300-320 question 187 discussion


Which two of these correctly describe asymmetric routing and firewalls? (Choose two.)

  • A. only operational in routed mode
  • B. only operational in transparent mode
  • C. only eight interfaces can belong to an asymmetric routing group
  • D. operational in both failover and non-failover configurations
  • E. only operational when the firewall has been configured for failover
Created 2 months, 2 weeks ago by mark_3094


ASA active/active failiver is required for ASR groups, so D is wrong. E is correct https://books.google.com.au/books?id=GE41mDeQrLwC&pg=PA704&lpg=PA704&dq=asa+asr+group&source=bl&ots=EztAv-XuhJ&sig=r789sSn20_qC_L6NmDYlN9YLWoE&hl=en&sa=X&ved=0ahUKEwjs9ZOioO_UAhVCj5QKHfpwCIEQ6AEITjAF#v=onepage&q=asa%20asr%20group&f=false


D - correct with only 1 firewall but 2 "outside" interfaces (connected to 2 different ISPs) u can still observe asymmetric routing behavior C - I have doubts "Additional Guidelines and Limitations No two interfaces in the same context should be configured in the same ASR group." 8 is the limit of interfaces in traffic zones which is other feature used to deal with asymmetric routing https://www.cisco.com/c/en/us/td/docs/security/asa/asa93/configuration/general/asa-general-cli/interface-zones.html#65622