Related commands
ipsec anti-replay window
ipsec anti-replay window
Use ipsec anti-replay window to set the anti-replay window size.
Use undo ipsec anti-replay window to restore the default.
Syntax
ipsec anti-replay window width
undo ipsec anti-replay window
Default
The anti-replay window size is 64.
Views
System view
Predefined user roles
network-admin
Parameters
width: Specifies the size for the anti-replay window. It can be 64, 128, 256, 512, or 1024 packets.
Usage guidelines
Changing the anti-replay window size affect only the IPsec SAs negotiated later.
In some cases, some service data packets might be received in a very different order than its original
order, and the IPsec anti-replay function might drop them as replayed packets, affecting the normal
communications. If this happens, disable IPsec anti-replay checking or adjust the size of the anti-replay
window as required.
Examples
# Set the size of the anti-replay window to 128.
<Sysname> system-view
[Sysname] ipsec anti-replay window 128
Related commands
ipsec anti-replay check
ipsec decrypt-check enable
Use ipsec decrypt-check enable to enable ACL checking for de-encapsulated IPsec packets.
Use undo ipsec decrypt-check to disable ACL checking for de-encapsulated IPsec packets.
Syntax
ipsec decrypt-check enable
337
To Next Page
Loading...
Need help?
General
