Solved: Windows Clients not connecting to WSUS server.

Create Account

Windows OS

Questions

Followers

Top Experts

Phillip Smith🇺🇸

Windows Clients not connecting to WSUS server.

I have a fresh install of WSUS on a fresh install of Windows Server 2012R2. I have edited group policy to have our desktops use our internal WSUS server for updates. The only client showing in the WSUS console is the WSUS server itself. I tried reinstalling WSUS on Windows Server 2016 and I get identical behavior. I ran the Solarwinds Diagnostic Tool for the WSUS and the first two sections are fine. The last section, WSUS Server Connectivity, fails with "Cannot Connect - caused by a network infrastructure fault making the Windows Update unavailable ..."

Any assistance would be appreciated.

Zero AI Policy

We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.

ITguy565🇺🇸

Check that port 8530 is not firewalled on your WSUS server as well as make sure you can telnet to it from a workstation on your LAN. It is quite possibly a windows firewall issue. in addition to this you can see what port you are utilizing from your Windows Server Update Services mmc panel Click on your WSUS server container under Update Services and look at Connection settings.

If you are still having issues make sure that the port is listening on your server. netstat -ano from your command line

ITguy565🇺🇸

in addition to the information above, if you are not familiar with WSUS and the optimizations you soon will need the following:

WSUS base install will be extremely unreliable without the proper optimizations :

https://mivilisnet.wordpress.com/2017/09/28/increase-memory-for-a-stable-wsus-work/

Phillip Smith🇺🇸

ASKER

I disabled the Firewall, same problem. I get no response if I telnet to WSUS port 8530.

This is what I see with netstat:

EARN REWARDS FOR ASKING, ANSWERING, AND MORE.

Earn free swag for participating on the platform.

Phillip Smith🇺🇸

ASKER

I also see the following with netstat.
Netstat2.PNG

Phillip Smith🇺🇸

ASKER

If I try to navigate to http://wsus:8530/Selfupdate/iuident.cab , I do not get any response. So, I am assuming that the problem is with the WSUS server ?

Seth Simmons🇺🇸

is there a hardware firewall in between?
can you access that URL on the wsus server itself?
anything in the application log?

Get a FREE t-shirt when you ask your first question.

We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.

Phillip Smith🇺🇸

ASKER

There is no hardware firewall. The URL does work on the WSUS server. I don't see anything obvious in the application log.

Phillip Smith🇺🇸

ASKER

Update: It looks like I can get to port 8530 on the WSUS server from itself and from the HYPER-V host on which WSUS is running. No other clients/servers can access this port. I cannot see what is blocking this port.

ITguy565🇺🇸

@philsh,

Sounds like you need to create a firewall Rule to allow access to that port for your LAN workstations.

EARN REWARDS FOR ASKING, ANSWERING, AND MORE.

Earn free swag for participating on the platform.

ITguy565🇺🇸

Try running this on your WSUS server in an admin PowerShell window:

New-NetFirewallRule -DisplayName "Allow Wsus Traffic Port 8530 Out" -Direction Outbound -LocalPort 8530 -Protocol TCP -Action Allow
New-NetFirewallRule -DisplayName "Allow Wsus Traffic Port 8530 IN" -Direction Inbound -LocalPort 8530 -Protocol TCP -Action Allow

Open in new window

ITguy565🇺🇸

After you create those rules attempt to telnet to port 8530 from one of your clients to the WSUS server.

Phillip Smith🇺🇸

ASKER

I had already created those rules and it did not work. Thanks.

Get a FREE t-shirt when you ask your first question.

We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.

ASKER CERTIFIED SOLUTION

Phillip Smith🇺🇸

ASKER

membership

Signing up is free and takes 30 seconds. No credit card required.

Create Account

Windows OS

Questions

Followers

Top Experts

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.