Hello, I have just been made aware that some machines are not Windows updating on our campus network, I've done a fair bit of investigation and I 'think' I know what the problem is and just wondered if anyone else had seen this, and if so how it was remedied. Initially I thought this was a Squid problem, but I'm now tending to think it's a Microsoft problem.
On our campus we force certain IP ranges to go through our squid caches, which I guess you could call opaque, IE browsers/clients etc have to be configured to go through the cache rather than transparent. These restricted clients are forced to use the cache by the use of acls on core routers denying port 80 traffic from various IPs. It appears that the Windows Update V5 client (not sure about V4) tries to open a port 80 connection directly to Microsoft servers to check for and download updates, this obviously fails as the router acls drop the packets. The only way I've found to get this to work is to totally disable the windows update client so it makes no checks etc, then manually run WU from a browser which isn't ideal. Even manual attempts fail if the WU client is running. Does anyone know of a list of IP's that the client uses so holes can be made to allow port 80 traffic through to them, or if there is a way to configure the WU client with the proxy settings? Or perhaps I am barking up the wrong tree altogether? Many thanks, Jezz Palmer. **************************************** Jezz Palmer. Internet Systems Officer. Library and Information Services University of Wales, Swansea Singleton Park Swansea SA2 8PP ****************************************