These are three conditions that can trigger this error:
The IPSec-encrypted packets are forwarded out of order by the encrypting router. This is typically a result of QoS configuration on the encrypting router.
The IPSec packets received by the decrypting router are out of order due to packet re-ordering at an intermediate device.
The received IPSec packet is fragmented and requires re-assembly before authentication, verification and decryption. Since the re-assembly process takes place at the process level, it is possible that by the time the large packet is re-assembled, 64 smaller packets have already been processed by the crypto engine, thus causing the large packet to miss the anti-replay window.
What is VPN Accelerator Module?
The VPN Acceleration Module is used to achieve
Key generation and compression services suitable for both remote access and site-to-site VPN applications.