I'm running into an issue with a L2L VPN we have between one of our remote sites. At times one of the many networks there will stop passing traffic across the tunnel. Other networks at this location will continue to traverse the tunnel just fine when this issue crops up. My location has a PIX 515e w/ 6.3(5) and the remote site has NetScreen ISG 2000 w/ 6.1r5. I see a lot of the below errors when this issue is occuring.
IPSEC(cipher_ipsec_request): decap failed for <remote peer ip> -> <local peer ip>
IPSEC(sw_esp_decap): fail antireplay check
IPSEC(cipher_ipsec_request): decap failed for <remote peer ip> -> <local peer ip>
IPSEC(sw_esp_decap): fail antireplay check
IPSEC(cipher_ipsec_request): decap failed for <remote peer ip> -> <local peer ip>
IPSEC(sw_esp_decap): fail antireplay check
I'm sure it's not an antireplay attack, but not sure what is triggering this condition. On the Juniper side, I do not have the antireplay feature enabled, is it possible to disable antireplay checking on the PIX?
Any thoughts/recommendation welcome.
TIA