I have a good one for you all..
I am getting many of these entried in the logs and am not seeing a good definition as to the cause or solution..
“incoming packet out of replay window (xx events)”
They come in groups.
Any Ideas..
This page mentions the replay window and what it does:
http://www.mikrotik.com/docs/ros/2.9/ip/ipsec
Either they’re a result of someone trying a replay attack against you, or, more likely, they’re the result of conditions on the Internet which result in some packets arriving late.
Regards
Andrew
I think it is a delay issue.
Is there a way of increasing the byte count.
IE from 16 Bytes to 24 or 32.
Craig
We will probably enlarge replay window size for dynamic policies.
Speakng about manual policies, this setting will be user-configurable.
2csickles: It’s not a delay issue, it’s a packet reordering thing, i.e. the packets arrive out of order (multipath per-packet routing, bonding, or somebody trying to make a replay attack).