Jump to content


Do internet clients prefer a microsoft location over a DP for SUP

Recommended Posts

Hi all,

I have put a site server in our DMZ running DP, MP and SUP so we can update clients across the internet.  It all looks like it's working, but I have noticed in the windowsupdate.log that when the client is on the internet it is pulling the updates down from a microsoft location.  When it's back on the internal network, it switches over to the site server fine.

The auto deployment rule does allow content to be pulled from the internet.  I'm just wondering if a client on the internet uses the microsoft location as it's primary source rather than the DMZ server?

also, a lot of people say you need to open up 8530 and 8531 from public to dmz, due to software update licences being unencrypted.  Is this true?


I am struggling to understand why we even need the wsus ports opening to the dmz.  If internet machines prefer a microsoft location then just leave them to it?  I know perhaps the reason could be if the microsoft wsus is down....but come on, how often are they down these days.


Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...