Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 1 subscriber
  • Views 6885 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows Update

MikeRM275
Hello,
  While I was using the trial version, Windows Update would work.  The moment I switched over to a licensed version of UTM 9, I am unable to get Windows Update to work on any computer.  They all give the same error about being blocked (error code 80072EFE).  I have checked the exceptions and it seems to be set up correctly.  Can anyone see what I might have wrong?  The computers are running Windows 2008 R2, 2012 R2, and 7.  So it is a mix, not just one type.


Microsoft Windows Update [Allows Windows Update without content scanning side effects.] 
 

Skipping: Authentication / Caching / Block by download size / Antivirus / Extension blocking / MIME type blocking / URL Filter / Content Removal / SSL scanning / Certificate Trust Check / Certificate Date Check 
 

Matching these URLs: ^https?://([A-Za-z0-9.-]*\.)?windowsupdate\.com/
^https?://([A-Za-z0-9.-]*\.)?microsoft\.com/
^https?://64\.4\.18\.19
^https?://157\.56\.134\.97


This thread was automatically locked due to age.
  • 0
    Are you sure that it isn't an application control issue blocking the traffic?
  • 0 in reply to Epoch
    Since UTM9.2 I'm using 2 exceptions which seems to work well so far for me:

    Skip Extension blocking / Content Removal for
    ^https?://([A-Za-z0-9.-]*\.)?download\.windowsupdate\.com/

    Skip SSL scanning
    ^https://update\.microsoft\.com

    But at least the second (SSL) exception may only work with UTM9.2 in transparent mode.

    [H]
  • 0
    Here is what I am getting on the log file when I hit Windows Update.  I know there are quite a few entries for Skydrive also being blocked: 

    2014:01:20-19:36:42 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x25acc4f8" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:36:44 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="7217" request="0x1b378cc0" url="qqsjuw.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:36:45 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x1cc98ab0" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:36:47 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x1b37ada8" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:36:49 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4944" request="0x1c69f7a0" url="qqrzgq.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:36:49 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="202" request="0x1b3ec7f0" url="y7hyba.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:36:50 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x1b3fb230" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:36:50 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="349056" request="0x1b2bddb0" url="2uygaq.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:36:50 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="134.170.104.240" user="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1b2bd630" url="dm2302.storage.live.com/.../LiveFolders

    

    2014:01:20-19:36:50 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="HEAD" srcip="192.168.0.22" dstip="63.233.110.41" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1bc48b10" url="ds.download.windowsupdate.com/.../muauth.cab

    

    2014:01:20-19:36:50 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="HEAD" srcip="192.168.0.22" dstip="63.233.110.41" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1adb3638" url="download.windowsupdate.com/.../muv4wuredir.cab

    

    2014:01:20-19:36:51 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="134.170.104.240" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2541" request="0x1b2bd630" url="dm2302.storage.live.com/.../LiveFolders

    

    2014:01:20-19:36:52 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x1b3fb9b0" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:36:54 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="134.170.104.216" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4447" request="0x1b4a79c8" url="qqsjuw.dm2302.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:36:54 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="HEAD" srcip="192.168.0.22" dstip="157.56.77.158" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1b02a3a0" url="update.microsoft.com/.../wuident.cab

    

    2014:01:20-19:36:54 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="HEAD" srcip="192.168.0.22" dstip="63.233.110.41" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1adb3638" url="download.windowsupdate.com/.../wsus3setup.cab

    

    2014:01:20-19:36:55 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x98f6900" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:36:55 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4944" request="0x1c69f7a0" url="qqrzgq.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:36:55 MRM2Sophos httpproxy[4992]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x1b2f3398" function="ssl_raw_read" file="ssl.c" line="610" message="SSL_ERROR_SYSCALL: ret=-1 error=Connection reset by peer" 

    

    2014:01:20-19:36:55 MRM2Sophos httpproxy[4992]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x1b2f3398" function="send_request_headers" file="request.c" line="184" message="write() on AF 2 socket to 157.56.96.80 failed: Broken pipe" 

    

    2014:01:20-19:36:55 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CNT" srcip="192.168.0.22" dstip="157.56.96.80" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2498" request="0x1b2f3398" url="157.56.96.80/" exceptions="" error="Broken pipe" category="9998" reputation="neutral" categoryname="Uncategorized" 

    

    2014:01:20-19:36:56 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="HEAD" srcip="192.168.0.22" dstip="63.233.110.41" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x1bc48b10" url="ds.download.windowsupdate.com/.../muredir.cab

    

    2014:01:20-19:36:56 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="0" request="0x1b5ff7d8" url="157.56.96.59" exceptions="" error="Failed to verify server certificate" 

    

    2014:01:20-19:36:57 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x1b3ec970" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:36:58 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="551" request="0x1b0284a8" url="zi1kka.bay.livefilestore.com/.../plain" application="skydrive" 

    

    2014:01:20-19:36:59 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x1b028628" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:37:02 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x1bd4d900" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:37:03 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="299392" request="0x98f6c00" url="2ua7dq.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:04 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="111507" request="0x1adb3ab8" url="4i0low.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:05 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2507" request="0x1b3789c0" url="ssw.live.com/UploadData.aspx" exceptions="" error="Host not found" category="145" reputation="trusted" categoryname="Search Engines" 

    

