Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

0x80072F78 Error using Windows Update

Posted on 2007-12-06
8
Medium Priority
?
1,870 Views
Last Modified: 2012-06-21
I've spent the whole day on this - and finally narrowed it down to a bizarre behaviour that I don't understand - need help!

I've got a mix of 35 W2K and WinXP PCs on a network - all connected to a common gateway (We're on a domain, but internet traffic doesn't route through the servers).

Whenever I attempt to download and install any updates (on any PC) the browser takes me to the windows update site and tries to check for an update to the windows update software - after about 4 minutes it times out with error 0x80072F78.

Checking the WindowsUpdate.log file I see that the system is trying to download a file called wuredir.cab from (1st) download.windowsupdate.com and then (2) download.microsoft.com - on both occasions this fails.

Here's where it gets interesting - if I attempt to browse to http://download.microsoft.com on any of these PCs it tries for 30 seconds or so, and then comes back with a message saying that it can't connect - however, if I try to connect to any other site (eg www.microsoft.com) it connects just fine.

It gets better ...

One of the computers has a modem and a dial up account with another ISP - if I connect to the internet via that it connects to the download sites just fine (redirecting me to their downloads website) - and if I check the Windows Update with DUN running it works just fine - kill the dialup and it won't update again.

I've tried connecting to the site via another ISP and from another site - and that works OK too.

So - it looks like either a Router (Cisco 800 series) or ISP (Telstra Clear) problem - I get on the phone to the ISP - they login to a router of theirs using our username and password - and they can browse to the site no problem - which tends to point the finger back at our Cisco ADSL router (perhaps).

Food for thought ...

Updates have always worked just fine through this router - and it hasn't had any configuration changes in the last couple of years - plus - it happily connects up to any other site in the world, so why would this one be any different?

Additionally, I've ...

Searched the Microsoft KB (no, we're not behind a firewall; no, we're not using a proxy server) - and done the usual (restarted everything a few times - started and stopped services - emptied temp files etc etc etc).

ANY IDEAS ANYONE? - Issue is 100% repeatable - occuring on IE6 and 7 - on WinXP and 2K - on workstation, and server - I'm starting to get a little thin on ideas.

PS: We can PING download.microsoft.com - just not connect to it.
0
Comment
Question by:The_Maverick
  • 4
  • 4
8 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 20427991
Since you have narrowed it down to the router, two thoughts: - Might port 443 be blocked, and have you tried lowering the MTU on the router? Both of these have been known to be related to Windows Updates, and 443 would not be blocked on the DUN, and MTU would be much lower.
0
 
LVL 2

Author Comment

by:The_Maverick
ID: 20430588
Hi Rob,

Thanks for that.

I did come across these suggestions - and did infact spend quite some time looking at the router setup.

I didn't give too much weight to the possibility of port 443 being blocked as (a) the firewall on the router is currently disabled, and (b) the updates have always worked in the past. It's a Cisco 800 series router (ADSL) and to be honest I do struggle with it a bit. Do you know of a way I could test port 443?

With regards to the MTU size - I had a good look for something in the router setup that pertained to this, but couldn't find anything - any ideas? Could it be something that needs to be changed in the client PC? (or both?).

Many thanks,

Colin
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 20431633
I agree it is not likely the port problem. That should be open by default and would have to been intentionally blocked...unlikly. Try going to a secured bank site, if that works it's not likely 443/ssh/ssl

The MTU can be set on the router. I'm not a "Cisco guy" and the commands vary with different units. you could post a link or question in the Cisco forum for specifics.
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/

You can also set on the PC, though I wouldn't think that would be necessary, but easy to do on a test machine. You can create/change a registry key but the easiest way is using the DrTCP tool. The default is 1500. Try lowering to 1400 or even 1300 as a test.
http://www.dslreports.com/drtcp

Is it possible to swap the router as a quick test?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 2

Author Comment

by:The_Maverick
ID: 20431811
Thanks Rob,

I had a play with the router and have now got the MTU set at 1492 and MSS set to 1452 - but still no go (since I merged it with the running configuration I'm assuming that I don't need to restart the router).

Next step is probably to (as you suggest) swap-out the router (not too difficult). The other possibility is that the ISP is doing something screwy? (The DUN ws with another ISP).

Thanks for your help so far :)
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 2000 total points
ID: 20431884
Sorry, I really haven't been much help.

Not to a lot the ISP would likely do to cause problems, but it's possible changes on their end could require lowering the MTU, which is why I was suggesting it.

Swapping the router should at least confirm if it's the ISP or the router.
0
 
LVL 2

Author Closing Comment

by:The_Maverick
ID: 31415975
Thanks Rob - At this stage it's "narrowed down" to the ISP. As predicted the ISP says "all looks good from their end" - and a few days later it started working again. Only thought from ISP was that our IP address might have been being blocked somewhere along the way. Thanks again for your help - if nothing else it's reassuring to have a sounding board to re-affirm to myself that I'm not going insane! Cheers,

Colin
0
 
LVL 2

Author Comment

by:The_Maverick
ID: 20497536
Folks, this one was a real nightmare. If you ever get this error code, try a couple of things:

(1) Take a look at the windowsupdate.log file to see how far it's getting, and (2) Try browsing to download.microsoft.com - if you can't connect to the website then that's a good place to start - if that website re-directs you to the Microsoft Downloads Centre then that's not your problem. If in doubt, try another ISP if you can. At the end of the day I suspect the issue was caused either by:

* an ISP DNS issue (we did see that download.microsoft.com resolved to two completely different IP addresses through different ISPs) (and even with the SAME ISP)

* an ISP Routing issue (even though we could ping the address, it soesn't mean to say it was the correct target machine), or

* A silent proxy sitting somewhere between us and them (definately not on my side of the gateway, but ISP was somewhat vague about it).

Good luck!
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 20497552
Thanks The_Maverick  for points, and posting your findings.
Cheers !
--Rob
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question