Avatar of carob65
carob65
 asked on

Windows Updates over VPN

Unable to update Win8.1 devices over VPN - devices appear in SCCM, so are SEEN by SCCM/WSUS.

Extract of windowsupdate.log from client device:

2015-07-21      11:07:27:931       420      10a0      Agent        * Include potentially superseded updates
2015-07-21      11:07:27:931       420      10a0      Agent        * Online = Yes; Ignore download priority = Yes
2015-07-21      11:07:27:931       420      10a0      Agent        * Criteria = "(DeploymentAction=* AND Type='Software') OR (DeploymentAction=* AND Type='Driver')"
2015-07-21      11:07:27:931       420      10a0      Agent        * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed
2015-07-21      11:07:27:931       420      10a0      Agent        * Search Scope = {Machine}
2015-07-21      11:07:27:931       420      10a0      Agent        * Caller SID for Applicability: S-1-5-18
2015-07-21      11:07:27:931       420      10a0      Agent        * RegisterService is set
2015-07-21      11:07:27:931       420      10a0      EP      Got WSUS Client/Server URL: "http://servername.local:8530/ClientWebService/client.asmx"
2015-07-21      11:07:28:431       420      10a0      PT      +++++++++++  PT: Synchronizing server updates  +++++++++++
2015-07-21      11:07:28:431       420      10a0      PT        + ServiceId = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}, Server URL = http://servername.local:8530/ClientWebService/client.asmx
2015-07-21      11:07:28:431       420      10a0      PT      WARNING: Cached cookie has expired or new PID is available
2015-07-21      11:07:28:431       420      10a0      EP      Got WSUS SimpleTargeting URL: "http://servername.local:8530"
2015-07-21      11:07:28:431       420      10a0      IdleTmr      WU operation (CAuthorizationCookieWrapper::InitializeSimpleTargetingCookie) started; operation # 6; does use network; is at background priority
2015-07-21      11:07:28:431       420      10a0      PT      Initializing simple targeting cookie, clientId = 033c840a-86a4-43e4-95f1-ce649aed8dfc, target group = , DNS name = device.domain.local
2015-07-21      11:07:28:431       420      10a0      PT        Server URL = http://servername.local:8530/SimpleAuthWebService/SimpleAuth.asmx
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: Nws Failure: errorCode=0x803d0006
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: Original error code: 0x80072ee2
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: Error string with resource id '0x81' is not found for the language id '0x809'.
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: Could not get error string (errorCode=0x80073b01)
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: MapToSusHResult mapped Nws error 0x803d0006 to 0x8024401c
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: Web service call failed with hr = 8024401c.
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: Current service auth scheme='None'.
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: Proxy List used: '(null)', Bypass List used: '(null)', Last Proxy used: '(null)', Last auth Schemes used: 'None'.
2015-07-21      11:07:49:478       420      10a0      WS      FATAL: OnCallFailure failed with hr=0X8024401C
2015-07-21      11:07:49:478       420      10a0      WS      WARNING: NWS retry 1 for transient error 0x8024401C
2015-07-21      11:08:12:514       420      10a0      WS      WARNING: Nws Failure: errorCode=0x803d0006
2015-07-21      11:08:12:514       420      10a0      WS      WARNING: Original error code: 0x80072ee2
2015-07-21      11:08:12:514       420      10a0      WS      WARNING: Could not get error string (errorCode=0x80073b01)
2015-07-21      11:08:12:514       420      10a0      WS      WARNING: MapToSusHResult mapped Nws error 0x803d0006 to 0x8024401c
2015-07-21      11:08:12:514       420      10a0      WS      WARNING: Web service call failed with hr = 8024401c.
2015-07-21      11:08:12:514       420      10a0      WS      WARNING: Current service auth scheme='None'.
2015-07-21      11:08:12:514       420      10a0      WS      WARNING: Proxy List used: '(null)', Bypass List used: '(null)', Last Proxy used: '(null)', Last auth Schemes used: 'None'.
2015-07-21      11:08:12:514       420      10a0      WS      FATAL: OnCallFailure failed with hr=0X8024401C
2015-07-21      11:08:12:514       420      10a0      WS      WARNING: NWS retry 2 for transient error 0x8024401C
2015-07-21      11:08:35:545       420      10a0      WS      WARNING: Nws Failure: errorCode=0x803d0006
2015-07-21      11:08:35:545       420      10a0      WS      WARNING: Original error code: 0x80072ee2
2015-07-21      11:08:35:545       420      10a0      WS      WARNING: Could not get error string (errorCode=0x80073b01)
2015-07-21      11:08:35:545       420      10a0      WS      WARNING: MapToSusHResult mapped Nws error 0x803d0006 to 0x8024401c
2015-07-21      11:08:35:545       420      10a0      WS      WARNING: Web service call failed with hr = 8024401c.
2015-07-21      11:08:35:545       420      10a0      WS      WARNING: Current service auth scheme='None'.
2015-07-21      11:08:35:545       420      10a0      WS      WARNING: Proxy List used: '(null)', Bypass List used: '(null)', Last Proxy used: '(null)', Last auth Schemes used: 'None'.

Feels like a proxy/firewall issue, but could od with some Expert guidance please?
Windows 8Windows Server 2012Microsoft Server OSMicrosoft Applications

Avatar of undefined
Last Comment
carob65

8/22/2022 - Mon
Kimputer

Client probably can't resolve this link: http://servername.local:8530/ClientWebService/client.asmx
You should tell the VPN profile to use the DNS server from the domain instead of the DNS server of where the client is at that time.

You can tell by pinging servername.local when the VPN is connected. Until it replies back, you didn't solve your DNS problems yet.
ASKER CERTIFIED SOLUTION
carob65

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
carob65

ASKER
Thank you for your response. This was a Firewall port issue and not DNS.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy