cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
670
Views
0
Helpful
4
Replies

Sh log of cisco 1841 vpn modulke router

mahesh18
Level 6
Level 6

Can someone explain we what this sh log

output means

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/lock.gif', client 10.199.206.100:1326 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/search-cap.gif', client 10.199.206.100:1325 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'a248.e.akamai.net/f/248/34586/7d/www.wachovia.com/images/footer-pulsemask.jpg', client 10.199.206.100:1324 server 157.238.197.64:80

*Apr 1 07:04:44: %URLF-6-URL_ALLOWED: Access allowed for URL 'www.wachovia.com/metrics/stats.js', client 10.199.206.100:1323 server 169.200.182.21:80

*Apr 1 07:04:45: %URLF-4-URL_BLOCKED: Access denied URL 'ad.doubleclick.net/activity;src=800562;type=initi091;cat=landi727;ord=1;num=7771339589507.319?', client 10.199.206.100:1335 server 216.73.87.153:80

*Apr 1 07:04:47: %URLF-6-URL_ALLOWED: Access allowed for URL 'switch.atdmt.com/action/DRV_WachoviaHomepage', client 10.199.206.100:1337 server 12.130.60.5:80

*Apr 1 07:04:51: %URLF-4-URL_BLOCKED: Access denied URL 'ehg-wachovia.hitbox.com/HG?hc=&hb=DM530604BKCA%3BDM530603MGEW&cd=1&hv=6&n=/Wachovia+Home+Page&con=&vcon=/home&tt=none&ja=y&dt=9&zo=-180&lm=1207033168000&ce=y&ss=1024*768&sc=32&sv=13&cy=lan&hp=n&ln=en-us&vpc=090101r&vjs=HBX0141.01uc&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=&epg=n&cv=', client 10.199.206.100:1345 server 64.154.81.197:80

*Apr 1 07:05:20: %SEC-6-IPACCESSLOGP: list FW-out denied tcp 24.142.122.2(2158) -> 203.177.3.42(554), 1 packet

IB01-rt1# sh ver

4 Replies 4

andrew.burns
Level 7
Level 7

Hi,

It looks like url filtering is configured - if you want to stop seeing these messages in the log you can disable with no ip urlfilter audit-trail.

Not sure if that answers your question though.

HTH

Andrew.

Thanks for Reply andrew.

Basically i want to know if logs show that

circuit was down or not ??

Also can soneone explaine me

%SEC-6-IPACCESSLOGP: list FW-out denied udp 24.142.122.2(4875) -> 209.73.166.146(3478), 9 packets

*Apr 1 12:13:20: %SEC-6-IPACCESSLOGP: list FW-out denied udp 24.142.122.2(4876) -> 209.73.166.146(3478), 18 packets

what does this mean??????????

In the logs that you posted there is no indication that the circuit was down.

[edit] most of the log entries are showing URLs that are allowed or that are blocked. The other entries are showing that access lists on the router are denying some packets. It looks like your access list has at least some deny lines that include the log parameter as part of the access list entry.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: