Solved

Ports to Open on SBS 2011 for Windows/7 Updates

Posted on 2013-11-01
8
933 Views
Last Modified: 2013-11-01
hi -

Does anyone know which specific ports have to be opened on the server to allow Window/7 updates to run.   I have a new SBS 2011 installation and Window/7 64 Bit client attached to it.  When I tried to run updates they failed with error code 80072ee2.  I ran the FixIT (which didn't fix it), added the Microsoft update websites to the "trusted" sites, which didn't help either.  Then I dropped the firewall on the server temporarily (only for the local) and the updates came right in without a problem.  For some reason the Firewall doesn't open ports automatically when applications are installed.  I had to manually add Exchange and TrendMicro rules.

Any help would be appreciated.

Thanks
Rich
0
Comment
Question by:webentpr
  • 4
  • 2
  • 2
8 Comments
 
LVL 37

Expert Comment

by:Neil Russell
Comment Utility
With an SBS2011 server install you should have WSUS running on the server and ALL Your clients should get the updates from the SBS server itself.

Read here.. http://technet.microsoft.com/en-us/library/dd939915(v=ws.10).aspx
0
 

Author Comment

by:webentpr
Comment Utility
Thanks -

The server is setup for WSUS (whichi is why the daily log identified this as a problem for this workstation) but it is a new workstation and it takes a lot of updates.  

As long as the firewall is down I can manually apply the updates.  Sooner or later I am sure WSUS will catch up.  In the meantime i want the workstation up to date.

thanks
0
 
LVL 37

Expert Comment

by:Neil Russell
Comment Utility
IF WSUS is correctly configured then you dont need to wait for anything to catchup.  I "Fudge" is never the correct answer. It is always better to address the real problem rather than fix a symptom.
0
 

Author Comment

by:webentpr
Comment Utility
Great - thanks for your insight
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
I know a LOT of people like trend BUT in my experience, they've caused MANY problems with connectivity.  I have solved multiple issues of connectivity by uninstalling Trend at client's locations.

Separately, have you run the wizards to setup the SBS server - they should open the necessary fire wall ports or if they can't, tell you which ones (there's only 4 or so if I remember correctly)
0
 

Author Comment

by:webentpr
Comment Utility
Thanks - i did run the wizard - but for some reason the firewall rules were not updated.  I've finished updating the the workstation (which, along with the server and a second workstation here) will be installed at the client's tomorrow morning.  

i didn't want the daily log to show the outstanding updates messsage on this workstation - which was installed just yesterday.

in any case I am good right now but I would love to know which rule has to be setup on the Firewall to allow for the updates.
0
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 200 total points
Comment Utility
Rerun the wizard - or run the Fix My Network Wizard.  If it cannot update the firewall (UPNP must be enabled for it to do it itself - once done, DISABLE UPNP as it's a potentially HUGE security issue.  

Internally, the Windows firewall should not apply - I've done dozens of SBS setups and never (to my memory) had to modify the SBS firewall for internal access.  REMOVE TREND to test if that's the problem - if you remove it and you still have issues, then put it back and look elsewhere... but it's been often a problem for me so until you do, I'd favor that as the cause.

External ports required.
http://www.sbsfaq.com/?p=2559
0
 

Author Closing Comment

by:webentpr
Comment Utility
Nice call on the Fix my network.  It worked.  Thanks
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

I recently purchased an HP EliteBook 2540p notebook/laptop. It has two video ports on it – VGA and DisplayPort. HP offers an optional docking station for the 2540p that also has both a VGA port and a DisplayPort. There are numerous online reports do…
OfficeMate Freezes on login or does not load after login credentials are input.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now