Solution for disabling Anti-Replay on the Firewall for a specific tunnel.

kamal kumar · ‎09-24-2012

Hi Experts,

We need Solution for disabling Anti-Replay on the Firewall for a specific tunnel. ASA 8.4(2) ) does not support disabling Anti-Replay on specific Ipsec tunnel , is it true , then if we want to disable Anti-replay , what we have to do in ASA 5540 . Any guidance will be higly appriciated .

Thanks.

Karsten Iwen · ‎09-24-2012

You can control your anti-replay-settings globally on the ASA:

asa(config)# crypto ipsec security-association replay ?

configure mode commands/options:

disable Disable replay checking

window-size Set replay window size

--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

kamal kumar · ‎09-24-2012

Hi karsten.iwen

Thanks a lot . I think this will disable anti-replay for all IP Sec tunnels . How can we do it only for a particular tunnel ?

Javier Portuguez · ‎09-24-2012

Hi Kamal,

This is a global command and not per tunnel.

Thanks.

Portu.

kamal kumar · ‎09-24-2012

Hi Javier,

Thanks , Is there any possibility to do it for a particular tunnel only ?