Ok, I have nailed this down to a conflict between the role session timer/timeout and the HC/NC timeouts. When the user has an ungraceful disconnect (power down/wifi out/battery out), the PC will have a session cookie valid until the idle timeout for the role (in this case 60 mins). The HC is set to check every 10 mins and idle with no activity after 20. The Network Connect then drops after around 20 mins as the HC checks fail and NC has no traffic. The session is deleted from the IVE (you can tell by watching the Active Users/Logs). At this point, if the user attempts to logon again, he gets the 'concurrent users' page and clicks 'continue' to kill the old session. Here's the problem - for some reason (something to do with the session cookie) the user is denied logon, given a message telling them that a session is already on the IVE with it's IP address. Multiple attempts to re-connect get the same message until the 60 mins idle is up. Bug or just an idle timer conflict? Ways around it? Cache Cleaner - would ensure the session is clean to start with? But is a global change and would affect the user experience. Reduce the Session Idle timout, make it closer or equal to the HC inactivity timeout? Turn off Persistent Sessions - would make sure the session is closed upon browser closure - but again, would affect the user experience....they use a custom home page so won't know that they're killing their session when closing the browser. Your thoughts? ... View more