%CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed connection id=xxx

If your replay window size has not been set to a number that is high enough for the number of packets received, you will receive a system message such as the following:

*Nov 17 19:27:32.279: %CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed connection id=xxx

To prevent this error, you can do following:

rtr(config)# crypto ipsec security-association replay window-size 1024



Share the wealth!

1 Comment

  1. junior network engineer

    July 24, 2014 at 04:32

    thanks!!!

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2018 Lostdomain

Theme by Anders NorénUp ↑