[x]

IPsec commands > ipsec anti-replay window

 

 Next

ipsec anti-replay window

Use ipsec anti-replay window to set the anti-replay window size.

Use undo ipsec anti-replay window to restore the default.

Syntax

ipsec anti-replay window width

undo ipsec anti-replay window

Default

The anti-replay window size is 64.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

width: Specifies the size for the anti-replay window. It can be 64, 128, 256, 512, or 1024 packets.

Usage guidelines

Service data packets might be received in a very different order than their original order, and the IPsec anti-replay feature might drop them as replayed packets, affecting normal communications. If this happens, disable IPsec anti-replay checking or adjust the size of the anti-replay window as required.

Changing the anti-replay window size affects only the IPsec SAs negotiated later.

Examples

# Set the size of the anti-replay window to 128.

<Sysname> system-view
[Sysname] ipsec anti-replay window 128

Related commands

ipsec anti-replay check

prev

 

up

 next

ipsec anti-replay check 

home

 ipsec apply

© Copyright 2018 Hewlett Packard Enterprise Development LP