none
wsus and other servers in DMZ (workgroup) need to communicate

    Question

  • Hi,
    I have WSUS 3.2.7600.266 and about 4 servers (Windows 2008 R2) in the DMZ in a Workgroup. 
    Does anyone know how I can configure the systems so the Windows servers will pull updates from the WSUS server in the DMZ?

    I hae tried this ->http://community.spiceworks.com/how_to/show/2267-deploy-wsus-to-clients-without-ad-domain-gp-using-the-registry 

    I tried the script and it failed, it is for Windows Registry Editor Version 5.00. I need to apply it to a Win 2008R2 server w/ ver 6.1 registry editor. 

    Anyone suggestions?

    Thanks!


    Wave~Chaser

    mercredi 30 janvier 2013 00:50

Réponses

  • Hmmm... the SpiceWorks "How-To" could use a couple of improvements, but it's functionally accurate as to configuring a machine via the registry; however, the more reliable method is to use Local Policy on the machine and configure using the instructions in Configure Automatic Updates using Group Policy.

    As for the registry editor header....  export something from the registry, create a shell REG file, and paste the other settings in. I'm not even sure the header line matters, actually.

    Because your machines are in the DMZ, you'll likely need to open a firewall rule from the DMZ to the Internal network so those machines can find the WSUS Server.

    Also, make sure the DNS resolvers in the DMZ can resolve the WSUS hostname to the correct IP address.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.


    vendredi 1 février 2013 23:48
    Modérateur