Support Center > Search Results > SecureKnowledge Details
URL Filtering does not log some HTTP/HTTPS connections accepted by Firewall blade
Symptoms
  • Although URL Filtering blade is enabled and HTTP/HTTPS connections are accepted by the Firewall blade, SmartLog shows only few URLF records which are much less than firewall records for the same traffic.

  • Output of fwaccel stats -s command shows more F2Fed pkts than PXL pkts.

  • fw monitor shows TCP SYN packets passing through the Security gateway however there is no response (SYN/ACK) from Web servers.
Cause

There is an external Security gateway blocking Internet connections from some internal hosts even though the internal gateway accepts them. 

The SYN packet is allowed by the Firewall blade and a firewall log is shown in SmartLog, however the security gateway does not get to see any L7 HTTP/HTTPS information since the TCP connection was never established, therefore no URL Filtering logs are seen for these connections in SmartLog.


Solution
Note: To view this solution you need to Sign In .