    2014:01:20-19:37:07 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.55.53.190" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="44" request="0x1b2bd1b0" url="watson.microsoft.com/.../Unmanaged.htm

    

    2014:01:20-19:37:08 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="134.170.109.200" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5244" request="0x1ae6a7a8" url="qqsjuw.dm2304.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:09 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="224" request="0x1b0284a8" url="zi1kka.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:10 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="292637" request="0x98f6c00" url="2ua7dq.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:10 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="108646" request="0x1adb3ab8" url="4i0low.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:10 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="134.170.104.216" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5683" request="0x1b4a79c8" url="qqsjuw.dm2302.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:11 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="496" request="0x1b0284a8" url="zi1kka.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:12 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.55.194.241" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="364" request="0x1b5ffdd8" url="act-3-blu.mesh.com/.../octet-stream" application="winlive" 

    

    2014:01:20-19:37:16 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="64274" request="0x1ae6ac28" url="2uzw6g.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:20 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="1344" request="0x1b96f690" url="ptluma.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:25 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="134.170.109.200" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="543" request="0x1aebdc90" url="zi1kka.dm2304.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:27 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="33464" request="0x1ae6ac28" url="2uzw6g.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:27 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="478" request="0x1b96f690" url="ptluma.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:28 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="505" request="0x1b0284a8" url="zi1kka.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:29 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="240821" request="0x1b2bddb0" url="2uygaq.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:30 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="697" request="0x1b96f690" url="ptluma.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:31 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="142" request="0x1b0284a8" url="zi1kka.bay.livefilestore.com/.../plain" application="skydrive" 

    

    2014:01:20-19:37:32 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="574841" request="0x1b2bddb0" url="2uygaq.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:33 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="323" request="0x1b378cc0" url="qqsjuw.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:33 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="543" request="0x1b0284a8" url="zi1kka.bay.livefilestore.com/.../plain" application="skydrive" 

    

    2014:01:20-19:37:34 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="55520" request="0x1adb3ab8" url="4i0low.bay.livefilestore.com/.../jpeg" application="skydrive" 

    

    2014:01:20-19:37:35 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.32" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4944" request="0x1c69f7a0" url="qqrzgq.bay.livefilestore.com/.../octet-stream" application="skydrive" 

    

    2014:01:20-19:37:35 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.54.191.24" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="531" request="0x1b0284a8" url="zi1kka.bay.livefilestore.com/.../octet-stream" application="skydrive"
  • 0
    That's confusing, Mike.  There really are only two sets of two lines in there that aren't normal, statuscode="200" and are related to the Microsoft update:
    2014:01:20-19:36:55 MRM2Sophos httpproxy[4992]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x1b2f3398" function="send_request_headers" file="request.c" line="184" message="write() on AF 2 socket to 157.56.96.80 failed: Broken pipe" 
    2014:01:20-19:36:55 MRM2Sophos httpproxy[4992]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x1b2f3398" function="ssl_raw_read" file="ssl.c" line="610" message="SSL_ERROR_SYSCALL: ret=-1 error=Connection reset by peer"

    2014:01:20-19:36:56 MRM2Sophos httpproxy[4992]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="192.168.0.22" dstip="" user="" statuscode="502" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction=" ()" size="0" request="0x1b5ff7d8" url="157.56.96.59" exceptions="" error="Failed to verify server certificate" 
    2014:01:20-19:37:07 MRM2Sophos httpproxy[4992]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.0.22" dstip="65.55.53.190" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="44" request="0x1b2bd1b0" url="watson.microsoft.com/.../Unmanaged.htm

    Have you loaded the HTTPS cert with msc into each PC?

    Cheers - Bob
  • 0 in reply to BAlfson
    Well the GPO is supposed to have loaded the certificates into each machine.  I haven't seen any abnormal GPO errors, just the usual Task manager GPO failed to run.  That has nothing to do with the certificates.
  • 0
    here's the utm exceptions i use across all clients and so far i've not had an issue with WU not working:

    Antivirus / Extension blocking
    Matching these URLs: ^https?://([A-Za-z0-9.-]*\.)?windowsupdate\.com/
    ^https?://([A-Za-z0-9.-]*\.)?microsoft\.com
  • 0
    William, I changed the UTM exception back to that, and rebooted.  Then had a few different clients try to connect and they all failed still.
  • 0
    William, I changed the UTM exception back to that, and rebooted.  Then had a few different clients try to connect and they all failed still.


    Then you need to put the wu server in the proxy bypass section in the advanced tab of the http proxy
  • 0 in reply to MikeRM275
    William, I changed the UTM exception back to that, and rebooted.  Then had a few different clients try to connect and they all failed still.


    Does HTTPS websurfing using IE work for those clients ?
    Did you import the CA cert into the computer certificate store ? (not User, not Service) ?
  • 0
    since you are running AD i would install the server update services role on the server and then modify default domain policy and default domain controller policy for the clients to point to the AD machine running wsus.  Then you only have to put one machine into the exception i noted earlier.  

    Unless you have something else going on even on my client networks that do NOT run wsus(there's 2) using the exceptions i noted earlier Wu works fine.  If you are running anti-stuff on your endpoints try turning it off and see if that helps.  you also need to put *.microsoft.com and *.windowdupdate.com into your workstations trusted areas.  uncheck require https for this to work.