Re: RE: [pfSense Support] Microsoft updates through pfSense

2011-02-23 Thread James Bensley
On 22 Feb 2011 21:38, Nathan Eisenberg nat...@atlasnetworks.us wrote: Almost certainly not. The update communication is done over an SSL channel and specific ports. Even if you get the ports right, Why wouldn't you, they're not random, you set them youself?! I highly suspect the SSL

RE: RE: [pfSense Support] Microsoft updates through pfSense

2011-02-23 Thread Nathan Eisenberg
I doubt it, why would the SSL cause problems unless you denied clients authentication, but why would you deny access to your own clients?!? You probably don't have the ability to sign valid certificates for update.microsoft.com. Since you're redirecting SSL traffic bound for that

Re: RE: RE: [pfSense Support] Microsoft updates through pfSense

2011-02-23 Thread James Bensley
That is a possibility, perhps instead of NAT'ing the connections if you had a local DNS entry for update.microsoft.com though I suspect SSL woupd be fine. However I believe SSL is optional, so that might not be a problem at all? --James. (This email was sent from a mobile device)

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-23 Thread Moshe Katz
See the official Squid FAQ about Windows Update. It explains why you are having this problem. http://wiki.squid-cache.org/SquidFaq/WindowsUpdate Moshe -- Moshe Katz -- mo...@ymkatz.net -- +1(301)867-3732 On Thu, Feb 17, 2011 at 10:52 PM, Shali K.R.

RE: [pfSense Support] Microsoft updates through pfSense

2011-02-22 Thread Nathan Eisenberg
this done at dozens of installations, and it works flawlessly. -Original Message- From: James Bensley [mailto:jwbens...@gmail.com] Sent: Friday, February 18, 2011 12:57 AM To: support@pfsense.com Subject: Re: [pfSense Support] Microsoft updates through pfSense Well I haven't tried

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-18 Thread Johan Hendriks
David Burgess schreef: On Thu, Feb 17, 2011 at 8:52 PM, Shali K.R.sh...@vidyaacademy.ac.in wrote: Dear db, i have tried this, but it showing a high bandwidth usage, is this a proper way?? I uninstalled the squid package about three months ago, unable to get it to function properly. I will

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-18 Thread James Bensley
If you cant use a domain with a WSUS server, why not redirect the IP ranges of MS update servers to your WSUS server on your firewall? --James. (This email was sent from a mobile device)

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-18 Thread Shali K.R.
Dear James Bensley, Just redirect to local WSUS server will solve this issue? On Fri, Feb 18, 2011 at 2:06 PM, James Bensley jwbens...@gmail.com wrote: If you cant use a domain with a WSUS server, why not redirect the IP ranges of MS update servers to your WSUS server on your firewall?

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-18 Thread James Bensley
Well I haven't tried it but it could work, perhaps Google it? Initially I can't see why it wouldn't work but I haven't tried it so I can't say for sure. --James. (This email was sent from a mobile device)

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-17 Thread David Burgess
On Thu, Feb 17, 2011 at 8:42 PM, Shali K.R. sh...@vidyaacademy.ac.in wrote: Dear all, I am having 500 windows client machines connected through pfSense and squid, please suggest me a suitable method for handling updates. You'll find the appropriate info here:

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-17 Thread Shali K.R.
Dear db, i have tried this, but it showing a high bandwidth usage, is this a proper way?? On Fri, Feb 18, 2011 at 9:14 AM, David Burgess apt@gmail.com wrote: On Thu, Feb 17, 2011 at 8:42 PM, Shali K.R. sh...@vidyaacademy.ac.in wrote: Dear all, I am having 500 windows client machines

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-17 Thread David Burgess
On Thu, Feb 17, 2011 at 8:52 PM, Shali K.R. sh...@vidyaacademy.ac.in wrote: Dear db, i have tried this, but it showing a high bandwidth usage, is this a proper way?? I uninstalled the squid package about three months ago, unable to get it to function properly. I will try it again when pfsense

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-17 Thread Mike McLaughlin
The proper way to handle that many clients is to run a WSUS update server (or its new replacement, System Center). Mike McLaughlin - System Administrator Clientworks, Inc - 721 Zion St, Nevada City, CA 95959 Office 530-470-0104 - Cell 530-559-9606 On Thu, Feb 17, 2011 at 7:52 PM, Shali K.R.

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-17 Thread Shali K.R.
Dear Mike McLaughlin, But WSUS requires a domain controller for the perfect functioning, i also tried this without domain controller but its not working well On Fri, Feb 18, 2011 at 9:25 AM, Mike McLaughlin obr...@gmail.com wrote: The proper way to handle that many clients is to run a

Re: [pfSense Support] Microsoft updates through pfSense

2011-02-17 Thread Mike McLaughlin
Ah, sorry. I don't have a great recommendation for you then. I've not used a WSUS server without a domain. You can tune squid to cache larger files, but I too am not extremely fond of Squid. I always have random issues with this and that running it (mainly custom web apps, java, etc). Mike