more info on this......
from my logs it looks like it might be a bug.
When I review the capture it appears every time that NeDI goes to the "legacy" vlans for the community string
using vlan 1002, 1003, 1004,1005 we get the authentication trap from the unit. These vlans do show in the "show vlan"
command but are legacy unless you actually have the cards.