 0E 53 2C 54 05 46 68 07 56 5D 5D 28 09 45 BE 10 04 0E 01 00 00 00 06 5F 1F 04 00 93 FA 7E
R <- 7E A0 07 61 03 31 61 27 7E
S -> 7E A0 0E 03 61 12 8B 2B 1C 03 20 FF FF 4E 99 7E
R <- 7E A0 50 61 03 50 D9 D7 E6 E7 00 61 41 A1 09 06 07 60 85 74 05 08 01 02 A2 03 02 01 00 A3 05 A1 03 02 01 0E 88 02 07 80 89 07 60 85 74 05 08 02 02 AA 0A 80 08 35 44 31 42 30 30 30 30 BE 0F 04 0D 08 00 06 5F 1F 04 00 18 02 20 09 60 FA 00 81 42 7E
S -> 7E A0 24 03 61 34 42 3C E6 E6 00 06 01 02 FA 58 01 09 10 40 43 1E 7D 09 15 65 E2 34 19 8F 6C EF F4 DD C3 AE 2B 7E
R <- 7E A0 10 61 03 72 7E C3 E6 E7 00 0D 01 01 0D 1E 46 7E

The password for the meter at level 2 is 2222222 (client id = 48)

The code is as follows:

private GXDLMSSecureClient _client = new GXDLMSSecureClient();
_client.ClientAddress = 0x30;
_client.Authentication = Authentication.High;
_client.UseLogicalNameReferencing = false;
_client.InterfaceType = InterfaceType.HDLC;
_client.ServerAddress = 1;
_client.Password = DLMSLib.DLMS.ToByteArray(password); // byte[0x07] {0x32,0x32,0x32,0x32,0x32,0x32,0x32}

GXReplyData reply = new GXReplyData();
byte[] data;

data = dlms.Client.SNRMRequest();

int response = dlms.ReadDLMSPacket(data, 3, reply); // (data to send, retires, reply)
if (rf != 0)
{
// Comms failed & exit
}

_client.ParseUAResponse(data);

reply.Clear();
rf = dlms.ReadDataBlock(_client.AARQRequest(), 3, reply);
if (rf != 0)
{
// Comms failed & exit
}
_client.ParseAAREResponse(reply.Data);

if (_client.IsAuthenticationRequired)
{
reply.Clear();
rf = dlms.ReadDataBlock(_client.GetApplicationAssociationRequest(), 3, reply);
if (rf != 0)
{
// Comms failed & exit
}
_client.ParseApplicationAssociationResponse(reply.Data); // <-- throws exception - "Invalid password. Server to Client challenge do not match."

//reply.ErrorMessage = "Access Error : Device reports scope of access violated."
}

...

The dlms.ReadDLMSPacket and dlms.ReadDataBlock are our comm port send and receive functions and work with all other request on the meter.

The code works fine on Low security but it's just high level security I'm struggling with.

Any help would be much appreciated.
Thanks,
Andrew