I never implemented it, but I'm assuming it works because they have introduced this as a CLI command in 6.1.
This is the readme text:
"To support inline asymmetric traffic in earlier 6.0(x) releases, a
manual workaround was documented in the 6.0(4) readme file (refer
to the Resolved Caveats section of the 6.0(4) readme for details).
In the IPS 6.1 release, this functionality is now configurable via
the sensor CLI or IDM. If you utilized the workaround to enable
asymmetric traffic, the manual setting should be removed and
asymmetric traffic should be re-enabled as in the following example
using the CLI:
sensor-xyz(config)# ser analysis-engine
sensor-xyz(config-ana)# vi vs0
sensor-xyz(config-ana-vir)# inline-TCP-evasion-protection-mode ?
strict Full TCP ordering and sequence checking will be applied to
all TCP sessions on this virtual sensor.
asymmetric Relaxed TCP ordering and sequence checking will be
applied to all TCP sessions on this virtual sensor.
For more details regarding asymmetric traffic, refer to the
"Configuring the Cisco IPS Sensor Using the CLI IPS 6.1" on-line
user guide available at:
http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/tsd_products_support_series_home.html
Note: If the manual entry in the sensorApp.conf file is not removed,
the following main.log warning will be generated each time the sensor
is rebooted:
NormalizerSettings in sensorApp.conf (AsynchMode and AsymmetricFlows)
have been removed. Use Service AnalysisEngine - VS -
inline-TCP-evasion-protection-mode."
Regards
Farrukh