Re: Crypto error

Douglas Bradfield · ‎04-05-2012

Can anyone tell me was this error means? We are running encrypted GRE tunnels router to router. AES 256

Apr 4 16:09:41.349 EDT: %CRYPTO-4-PKT_REPLAY_ERR: decrypt: replay check failed

connection id=7357, sequence number=1860336

Richard Burts · ‎04-07-2012

Douglas

As part of the IPSec implementation of the encrypted GRE tunnel it checks on packets received to make sure that it has not seen that packet before. In this case it believes that it has seen this packet before. It looks like, for some reason, something along the path has re-transmitted this packet. I see this kind of message with some frequency and as long as there are not a lot of them I do not think that it is a big problem. Are you seeing a few or a lot of these?

HTH

Rick

HTH

Rick

Douglas Bradfield · ‎04-09-2012

HTH

I am not seeing a lot of these. I will keep an eye on it though.

Thank you

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Doug Bradfield

Network Analyst Ld

TSYS Network Services / Network Engineering

706-644-3559

From: rburts

To: Douglas Bradfield ,

Date: 04/07/2012 04:15 PM

Subject: - Re: Crypto error

Home

Re: Crypto error

created by Richard Burts in VPN - View the full discussion

Douglas

As part of the IPSec implementation of the encrypted GRE tunnel it checks

on packets received to make sure that it has not seen that packet before.

In this case it believes that it has seen this packet before. It looks

like, for some reason, something along the path has re-transmitted this

packet. I see this kind of message with some frequency and as long as

there are not a lot of them I do not think that it is a big problem. Are

you seeing a few or a lot of these?

HTH

Rick

Reply to this message by going to Home

Start a new discussion in VPN at Home