Why are the, established, permits in OUT3 getting no matches? The 207.190.2.96 network is for a NAT pool that works. Is there something wrong with the, established, rule format and how can I change the rules to get matches for the established traffic?
Any assistance would be good.
Extended IP access list IN3
10 permit icmp any host 199.9.9.9 echo (9 matches)
20 permit tcp 207.190.2.96 0.0.0.15 any eq www (4 matches)
30 deny tcp 207.190.2.96 0.0.0.15 host 195.5.5.254 eq telnet
40 permit tcp 207.190.2.96 0.0.0.15 195.5.5.0 0.0.0.255 eq telnet (25 matches)
50 permit udp 207.190.1.0 0.0.0.3 host 199.9.9.9 eq syslog
60 permit tcp 207.190.1.0 0.0.0.3 207.190.2.96 0.0.0.15 eq 22
70 permit gre host 207.190.1.2 host 208.190.2.2 (11 matches)
80 deny ip any any (17 matches)
Extended IP access list OUT3
10 permit icmp host 199.9.9.9 any echo-reply (9 matches)
20 permit tcp any 207.190.2.96 0.0.0.15 eq www established
30 permit tcp 195.5.5.0 0.0.0.255 207.190.2.96 0.0.0.15 eq telnet established
40 permit tcp 207.190.2.96 0.0.0.15 207.190.1.0 0.0.0.3 eq 22 established
50 permit gre host 208.190.2.2 host 207.190.1.2 (8 matches)