Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to bypass WSUS on 2.3.2-RELEASE-p1

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U Offline
      UmairHamidani
      last edited by

      PFSense version 2.3.2-RELEASE-p1 is installed in our environment but PFSense allowing some users to connect and some users are not reported yet. kindly help me out in this regard.

      1 Reply Last reply Reply Quote 0
      • B Offline
        Birke
        last edited by

        can the computers access http:// <ip-of-wsus>or https://<ip-of-wsus>:443 ?

        if yes: maybe the aren't set up to use the wsus. check if the computers have the registrykey hklm\software\policies\microsoft\windows\windowsupdate and there a string named WUServer with the value of your wsus.

        if no: try to access the site mentioned under the registrykey mentioned above and check the firewall-log if you see some blocked packets</ip-of-wsus></ip-of-wsus>

        1 Reply Last reply Reply Quote 0
        • U Offline
          UmairHamidani
          last edited by

          Yeah users can access via http://xxx.xxx.xxx.xxx and as we are in domain environment policy is forced through domain controller.

          1 Reply Last reply Reply Quote 0
          • B Offline
            Birke
            last edited by

            if they can access the wsus and the registrykeys are set by domain policy, then i think its not the fault of the pfsense.

            open an administrator-cmd-window on the client and try
            wuauclt /detectnow
            wuauclt /reportnow
            maybe that helps. sometimes computers just need some time to report and you can force them with these 2 commands.

            1 Reply Last reply Reply Quote 0
            • U Offline
              UmairHamidani
              last edited by

              already tried, also pfsense recording GB's of CAB file record to users and its hard to justify to non technical management that it is not a internet usage and a WSUS files.

              1 Reply Last reply Reply Quote 0
              • D Offline
                doktornotor Banned
                last edited by

                What on earth do you mean here? This doesn't make any sense. There's nothing to bypass, the traffic will either never hit the firewall if the WSUS server is on the same LAN, or will get routed to another subnet.

                Are you trying to cache WSUS with Squid or some such stupid idea?

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.