12-28-2018 09:50 AM - edited 02-21-2020 08:37 AM
We are receiving replay errors on a router, it was suggested we use the crypto ipsec security-association replay {window size} command to increase window size-- how do we do this thru FMC? On the ASA it is a snap
Solved! Go to Solution.
12-29-2018 01:40 PM
You would need to use FlexConfig to do this.
1. in FMC go to Objects and create a new FlexConfig object
2. Enter the command you would like to add to the FTD (ipsec security-association replay window-size 64 for example) and save
3. Go to Devices > FlexConfig and create a FlexConfig policy if you have not done so already
4. select the FlexConfig object you just created (should be located in user defined area) and then click the > symbol to add to the policy.
5. click save and deploy
12-31-2018 08:16 AM
Normally all commands you add using flexconfig will be append. Prepend is most commonly used when using "clear" or "no" commands.
So with that in mind, the policy will be an append.
12-29-2018 01:40 PM
You would need to use FlexConfig to do this.
1. in FMC go to Objects and create a new FlexConfig object
2. Enter the command you would like to add to the FTD (ipsec security-association replay window-size 64 for example) and save
3. Go to Devices > FlexConfig and create a FlexConfig policy if you have not done so already
4. select the FlexConfig object you just created (should be located in user defined area) and then click the > symbol to add to the policy.
5. click save and deploy
12-31-2018 06:35 AM
One last think would this be considered a prepend or append policy ?
12-31-2018 08:16 AM
Normally all commands you add using flexconfig will be append. Prepend is most commonly used when using "clear" or "no" commands.
So with that in mind, the policy will be an append.
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide