no-anti-replay (Services Service Set)
Syntax
Hierarchy Level
Release Information
Statement introduced in Junos OS Release 10.0.
Description
Disable IPsec antireplay service for this service set, which occasionally causes interoperability issues for security associations. This statement is useful for dynamic endpoint tunnels for which you cannot configure the no-anti-reply statement at the [edit services ipsec-vpn rule rule-name term term-name then] hierarchy level.
For static IPsec tunnels, this statement disables the antireplay check for all the tunnels within this service set. If antireplay check has to be enabled for a particular tunnel, then set the anti-replay-window-size statement at the [edit services ipsec-vpn rule rule-name term term-name then] hierarchy level.
 | Note: Setting the anti-replay-window-size and no-anti-replay statements at the [edit services ipsec-vpn rule rule-name term term-name then] hierarchy level overrides the settings specified at the [edit services service-set service-set-name ipsec-vpn-options] hierarchy level. |
Usage Guidelines
See Configuring IPsec Service Sets or Configuring or Disabling IPsec Anti-Replay.
Required Privilege Level
admin—To view this statement in the configuration.
admin-control—To add this statement to the configuration.
