When I create a manual crypto map, the crypto map automatically provide anti-replay service. In cisco documents, anti-replay is not provided for manual IPSec SA. How to disable anti-replay service.
Crypto Map "manualmap" 10 ipsec-manual
Peer = 150.50.3.2
Extended IP access list 103
access-list 103 permit ip 150.50.3.0 0.0.0.255 150.50.3.0 0.0.0.255
Current peer: 150.50.3.2
Transform sets={ myset, }
Inbound esp spi: 1024,
cipher key: 1234123412341234,
auth_key: 56785678567856785678567856785678,
Inbound ah spi: 1024,
key: 1111111111111111111111111111111111111111,
Outbound esp spi: 2048
cipher key: 5678567856785678,
auth key: 12341234123412341234123412341234,
Outbound ah spi: 1024,
key: 2222222222222222222222222222222222222222,
Interfaces using crypto map manualmap:
Serial0/0
inbound esp sas:
spi: 0x400(1024)
transform: esp-des esp-md5-hmac ,
in use settings ={Tunnel, }
slot: 0, conn id: 2003, flow_id: 11, crypto map: manualmap
no sa timing
IV size: 8 bytes
replay detection support: Y