locked
Loss of WSUS console connectivity. RRS feed

  • Question

  • Back from holidays today and I'm banging my head against the wall. I have lost connection to the WSUS 3.0 sp2 (6.3.9600.17477) console on a windows 2012 R2 server using port 8530. It's been setup correctly and it was running perfectly fine last week and something must have been changed by someone but I have spent most of today troubleshooting without any success.

    The WSUS administration console was unable to connect to the WSUS Server via the remote API.

    Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

    The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists,

    Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\.


    System.IO.IOException -- The handshake failed due to an unexpected packet format.

    Source
    System

    Stack Trace:
       at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
       at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
       at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
       at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
       at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
       at System.Net.ConnectStream.WriteHeaders(Boolean async)
    ** this exception was nested inside of the following exception **


    System.Net.WebException -- The underlying connection was closed: An unexpected error occurred on a send.

    Source
    Microsoft.UpdateServices.Administration

    Stack Trace:
       at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)
       at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.GetUpdateServer(PersistedServerSettings settings)
       at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServer()
       at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.get_ServerTools()

       PS C:\Windows\system32>  Get-EventLog -LogName application -EntryType Error -Source "*update*" -after ([datetime]'11/07/2016 4:00:00 pm')

       Index Time          EntryType   Source                 InstanceID Message
       ----- ----          ---------   ------                 ---------- -------
       14998 Nov 07 16:07  Error       Windows Server Up...         7053 The WSUS administration console has encountered an unexpected error...
       14996 Nov 07 16:07  Error       Windows Server Up...         7053 The WSUS administration console has encountered an unexpected error...
       14988 Nov 07 16:06  Error       Windows Server Up...        12072 The WSUS content directory is not accessible....
       14987 Nov 07 16:06  Error       Windows Server Up...        12052 The DSS Authentication Web Service is not working.
       14986 Nov 07 16:06  Error       Windows Server Up...        12042 The SimpleAuth Web Service is not working.
       14985 Nov 07 16:06  Error       Windows Server Up...        12022 The Client Web Service is not working.
       14984 Nov 07 16:06  Error       Windows Server Up...        12032 The Server Synchronization Web Service is not working.
       14983 Nov 07 16:06  Error       Windows Server Up...        12012 The API Remoting Web Service is not working.
       14982 Nov 07 16:06  Error       Windows Server Up...        12002 The Reporting Web Service is not working.
       14981 Nov 07 16:06  Error       Windows Server Up...        13042 Self-update is not working.

    I already tried to restart WSUS and IIS services, iisreset but nothing changed.

    I'm not sure how to troubleshoot with IIS so I'd need your assistance.

    Monday, November 7, 2016 4:50 PM

Answers

  • Hi Gqma,

    Then what about using IP address directly?

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Thursday, November 10, 2016 9:38 AM

All replies

  • Hi Gqma,

    Check if the server installed new update during your holiday. Check if the server 2012R2 installed KB3159706, if yes, then we need to do manual steps to finish the installation:

    https://support.microsoft.com/en-us/kb/3159706

    You may also use WSUS log file in C:\program files\update services\logfiles to check changes.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Tuesday, November 8, 2016 2:23 AM
  • Console access sorted out.  I already had KB3159706 in place. The hostname and Site ID were changed for the FQDN in IIS port binding.

    Now I have another issue where all the clients (Win10 and 2012R2) are checking for updates forever. I'll check the windowsupdate.log now.

    Tuesday, November 8, 2016 10:48 AM
  • Partially resolved.

    The clients point to the the WSUS server using the FQDN on port 8530

    when changing the hostname from FQDN to hostname, none of the clients could update.

    When I checked DNS, WSUS is setup as a host (A) record. Shouldn't it be an alias ? Or do I use http redirection ??

    GPO for Windows update points to the FQDN.

    Tuesday, November 8, 2016 12:05 PM
  • Hi Gqma,

    Then what about using IP address directly?

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Thursday, November 10, 2016 9:38 AM