We have two 2008 R2 file servers and (mostly) XP clients. Random clients sporatically drop mapped connections to 2 file servers, and access to the server is not resstored with log off/log on, but requires a client reboot. This produces a Security log entry on both the client and server. Below is an example from the server. Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 10/12/2011 11:37:56 PM Event ID: 4654 Task Category: IPsec Quick Mode Level: Information Keywords: Audit Failure User: N/A Computer: FS1.housing.berkeley.edu Description: An IPsec quick mode negotiation failed. Local Endpoint: Network Address: 169.229.70.221 Network Address mask: 0.0.0.0 Port: 0 Tunnel Endpoint: - Remote Endpoint: Network Address: 169.229.66.65 Address Mask: 0.0.0.0 Port: 0 Tunnel Endpoint: - Private Address: 0.0.0.0 Additional Information: Protocol: 6 Keying Module Name: IKEv1 Virtual Interface Tunnel ID: 0 Traffic Selector ID: 0 Mode: Transport Role: Responder Quick Mode Filter ID: 70928 Main Mode SA ID: 380657 Failure Information: State: Sent first (SA) payload Message ID: 1833354141 Failure Point: Local computer Failure Reason: Cannot create a file when that file already exists. I haven't been able to find any mention of this online. Any ideas? Thanks! Bob Muzzy SA IT, UC Berkeley