I have been wrestling with enabling tcp-bypass recently. We have assymetrical routing happening between two providers with BGP configured. I have tried configuring tcp-bypass on the inside interface, outside interface, and globally. Each time the PAT pool becomes exhausted. I am matching traffic in the ACL for our internal subnets to any for tcp, and I have also tried any to internal subnets for tcp. The latest attempt was a global policy-map matching internals to any for tcp, and the exhaustion took several hours longer than previously. Our PAT config is using the IP of the outside interface for translation.

Any ideas? I can post a scrubbed config during the maintenance window tonight if needed.

*EDIT: I forgot to mention, I have tried lowering the connection timeout via CLI with this latest attempt and still ended up with PAT exhaustion. One thing I have noticed is that I cannot edit the timeouts via ASDM under Connections Settings. When I try changing the timeouts for the service policy, I keep receiving an error in regards to the format of the times entered. The only settings I can get to work are the defaults.