url log without profile

L4 Transporter

The hotspot-shield application has dependencies on both the web-browsing and ssl applications.  As the session transitions between applications it could match different policies, which could in turn apply a different set of security profiles.

If the traffic flow from this particular client was legitimate web-browsing instead of hotspot-shield, which security policy would it hit?  Does that policy have URL filtering applied?

It is possible that the first few packets after the TCP handshake hit a different policy which has URL filtering enabled.  Shortly after the URL is sent by the client and is logged, the application transitions to the hotspot-shield application and it's associated security policy. 

If you can reproduce this URL log behavior on a test machine a good test would be to create a security policy for that source IP for web-browsing and ssl without any profiles enabled.  If creating that test policy stops the logs from generating for that particular client then the scenario I describe above is the likely cause and would be expected behavior.

L5 Sessionator

Can you please open a case with support and add this link as a reference .



L6 Presenter

no url filtering for any rule.Thanks.

L4 Transporter

Bug 52549 Fixed in 5.0.9 - The dataplane was generating URL logs for denied traffic even though no URL-filtering profile was configured for the applicable policies. A fix was made to generate URL logs only when URL filtering profiles are applied.

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!