Tom's Hardware > Forum > Windows XP > Windows XP General Discussion > IP range for Win update servers?

IP range for Win update servers?

Forum Windows XP : Windows XP General Discussion - IP range for Win update servers?

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   01-13-2005 at 04:53:03 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

 

What IP addresses must I allow access to so that clients behind the firewall
can access all windows update servers?

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   01-14-2005 at 04:21:17 AM
- 0 +

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

 

cola8d8 wrote:

> What IP addresses must I allow access to so that clients
> behind the firewall can access all windows update servers?
Hi

Take a look at the post in the link below on how to configure
Norton Firewall to let Windows Updates through:

http://groups.google.co.uk/groups? [...] rosoft.com

Essensially:

Permit communications with

download.windowsupdate.com
v5.windowsupdate.microsoft.com

on ports 80 and 443 (TCP and UDP)



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/s [...] fault.mspx

Reply to Anonymous
Anonymous   01-14-2005 at 04:21:18 AM
- 0 +

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

 

Thanks for the info but I was really needing IP addresses (or range(s)) for
my firewall. Those DNS names reflect multiple IP addresses.

"Torgeir Bakken (MVP)" wrote:

> cola8d8 wrote:
>
> > What IP addresses must I allow access to so that clients
> > behind the firewall can access all windows update servers?
> Hi
>
> Take a look at the post in the link below on how to configure
> Norton Firewall to let Windows Updates through:
>
> http://groups.google.co.uk/groups? [...] rosoft.com
>
> Essensially:
>
> Permit communications with
>
> download.windowsupdate.com
> v5.windowsupdate.microsoft.com
>
> on ports 80 and 443 (TCP and UDP)
>
>
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
> http://www.microsoft.com/technet/s [...] fault.mspx
>

Reply to Anonymous
Anonymous   01-14-2005 at 04:21:18 AM
- 0 +

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

 

Thanks for the info but I was needing IP addresses (or range(s)) for my
firewall. Those DNS names translate to multiple IP addresses.

"Torgeir Bakken (MVP)" wrote:

> cola8d8 wrote:
>
> > What IP addresses must I allow access to so that clients
> > behind the firewall can access all windows update servers?
> Hi
>
> Take a look at the post in the link below on how to configure
> Norton Firewall to let Windows Updates through:
>
> http://groups.google.co.uk/groups? [...] rosoft.com
>
> Essensially:
>
> Permit communications with
>
> download.windowsupdate.com
> v5.windowsupdate.microsoft.com
>
> on ports 80 and 443 (TCP and UDP)
>
>
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
> http://www.microsoft.com/technet/s [...] fault.mspx
>

Reply to Anonymous
Anonymous   01-14-2005 at 04:21:19 AM
- 0 +

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

 

"cola8d8" <cola8d8@discussions.microsoft.com> wrote in message
news:EEC6BD66-0B92-4549-A9F2-3FEC6020E27B@microsoft.com...
> Thanks for the info but I was needing IP addresses (or range(s)) for my
> firewall. Those DNS names translate to multiple IP addresses.
>
>

That's because Microsoft uses some 3rd party 'load balancing' companies that
have servers all over the place, on multiple subnets. It's to minimize
spikes due to popular downloads or DDoS attacks. I guess you could put in
every IP that currently resolves to those DNS names, but of course this
could change on a regular basis and it's possible that these hosting
companies don't even notify Microsoft (since Microsoft has contracted it
out.)

One idea for you is to deploy SUS... which basically lets you have your own
Windows Update Server (while also giving you some control over which patches
get deployed.) Of course, your SUS server would need to be able to talk to
the Microsoft servers but you could just stick that box in a DMZ.


--
Colin Nash
Microsoft MVP
Windows Shell/User

Reply to Anonymous
Anonymous   01-14-2005 at 04:21:20 AM
- 0 +

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

 

"Colin Nash [MVP]" <cnash x@x mvps.org> wrote in message
news:%23yoO2Wd%23EHA.792@TK2MSFTNGP11.phx.gbl...
> One idea for you is to deploy SUS...



Sorry... meant to include this URL for info about SUS:
http://www.microsoft.com/windowsse [...] fault.mspx

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > Windows XP > Windows XP General Discussion > IP range for Win update servers?
Go to:

There are 1409 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.342 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
They won a badge
Join us in greeting them