Consider a client workstation that it is using a WSUS Server that is located in the DMZ behind Forefront TMG. This WSUS Server is not a domain member. There is a group policy specifying the WSUS Server name as shown below:
When the client workstation is running Windows Update it receives an error 0x8024402c, which appears in the Windows Update log (check KB902093 for default location) as shown below:
During the course of troubleshooting of this issue the following items were validated:
To better understand what it was happening the following steps were done on the client workstation:
On the netmon capture it was possible to see that the answer from the DNS Server came in correctly as shown below:
At this point we know that name resolution works fine and that the client is able to talk to the DNS Server. To isolate potential name resolution issue we tried to ping to SRVWSUS using the IP address and got the result below:
This indicates that the local machine didn’t know what to do with that request.
The client workstation was missing the IP address of the default gateway. Once we added the default gateway the client workstation was able to obtain updates.