locked
WSUS Synchronization Failed RRS feed

  • Question

  • Hi,

    Pls. help to resolve the issue. issue description is :

    We are running WSUS server on Windows Server 2012 R2 Hyper-V machine. there was full internet access on that machine so patches was getting synchronized without any issue. there was a security policy change due to which internet access access has been revoked from all machine so wsus was also in that list. There is a Corporate Firewall in between these servers & internet. now getting the updates synchronization (getting sync failed) with WSUS we have given the URLs which need to be white listed on firewall.

    http://*.windowsupdate.com

    even after white listing these URLs on firewall, I am still not able to successfully sync my wsus server & not able to download the patches. is there any other URL or something else we need to do at our firewall level. wsus is only getting sync as soon as the full internet access is given. I need to followup with our Firewall/Network Security Team since they sits different location so any help in this regard will be much helpful for us.

    synchronization error details sys : 

    WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.
    at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
       at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
       at Microsoft.UpdateServices.ServerSync.ServerSyncCompressionProxy.GetWebResponse(WebRequest webRequest)
       at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
       at Microsoft.UpdateServices.ServerSyncWebServices.ServerSync.ServerSyncProxy.GetAuthConfig()
       at Microsoft.UpdateServices.ServerSync.ServerSyncLib.InternetGetServerAuthConfig(ServerSyncProxy proxy, WebServiceCommunicationHelper webServiceHelper)
       at Microsoft.UpdateServices.ServerSync.ServerSyncLib.Authenticate(AuthorizationManager authorizationManager, Boolean checkExpiration, ServerSyncProxy proxy, Cookie cookie, WebServiceCommunicationHelper webServiceHelper)
       at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.SyncConfigUpdatesFromUSS()
       at Microsoft.UpdateServices.Serve

    Please advise.

    Thanks


    Tuesday, April 25, 2017 4:39 AM

All replies

  • Hi Devendra Singh Rawat,

    1. I checked the URLs listed in your post and they are the required URLs for the communication between the WSUS server and Microsoft Update, theoretically, the firewall settings are enough;

    2. Please check the WSUS event log in Event Viewer, check if there is error 364, if yes, please check the detailed log to learn the reason why the sync or download is failed;

    3. We may also check the log of the firewall, check if the firewall blocks related windows update packets;

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, April 27, 2017 8:41 AM
  • Hi Devendra Singh Rawat,

    Just to check if the above reply could be of help? If yes, you may mark useful reply as answer, if not, welcome to feedback.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, May 3, 2017 6:36 AM