Index: sys/netipsec/xform_ah.c
===================================================================
--- sys/netipsec/xform_ah.c
+++ sys/netipsec/xform_ah.c
@@ -665,6 +665,13 @@
 	crp->crp_callback = ah_input_cb;
 	crp->crp_opaque = xd;
 
+	if (sav->flags & SADB_X_SAFLAGS_ESN &&
+	    sav->replay != NULL && sav->replay->wsize != 0) {
+		seqh = htonl(seqh);
+		memcpy(crp->crp_esn, &seqh, 4);
+		crp->crp_flags |= CRYPTO_F_ESN;
+	}
+
 	/* These are passed as-is to the callback. */
 	xd->sav = sav;
 	xd->nxt = hl;
@@ -845,6 +852,7 @@
 	uint16_t iplen;
 	int error, rplen, authsize, ahsize, maxpacketsize, roff;
 	uint8_t prot;
+	uint32_t seqh;
 
 	IPSEC_ASSERT(sav != NULL, ("null SA"));
 	ahx = sav->tdb_authalgxform;
@@ -1044,6 +1052,12 @@
 	crp->crp_callback = ah_output_cb;
 	crp->crp_opaque = xd;
 
+	if (sav->flags & SADB_X_SAFLAGS_ESN && sav->replay != NULL) {
+		seqh = htonl((uint32_t)(sav->replay->count >> 32));
+		memcpy(crp->crp_esn, &seqh, 4);
+		crp->crp_flags |= CRYPTO_F_ESN;
+	}
+
 	/* These are passed as-is to the callback. */
 	xd->sp = sp;
 	xd->sav = sav;
Index: sys/netipsec/xform_esp.c
===================================================================
--- sys/netipsec/xform_esp.c
+++ sys/netipsec/xform_esp.c
@@ -356,6 +356,7 @@
 		goto bad;
 	}
 
+	crp->crp_flags = CRYPTO_F_CBIFSYNC;
 	if (esph != NULL) {
 		crp->crp_op = CRYPTO_OP_VERIFY_DIGEST;
 		crp->crp_aad_start = skip;
@@ -364,11 +365,17 @@
 		else
 			crp->crp_aad_length = hlen;
 		crp->crp_digest_start = m->m_pkthdr.len - alen;
+
+		if (sav->flags & SADB_X_SAFLAGS_ESN &&
+		    sav->replay != NULL && sav->replay->wsize != 0) {
+			seqh = htonl(seqh);
+			memcpy(crp->crp_esn, &seqh, 4);
+			crp->crp_flags |= CRYPTO_F_ESN;
+		}
 	}
 
 	/* Crypto operation descriptor */
 	crp->crp_ilen = m->m_pkthdr.len; /* Total input length */
-	crp->crp_flags = CRYPTO_F_CBIFSYNC;
 	if (V_async_crypto)
 		crp->crp_flags |= CRYPTO_F_ASYNC | CRYPTO_F_ASYNC_KEEPORDER;
 	crp->crp_mbuf = m;
@@ -641,6 +648,7 @@
 	int hlen, rlen, padding, blks, alen, i, roff;
 	int error, maxpacketsize;
 	uint8_t prot;
+	uint32_t seqh;
 
 	IPSEC_ASSERT(sav != NULL, ("null SA"));
 	esph = sav->tdb_authalgxform;
@@ -859,6 +867,12 @@
 		else
 			crp->crp_aad_length = hlen;
 		crp->crp_digest_start = m->m_pkthdr.len - alen;
+
+		if (sav->flags & SADB_X_SAFLAGS_ESN && sav->replay != NULL) {
+			seqh = htonl((uint32_t)(sav->replay->count >> 32));
+			memcpy(crp->crp_esn, &seqh, 4);
+			crp->crp_flags |= CRYPTO_F_ESN;
+		}
 	}
 
 	return crypto_dispatch(crp);