If your replay window size has not been set to a number that is high enough for the number of packets received, you will receive a system message such as the following:
*Nov 17 19:27:32.279: %CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed connection id=xxx
To prevent this error, you can do following:
rtr(config)# crypto ipsec security-association replay window-size 1024
July 24, 2014 at 04:32
thanks!!!