R3166-R3206-HP High-End Firewalls VPN Command Reference-6PW101
51
Description
Use the ipsec anti-replay check command to enable IPsec anti-replay checking.
Use the undo ipsec anti-replay check command to disable IPsec anti-replay checking.
By default, IPsec anti-replay checking is enabled.
Examples
# Enable IPsec anti-replay checking.
<Sysname> system-view
[Sysname] ipsec anti-replay check
ipsec anti-replay window
Syntax
ipsec anti-replay window width
undo ipsec anti-replay window
View
System view
Default level
2: System level
Parameters
width: Size of the anti-replay window. It can be 32, 64, 128, 256, 512, or 1024.
Description
Use the ipsec anti-replay window command to set the size of the anti-replay window.
Use the undo ipsec anti-replay window command to restore the default.
By default, the size of the anti-replay window is 32.
Your configuration affects only IPsec SAs negotiated later.
Examples
# Set the size of the anti-replay window to 64.
<Sysname> system-view
[Sysname] ipsec anti-replay window 64
ipsec decrypt check
Syntax
ipsec decrypt check
undo ipsec decrypt check
View
System view
Default level
2: System level