ASA Asymmetric Routing

Am I missing something or is the solution for this lab the same as the last? Are ASR group automatically configured? "ASR groups are not enabled until stateful failover is configured." It seems they are not enabled until you configure stateful failover but there is no config for it?

Also do you have any examples of using the nailed option as metioned in the lab writeup?


  • Hi,

       Yes, the lab is very similar with previous one, just that ASR groups are used in this task. ASR groups need to be manually configured, but will NOT be active/functional, until stateful failover is configured (even if only one ASA is used). The "nailed" option is just a regular static command, for pre ASA 8.3 code, which basically forces TCP state tracking and sequence checking to be skipped for sessions matching it.



  • Ah I see the commands now. Before I didn't notice

     asr-group 1<br /><br />In the context config. 
