The message indicates that the packet that was received is so much out of order that it slipped out of the reception window.
This typically happens when
a) A packet is process switched while others are CEF switched
b) QoS is activated and certain class of service are being starved
c) some packets take fancy paths that make them far out of order and they arrive late.
You do not have any QOS implemented so Regarding a) and c) along with bug CSCeg43855 which addresses the sequence numbering of packets we send just before encrypting, there might be other factors contributing to receiving out of order packets, and eventually seeing this error message reported, like 'once on the network, a packet might get processed switched for some reason while others get CEF switched, and this could cause very late packets.
Seemingly, at destination (just before decrypting), the same kind of thing could happen, and cause the message you are seeing. There is nothing you can do about that.
Typically, this sort of thing happens when packets are fragmented after being encrypted. They require reassembly before decryption and this takes and awful lot of time. Look for reassembly counters in 'show ip traffic'. If these increase when the problem happen, you have a likely culprit; reducing the ip mtu on the tunnel is a recommended solution.
HTH
Ankur
