cancel
Showing results for 
Search instead for 
Did you mean: 

Problem with automatic windows update

Hello,

I have a problem with automatic download updates or automatic download updates on Windows Server 08,10 or 12. Windows Server returns still Warning log: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Thank you for your help

4 Replies
ckohl
Level 7
Report Inappropriate Content
Message 2 of 5

Re: Problem with automatic windows update

Hello,

does the request reach the MWG?

If not try to define a proxy for the system account.

CMD:
netsh winhttp set proxy <proxy : port>
or
netsh winhttp import proxy source=IE

If this is done, it could be possible that you need to use an authentication bypass for these systems.

Highlighted

Re: Problem with automatic windows update

Hi,

in addition to christians comment:
Windows Updates should be completly whitelisted on the web gateway. There is a McAfee Supplied List that you can use; just search for "Windows Update Hosts" in the supplied lists section.

If those updates are going through the web gateway and the whitelist matches (you can verify this with the rule tracing) I would recommend to create a tcpdump on the client as well as on the web gateway to see what exactly is happening with the connection.

Best
Steffen

Re: Problem with automatic windows update

Hi,

Thank you for your help.

I try define a proxy and create windows updates whitelist with McAfee Supplied List witch are on the top of "Rules" hierarchy. But still It doesn't work. I hope that tcpdump on the client and web gateway gives me the right way to solve this mystery .

 

Maros

ckohl
Level 7
Report Inappropriate Content
Message 5 of 5

Re: Problem with automatic windows update

Hello Maros,

in the past I had a related problem, in this case the CRC value didn't match.
I would test a bypass using "Client.IP equals <IP>"** - Stop Cycle, if this still not work I also would also add the "Enable HTTP Tunnel" Event.

@snoehler what do you think?

Best regards

Christian

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community