Replay detection

Replay detection is a feature of the IPSec standard for the detection of so-called replay attacks. In a replay attack, an unauthorized station logs data and sends this, either repeatedly or with a delay, to a remote site to simulate a different identity.

Replay detection defines a certain number of consecutive packets (a "window" with the length of "n"). Because the IPSec standard provides the packets with a continuous sequence number, the receiving VPN device can determine whether a packet contains a sequence number from the permitted window. If, for example, the current highest received sequence number is 10,000 and the window width is 100, then a sequence number of 9,888 is outside the permitted window.

Replay detection discards received packets if:

Please consider the following aspects when configuring the replay-detection window:

Important: You have to weigh-up the application of replay detection for your particular case. Only activate replay detection if the security of the VPN connection is more important to you than interference-free data transfer.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo