Hi, I observed that if an S2S VPN connection of type IPSec Tunnel is used between two ISA 2004 servers or an ISA 2004 server and a Windows 2003 RRAS server, then the initiator delete every 5 minutes the QM SA (Event ID 542) and renegotiate a complete new QM SA (Event ID 541), even if there is traffic all the time (ping -t). This result of course in some ping time-outs. Can anybody explains why this happening and what can be done about it. Note that the OS used is a fully patched Windows 2003 SP1. Thanks, Stefaan