Sh log of cisco 1841 vpn modulke router

Unanswered Question
Apr 1st, 2008
User Badges:

Can someone explain we what this sh log

output means

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/lock.gif', client 10.199.206.100:1326 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/search-cap.gif', client 10.199.206.100:1325 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/footer-pulsemask.jpg', client 10.199.206.100:1324 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'www.wachovia.com/metrics/stats.js', client 10.199.206.100:1323 server 169.200.182.21:80

*Apr 1 07:04:45: %URLF-4-URL_BLOCKED: Access denied URL 'ad.doubleclick.net/activity;src=800562;type=initi091;cat=landi727;ord=1;num=7771339589507.319?', client 10.199.206.100:1335 server 216.73.87.153:80

*Apr 1 07:04:47: %URLF-6-URL_ALLOWED: Access allowed for URL 'switch.atdmt.com/action/DRV_WachoviaHomepage', client 10.199.206.100:1337 server 12.130.60.5:80

*Apr 1 07:04:51: %URLF-4-URL_BLOCKED: Access denied URL 'ehg-wachovia.hitbox.com/HG?hc=&hb=DM530604BKCA%3BDM530603MGEW&cd=1&hv=6&n=/Wachovia+Home+Page&con=&vcon=/home&tt=none&ja=y&dt=9&zo=-180&lm=1207033168000&ce=y&ss=1024*768&sc=32&sv=13&cy=lan&hp=n&ln=en-us&vpc=090101r&vjs=HBX0141.01uc&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=&epg=n&cv=', client 10.199.206.100:1345 server 64.154.81.197:80

*Apr 1 07:05:20: %SEC-6-IPACCESSLOGP: list FW-out denied tcp 24.142.122.2(2158) -> 203.177.3.42(554), 1 packet

IB01-rt1# sh ver


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
andrew.burns Tue, 04/01/2008 - 00:48
User Badges:
  • Gold, 750 points or more

Hi,


It looks like url filtering is configured - if you want to stop seeing these messages in the log you can disable with no ip urlfilter audit-trail.


Not sure if that answers your question though.


HTH

Andrew.


mahesh18 Tue, 04/01/2008 - 04:57
User Badges:

Thanks for Reply andrew.

Basically i want to know if logs show that

circuit was down or not ??


mahesh18 Tue, 04/01/2008 - 05:12
User Badges:

Also can soneone explaine me

%SEC-6-IPACCESSLOGP: list FW-out denied udp 24.142.122.2(4875) -> 209.73.166.146(3478), 9 packets

*Apr 1 12:13:20: %SEC-6-IPACCESSLOGP: list FW-out denied udp 24.142.122.2(4876) -> 209.73.166.146(3478), 18 packets


what does this mean??????????

Richard Burts Tue, 04/01/2008 - 05:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

In the logs that you posted there is no indication that the circuit was down.


[edit] most of the log entries are showing URLs that are allowed or that are blocked. The other entries are showing that access lists on the router are denying some packets. It looks like your access list has at least some deny lines that include the log parameter as part of the access list entry.


HTH


Rick

Actions

This Discussion