Symptom
The default value of anti-replay window-size is 64. In case of ESP anti-replay errors, anti-replay window cannot be increased on FDM.
"Blacked listed cli error" displays after trying to configure a FlexConfig object or policy
Conditions
Attempting to configure "crypto ipsec security-association replay window-size" command in FlexConfig FDM
Workaround
there is no workaround
Further Problem Description
there is a log:
%FTD-4-402119: IPSEC: Received an ESP packet (SPI= 0xXXXXXXXX, sequence number= 0xXXXXXX) from xx.xx.xx.xx (user= xx.xx.xx.xx) to xx.xx.xx.xx that failed anti-replay checking.
