I have a scenario where Asymmetric Routing can give problems.I have 2 edge routers connecting to 2 different ISPs say ISP1 and ISP2.Preferred ISP is ISP1 for incoming and outgoing traffic. HSRP runs between inside interfaces of these routers and track the outside interface at the same time. These routers run Cisco IOS firewall too but the model of the router does not support Stateful Failover between the firewalls running on these two routers. Router model is 2811. Cisco has confirmed this. Now I have IPSec VPNs also terminated on the HSRP IP on this pair. We have configured eBGP so that send/receive traffic is through ISP1 and ISP2 path is standby and takes over if ISP1 link fails as per HSRP tracking.Now my question is that despite symmetric routing configuration in eBGP to send/receive traffic through ISP1 is there any chance that the return traffic may come through ISP2. If it does then this design has problems as the packet at the other router will get dropped as it is also running Stateful IOS firewall on it. Can anybody help me on this please?
Your assumption is correct and you have to discuss with both ISPs on the best way to manipulate the return traffic. It's up to them, how to apply the best implementation because they are the one in control.