48-4
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 48 Configuring Connection Settings
Licensing Requirements for Connection Settings
in the fast path for the connection, and the packets are dropped. Figure 48-1 shows an asymmetric
routing example where the outbound traffic goes through a different adaptive security appliance than the
inbound traffic:
Figure 48-1 Asymmetric Routing
If you have asymmetric routing configured on upstream routers, and traffic alternates between two
adaptive security appliances, then you can configure TCP state bypass for specific traffic. TCP state
bypass alters the way sessions are established in the fast path and disables the fast path checks. This
feature treats TCP traffic much as it treats a UDP connection: when a non-SYN packet matching the
specified networks enters the adaptive security appliance, and there is not an fast path entry, then the
packet goes through the session management path to establish the connection in the fast path. Once in
the fast path, the traffic bypasses the fast path checks.
Licensing Requirements for Connection Settings
Guidelines and Limitations
This section includes the following guidelines and limitations:
• TCP State Bypass Guidelines and Limitations, page 48-5
ISP A
Inside
network
Outbound?Traffic
Return?Traffic
ISP B
251155
Security
appliance 1
Security
appliance 2
Model License Requirement
All models Base License.
To Next Page
Loading...
Need help?
General
