Sh log of cisco 1841 vpn modulke router

Unanswered Question
Apr 1st, 2008

Can someone explain we what this sh log

output means

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/lock.gif', client 10.199.206.100:1326 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/search-cap.gif', client 10.199.206.100:1325 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/footer-pulsemask.jpg', client 10.199.206.100:1324 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'www.wachovia.com/metrics/stats.js', client 10.199.206.100:1323 server 169.200.182.21:80

*Apr 1 07:04:45: %URLF-4-URL_BLOCKED: Access denied URL 'ad.doubleclick.net/activity;src=800562;type=initi091;cat=landi727;ord=1;num=7771339589507.319?', client 10.199.206.100:1335 server 216.73.87.153:80

*Apr 1 07:04:47: %URLF-6-URL_ALLOWED: Access allowed for URL 'switch.atdmt.com/action/DRV_WachoviaHomepage', client 10.199.206.100:1337 server 12.130.60.5:80

*Apr 1 07:04:51: %URLF-4-URL_BLOCKED: Access denied URL 'ehg-wachovia.hitbox.com/HG?hc=&hb=DM530604BKCA%3BDM530603MGEW&cd=1&hv=6&n=/Wachovia+Home+Page&con=&vcon=/home&tt=none&ja=y&dt=9&zo=-180&lm=1207033168000&ce=y&ss=1024*768&sc=32&sv=13&cy=lan&hp=n&ln=en-us&vpc=090101r&vjs=HBX0141.01uc&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=&epg=n&cv=', client 10.199.206.100:1345 server 64.154.81.197:80

*Apr 1 07:05:20: %SEC-6-IPACCESSLOGP: list FW-out denied tcp 24.142.122.2(2158) -> 203.177.3.42(554), 1 packet

IB01-rt1# sh ver

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
andrew.burns Tue, 04/01/2008 - 00:48

Hi,

It looks like url filtering is configured - if you want to stop seeing these messages in the log you can disable with no ip urlfilter audit-trail.

Not sure if that answers your question though.

HTH

Andrew.

mahesh18 Tue, 04/01/2008 - 04:57

Thanks for Reply andrew.

Basically i want to know if logs show that

circuit was down or not ??

mahesh18 Tue, 04/01/2008 - 05:12

Also can soneone explaine me

%SEC-6-IPACCESSLOGP: list FW-out denied udp 24.142.122.2(4875) -> 209.73.166.146(3478), 9 packets

*Apr 1 12:13:20: %SEC-6-IPACCESSLOGP: list FW-out denied udp 24.142.122.2(4876) -> 209.73.166.146(3478), 18 packets

what does this mean??????????

Richard Burts Tue, 04/01/2008 - 05:13

In the logs that you posted there is no indication that the circuit was down.

[edit] most of the log entries are showing URLs that are allowed or that are blocked. The other entries are showing that access lists on the router are denying some packets. It looks like your access list has at least some deny lines that include the log parameter as part of the access list entry.

HTH

Rick

Actions

This Discussion