Thank you very much for the reply. The plot thickens. I will explain.

It is all one domain. We have several Domain Controllers and a distributed network, but they are all just replicated DCs across a couple different subnets.

I thought maybe that was the issue since the servers and clients were all authenticating against a DC in a different subnet than their own IPs. So, I stood up a new DC in their subnet. Now - Client #1 can no longer access the K2 workspace... very strange, no? REALLY - I am not making this up I promise :)

Here are a few other observations and things I've thought about / tried:

1. I do have BP SP1 installed.
   
2. From both clients, when attempting to access the K2 Workspace it prompts for credentials (because it obviously doesn't like the client's currently logged in credentials). After three failed attempts with various domain accounts (including domain\administrator under which all K2 services were installed and actively run to include the App Pool) IE returns 401 Unauthorized.
3. From both clients, when prompted for credentials, typing in the local admin (machinename\administrator) and password it WORKS.
4. Deploying attempts still fail because VS uses the logged in user to authenticate and reports the unauthorized error.
5. Consoled into the server, K2Workspace comes up just fine and shows domain\administrator logged in no problem.
6. I re-ran all the configuration wizards just to make sure everything was right: Server first, then Client. An odd thing here: the Server Config Wizard correctly reports the license key and type (does not expire). However, in the config wizard on the client, it reports the same License Number read from the server but it has the incorrect type and says set to expire 4 days ago. ??? Is this a bug on the client?
7. The exact error reported by IIS is: "HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration. Internet Information Services (IIS)" I'm wondering if this has something to do with the IIS Virtual directory permissions either in IIS or the file system. When I set everything up I created a new web site for the K2Workspace on port 88. Config Wizard doesn't complain about anything - and of course the workspace runs just fine locally or logged in as the local admin. But that is an IIS error. So maybe something isn't quite right? I've poked around... It's a little weird to me how K2 drops a single redirect htm file in the virtual directory that just points to the aspx files under \program files\k2\workspace (approximate file location). Maybe something there?
8. [Edit] Another tidbit just figured out... accessing the site by typing the IP address instead of the servername WORKS (ruling out IIS???)... hmmm... maybe a DNS issue with all the servers I was renaming and IP changing ... looking at things further. However, it did STILL prompt me for credentials, which I'm thinking it shouldn't... almost like IE thinks this server is outside the intranet even though it's just one hop over. Also: as a reminder - this issue does not affect SharePoint sites at all (which automatically authenticate just fine)... only K2 sites... and even if I can browse to it by IP address, that will still not correct the underlying problem also preventing deploying VS projects. Getting somewhere though. perhaps.
   

Anyway, I'm also seeing a kerberos error now so I'll chase down that trail too. What boggles me is that it worked on Client #1 at first and now it doesn't... grrrr.... Maybe I've done / overlooked something silly, but it does not seem like it should be this difficult to install / setup / configure and run BP on a single server.

Many thanks!