Implementing Cisco IP Routing (CCNP ROUTE, legacy) — Question 313

Which option is one way to mitigate symmetric routing on an active/active firewall setup for TCP-based connections?

Answer options

• A. Performing packet captures
• B. Disabling asr-group commands on interfaces that are likely to receive asymmetric traffic
• C. Replacing them with redundant routers and allowing load balancing
• D. Disabling stateful TCP checks

Correct answer: D

Explanation

Disabling stateful TCP checks allows the firewall to manage TCP connections without requiring synchronization, which helps to prevent issues related to symmetric routing. The other options do not directly address the problem of symmetric routing or may introduce additional complexities without resolving the underlying issue.