Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    How to bypass WSUS on 2.3.2-RELEASE-p1

    General pfSense Questions
    3
    6
    874
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      UmairHamidani last edited by

      PFSense version 2.3.2-RELEASE-p1 is installed in our environment but PFSense allowing some users to connect and some users are not reported yet. kindly help me out in this regard.

      1 Reply Last reply Reply Quote 0
      • B
        Birke last edited by

        can the computers access http:// <ip-of-wsus>or https://<ip-of-wsus>:443 ?

        if yes: maybe the aren't set up to use the wsus. check if the computers have the registrykey hklm\software\policies\microsoft\windows\windowsupdate and there a string named WUServer with the value of your wsus.

        if no: try to access the site mentioned under the registrykey mentioned above and check the firewall-log if you see some blocked packets</ip-of-wsus></ip-of-wsus>

        1 Reply Last reply Reply Quote 0
        • U
          UmairHamidani last edited by

          Yeah users can access via http://xxx.xxx.xxx.xxx and as we are in domain environment policy is forced through domain controller.

          1 Reply Last reply Reply Quote 0
          • B
            Birke last edited by

            if they can access the wsus and the registrykeys are set by domain policy, then i think its not the fault of the pfsense.

            open an administrator-cmd-window on the client and try
            wuauclt /detectnow
            wuauclt /reportnow
            maybe that helps. sometimes computers just need some time to report and you can force them with these 2 commands.

            1 Reply Last reply Reply Quote 0
            • U
              UmairHamidani last edited by

              already tried, also pfsense recording GB's of CAB file record to users and its hard to justify to non technical management that it is not a internet usage and a WSUS files.

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned last edited by

                What on earth do you mean here? This doesn't make any sense. There's nothing to bypass, the traffic will either never hit the firewall if the WSUS server is on the same LAN, or will get routed to another subnet.

                Are you trying to cache WSUS with Squid or some such stupid idea?

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post