"Jarryd" <jarryd@nodomain.com> wrote in message
news:630D6EB1-0AFE-428C-BA13-2A3A1ADF0016@microsoft.com...
> Hi all,
>
> I am having trouble with my firewall blocking MS Updates downloads to my
> WSUS server. My firewall scans all HTTP and HTTPS traffic and refuses the
> downloading of certain content types. I need to enter exceptions for site
> that I want to be able to download these from. Everything was working
> fine for a while, but downloading began to fail again. I allowed
> downloading from (*) , meaning everyone, and the MS Updates started to
> stream down again. Therefore, it must be that either I didn't have all
> the URLs or they have changed or been added to. The ones I have are:
> windowsupdate.microsoft.com
> download.windowsupdate.com
> update.microsoft.com
> download.microsoft.com
> ntservicepack.microsoft.com
> wustat.windows.com
> v4.windowsupdate.microsoft.com
> v5.windowsupdate.microsoft.com
>
> Are there any others (new ones perhaps)? Is there a way to check for an
> updated list, like on an official MS website?
The complete list is documented in the WSUS Deployment Guide
in the section titled "Configure the Network"
http://technet.microsoft.com/en-us/library/dd939870(WS.10).aspx
What's notably missing from your list are all of the wildcard designations
for the subdomains specified by the above items. Also, you need to allow
access for both HTTP and HTTPS (ports 80 and 443).
*.windowsupdate.microsoft.com
*.update.microsoft.com
*.windowsupdate.com
*.download.windowsupdate.com
stats.update.microsoft.com
--
Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2009)
My Blog: http://onsitechsolutions.spaces.live.com
Microsoft WSUS Website: http://www.microsoft.com/wsus
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin