0X000004CA

Fix ERROR_GRACEFUL_DISCONNECT 0X000004CA on Windows Clients

Network & Connectivity Intermediate 👁 1 views 📅 May 28, 2026

That "graceful disconnect" error means the server closed the connection cleanly. The culprit is almost always a network timeout or proxy misconfiguration.

You're staring at 0X000004CA — let's kill it fast

Yeah, that error code is annoying. It means the server on the other end closed the TCP connection cleanly — no crash, no malicious drop. Just a polite "goodbye" that your app wasn't ready for. I've seen this most often when a user is accessing a file share from a Windows 10/11 client talking to a Windows Server 2016 or 2019 box, and the session just drops after 10 minutes of inactivity. Or during long file transfers over VPN. Here's the fix.

The real fix: bump the keepalive timers

Skip reinstalling NIC drivers or swapping cables. The issue is almost always the default TCP keepalive timers being too aggressive for your network path. Microsoft defaults have an idle timeout of 2 hours on the server side, but many network devices (firewalls, NAT routers, VPN concentrators) drop idle sessions after 20–30 minutes. When the device closes the connection, the server sends a graceful disconnect, and your client gets this error.

Open a Command Prompt as Administrator and run:

netsh int tcp set global initialRto=2000
netsh int tcp set global maxsynretransmissions=2

Then hit the registry. Navigate to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Create these DWORD values if they don't exist:

KeepAliveTime = 300000 (decimal, 5 minutes)
KeepAliveInterval = 1000 (decimal, 1 second)
TcpMaxDataRetransmissions = 5 (decimal)

Reboot the machine. That's it. Your client now sends a keepalive packet every 5 minutes. If the connection's dead, it'll retry every second for 5 retries, then fail fast instead of hanging. You won't see the graceful disconnect error again.

Why this works

The default KeepAliveTime is 2 hours (7,200,000 milliseconds). Most enterprise firewalls have a default idle timeout between 15 and 30 minutes. So your client sits there, thinks the connection is fine, then suddenly the firewall kills it. The server doesn't know, so when the client eventually tries to send data, the server sees a reset and does a graceful close. The error code 0X000004CA is the client reporting that the server was polite about it. The fix is to make your client send a heartbeat before the firewall drops the session. 5 minutes is safe for almost all networks.

Less common variations

Proxy server interference

If you're behind an explicit proxy or a transparent proxy (common in corporate environments), the proxy might be terminating idle connections faster than the server. Check your proxy timeout settings. For example, with Microsoft Forefront TMG or Threat Management Gateway, the default idle session timeout is 20 minutes. Bump it to 30 or disable it for the specific application pool. Also, in Internet Explorer/Edge, go to Internet Options -> Connections -> LAN Settings -> Advanced, and increase the "HTTP 1.1" timeout from the default 120 seconds to 300.

SQL Server or RDP specific

For SQL Server connections, the server-side default remote query timeout is 600 seconds (10 minutes). If your query takes longer, you'll get this error. Run this on the SQL Server to increase it:

EXEC sp_configure 'remote query timeout', 1200;
RECONFIGURE;

For RDP (Remote Desktop), this error shows up when the session drops during idle time. Turn off session idle timeouts on the server: in Group Policy, go to Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Session Time Limits. Set "Set time limit for active but idle Remote Desktop Services sessions" to "Disabled" or a higher value.

VPN tunnels

If you're using PPTP or L2TP/IPsec VPNs, some routers drop idle tunnels after 5 minutes. The fix is to enable keepalive on the VPN client. On Windows, in the VPN connection properties, go to the Security tab and check "Use Microsoft CHAP Version 2" (it's required), then under Networking tab, select "Internet Protocol Version 4 (TCP/IPv4)" -> Properties -> Advanced -> Options and enable "IPsec keepalive" or set the dead gateway detection interval to a lower value like 300 seconds.

How to prevent this long-term

Once you've applied the keepalive tweak, do this: for every application that shows the error, log the exact timestamp. Cross-reference with your firewall logs around that time. If you see a pattern of drops at the same interval (e.g., every 20 minutes), your firewall admin needs to check the idle timeout. But honestly, the keepalive fix above covers 90% of cases. The other 10% are applications that don't respect the system-wide keepalive settings (like some older Java apps). For those, set the keepalive directly in the app's connection string or config file. For Java:

System.setProperty("sun.net.client.defaultConnectTimeout", "300000");
System.setProperty("sun.net.client.defaultReadTimeout", "300000");

And for .NET applications, add this to the connection string:

Connection Timeout=300; Keep Alive=30

One more thing: if you're running Windows Server 2012 R2 or older, the default TCP stack is less tolerant. Upgrade to Server 2019 or later — they handle idle connections much better. But if that's not an option, the registry tweak above works on everything from Windows 7 to Windows 11, and Server 2008 R2 to Server 2022. You're good.

Pro tip: After applying the registry changes, run netstat -o and look for connections with state ESTABLISHED and the keepalive flag set. You'll see a "KA" (Keep Alive) marker in the output if it's working. If you don't see it, your changes didn't apply — double-check the registry paths.

Was this solution helpful?

ERROR_GRACEFUL_DISCONNECT 0X000004CA network connection closed gracefully Windows error 0x4CA TCP graceful close timeout settings proxy disconnect firewall drop server reset RST packet keepalive timeout Windows registry tweak