Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1886
  • Last Modified:

0x80072F78 Error using Windows Update

I've spent the whole day on this - and finally narrowed it down to a bizarre behaviour that I don't understand - need help!

I've got a mix of 35 W2K and WinXP PCs on a network - all connected to a common gateway (We're on a domain, but internet traffic doesn't route through the servers).

Whenever I attempt to download and install any updates (on any PC) the browser takes me to the windows update site and tries to check for an update to the windows update software - after about 4 minutes it times out with error 0x80072F78.

Checking the WindowsUpdate.log file I see that the system is trying to download a file called from (1st) and then (2) - on both occasions this fails.

Here's where it gets interesting - if I attempt to browse to on any of these PCs it tries for 30 seconds or so, and then comes back with a message saying that it can't connect - however, if I try to connect to any other site (eg it connects just fine.

It gets better ...

One of the computers has a modem and a dial up account with another ISP - if I connect to the internet via that it connects to the download sites just fine (redirecting me to their downloads website) - and if I check the Windows Update with DUN running it works just fine - kill the dialup and it won't update again.

I've tried connecting to the site via another ISP and from another site - and that works OK too.

So - it looks like either a Router (Cisco 800 series) or ISP (Telstra Clear) problem - I get on the phone to the ISP - they login to a router of theirs using our username and password - and they can browse to the site no problem - which tends to point the finger back at our Cisco ADSL router (perhaps).

Food for thought ...

Updates have always worked just fine through this router - and it hasn't had any configuration changes in the last couple of years - plus - it happily connects up to any other site in the world, so why would this one be any different?

Additionally, I've ...

Searched the Microsoft KB (no, we're not behind a firewall; no, we're not using a proxy server) - and done the usual (restarted everything a few times - started and stopped services - emptied temp files etc etc etc).

ANY IDEAS ANYONE? - Issue is 100% repeatable - occuring on IE6 and 7 - on WinXP and 2K - on workstation, and server - I'm starting to get a little thin on ideas.

PS: We can PING - just not connect to it.
  • 4
  • 4
1 Solution
Rob WilliamsCommented:
Since you have narrowed it down to the router, two thoughts: - Might port 443 be blocked, and have you tried lowering the MTU on the router? Both of these have been known to be related to Windows Updates, and 443 would not be blocked on the DUN, and MTU would be much lower.
The_MaverickAuthor Commented:
Hi Rob,

Thanks for that.

I did come across these suggestions - and did infact spend quite some time looking at the router setup.

I didn't give too much weight to the possibility of port 443 being blocked as (a) the firewall on the router is currently disabled, and (b) the updates have always worked in the past. It's a Cisco 800 series router (ADSL) and to be honest I do struggle with it a bit. Do you know of a way I could test port 443?

With regards to the MTU size - I had a good look for something in the router setup that pertained to this, but couldn't find anything - any ideas? Could it be something that needs to be changed in the client PC? (or both?).

Many thanks,

Rob WilliamsCommented:
I agree it is not likely the port problem. That should be open by default and would have to been intentionally blocked...unlikly. Try going to a secured bank site, if that works it's not likely 443/ssh/ssl

The MTU can be set on the router. I'm not a "Cisco guy" and the commands vary with different units. you could post a link or question in the Cisco forum for specifics.

You can also set on the PC, though I wouldn't think that would be necessary, but easy to do on a test machine. You can create/change a registry key but the easiest way is using the DrTCP tool. The default is 1500. Try lowering to 1400 or even 1300 as a test.

Is it possible to swap the router as a quick test?
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

The_MaverickAuthor Commented:
Thanks Rob,

I had a play with the router and have now got the MTU set at 1492 and MSS set to 1452 - but still no go (since I merged it with the running configuration I'm assuming that I don't need to restart the router).

Next step is probably to (as you suggest) swap-out the router (not too difficult). The other possibility is that the ISP is doing something screwy? (The DUN ws with another ISP).

Thanks for your help so far :)
Rob WilliamsCommented:
Sorry, I really haven't been much help.

Not to a lot the ISP would likely do to cause problems, but it's possible changes on their end could require lowering the MTU, which is why I was suggesting it.

Swapping the router should at least confirm if it's the ISP or the router.
The_MaverickAuthor Commented:
Thanks Rob - At this stage it's "narrowed down" to the ISP. As predicted the ISP says "all looks good from their end" - and a few days later it started working again. Only thought from ISP was that our IP address might have been being blocked somewhere along the way. Thanks again for your help - if nothing else it's reassuring to have a sounding board to re-affirm to myself that I'm not going insane! Cheers,

The_MaverickAuthor Commented:
Folks, this one was a real nightmare. If you ever get this error code, try a couple of things:

(1) Take a look at the windowsupdate.log file to see how far it's getting, and (2) Try browsing to - if you can't connect to the website then that's a good place to start - if that website re-directs you to the Microsoft Downloads Centre then that's not your problem. If in doubt, try another ISP if you can. At the end of the day I suspect the issue was caused either by:

* an ISP DNS issue (we did see that resolved to two completely different IP addresses through different ISPs) (and even with the SAME ISP)

* an ISP Routing issue (even though we could ping the address, it soesn't mean to say it was the correct target machine), or

* A silent proxy sitting somewhere between us and them (definately not on my side of the gateway, but ISP was somewhat vague about it).

Good luck!
Rob WilliamsCommented:
Thanks The_Maverick  for points, and posting your findings.
Cheers !
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now