Anti-Replay Checking on ASA 5520

Unanswered Question
Jan 4th, 2008

Is there a way to disable anti-replay checking on an ASA?? Im getting this error constantly almost in my log from one particular user, I have had them upgrade their VPN client to the newest version but it is still happening? Any suggestions?

%PIX|ASA-4-402119: IPSEC: Received an protocol packet (SPI=spi, sequence number= seq_num) from remote_IP (username) to local_IP that failed anti-replay checking.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
aghaznavi Thu, 01/10/2008 - 12:11

May be the received IPSec packet is fragmented and requires reassembly before authentication verification and decryption or the IPSec packets received by the decrypting router are out of order due to packet reordering at an intermediate device


This Discussion