If your replay window size has not been set to a number that is high enough for the number of packets received, you will receive a system message such as the following:

*Nov 17 19:27:32.279: %CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed connection id=xxx

To prevent this error, you can do following:

rtr(config)# crypto ipsec security-association replay window-size 1024



Share the wealth!

One comment on “%CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed connection id=xxx

Leave a Reply

Your email address will not be published. Required fields are marked *