none
WSUS Downstream Server not syncronizing from Upstream Server

    Question

  • Hi ,

    We have configured WSUS Ver. 3.2.7600.226 Upstream Server in Data Center and Downstream Servers WSUS Ver. 3.2 in branch Offices.

    Downstream Severs are configured Port 80 for synchronization from Upstream Servers.

    And In firewall we have opened port 80  (2 Way), Ports 8530 and 8531 in One way ( From Upstream to Downstream sever) .

    After this Downstream severs are not able to get sync from Upstream servers.

    We have observer in Firewall logs that its blocked ( Source - Upstream Server Destination - Downstream Server )  and showing different Port numbers

    ( Destination Port - 4524, 1676, 4135, 4981, 51367, 63835, 4641 ) rather than showing Port 80.

    My question is Why Downstream servers are showing different Port numbers in Firewall logs.

    What are the ports are required for synchronization from Upstream server to Downstream servers?

    I get information that for synchronizing Port numbers 80, 8530, and SSL 8531 are required.

    mercredi 20 février 2013 03:58

Toutes les réponses

  • ( Destination Port - 4524, 1676, 4135, 4981, 51367, 63835, 4641 ) rather than showing Port 80.

    My question is Why Downstream servers are showing different Port numbers in Firewall logs.

    What are the ports are required for synchronization from Upstream server to Downstream servers?

    I get information that for synchronizing Port numbers 80, 8530, and SSL 8531 are required.

    Unless you've explicitly implemented SSL for replica server synchronizations, there is no need to open port 8531 anywhere.

    The configuration for synchronization is not based on a setting on the downstream server, but rather wherever the upstream server has been published. If you've published the upstream server on port 80, then there's no need to open port 8530.

    For the other ports.... they have nothing to do with WSUS, so I couldn't say what's generating that traffic.

    You might start by reseraching those port numbers here:

    http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    mercredi 20 février 2013 18:04
  • Hi Lawrence,

    Thanks for your reply.

    We have configured Only Port 80 in WSUS Upstream server 2008 R2 and we have 40 downstream server 2003 to sync,

    servers showing below errors when sync.

    Apart from Port 80 weather we need to be open any other ports for SQL express 2005

    we are waiting for your valuable reply.................!!!!!!!!

    Error :

    The error type is unknown.  OR An HTTP Error occurred 

    IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
    at System.Net.ConnectStream.Read(Byte[] buffer, Int32 offset, Int32 size)
       at Microsoft.UpdateServices.ServerSync.ServerSyncCompressionProxy.GetWebResponse(WebRequest webRequest)
       at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
       at Microsoft.UpdateServices.ServerSyncWebServices.ServerSync.ServerSyncProxy.GetUpdateData(Cookie cookie, UpdateIdentity[] updateIds)
       at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.WebserviceGetUpdateData(UpdateIdentity[] updateIds, List`1 allMetadata, List`1 allFileUrls, Boolean isForConfig)
       at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.GetUpdateDataInChunksAndImport(List`1 neededUpdates, List`1 allMetadata, List`1 allFileUrls, Boolean isConfigData)
       at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.SyncConfigUpdatesFromUSS()
       at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.ExecuteSyncProtocol(Boolean allowRedirect)

    Thanks & Regards

    Aravind


    • Modifié Aravind C vendredi 22 février 2013 16:16
    jeudi 21 février 2013 12:40
  • We have configured Only Port 80 in WSUS Upstream server 2008 R2 and we have 40 downstream server 2003 to sync,

    servers showing below errors when sync.

    IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

    I can't help but wonder if there's a correlation between these =40= downstream servers, and the upstream server refusing (or dropping) the connection.

    • What time of day are these downstream servers configured to synchronize?
    • How many target groups are configured on the upstream server?
    • How many updates are synchronized to the upstream server?
    • How many of those updates are approved?


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2013)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    mardi 21 mai 2013 21:37