Replay window failure messages

Unanswered Question
Jul 10th, 2003
User Badges:

Hi all,


Our VPN 3015 is getting a lot of these errors. Is there anyway I can find out which client is causing this:


59580 07/11/2003 15:29:52.040 SEV=6 IPSEC/7 RPT=23125

IPSec ESP Tunnel Inb: Replay window failure - discarding packet!


Our concentrator is using vpn3000-3.6.7.F-k9.bin with VPNclient from 3.1 to 3.6.3


I think after we upgraded to this 3.6.7 version that's when I noticed a lot of these errors.


Can someone advised what client is causing this or anyway I can find out


Much thanks

Justin


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
drolemc Wed, 07/16/2003 - 11:21
User Badges:
  • Silver, 250 points or more

The message is related to DOS attack prevention. It could be in response to an actual attack or in some cases due to routing problems or packet corruption. A similar problem that I know of was in a setup where some of the clients were behind a Linksys router and had something to do with the way in which the linksys routers handle IPSec tunneling. If you too have devices behind a Linksys, then the error messages are to be expected.

justinvo Wed, 07/16/2003 - 15:08
User Badges:

thanks for that. We don't use Linksys routers, only Dlinks and PIX501.


Do you know if there's a debug or anyway to find out which IP address or who is causing this ?


kind regards,

Justin Vo


Actions

This Discussion