Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

NSA 2600 not allowing windows updates

Hello All, this is my first post here.

For some reason my PC's and servers cannot download windows updates. Last successful updates date was 9/25/20.

Content Filtering and IPS was not changed. Windows updates are not blocked.

For testing purposes I disabled content filtering and IPS. No change. Rebooted firewall still no change.

I didn't have time troubleshoot any further yet and wondering what should I be looking for. I don't know much of Sonicwall or it's security services.


I think this is related to problem with firewall because one of the laptops couldn't get updates while in the office but as soon user took it home all updates downloaded.

I would appreciate any suggestions,

Thanks for reading,

Robert

Category: Firewall Security Services
Reply

Answers

  • SaravananSaravanan Moderator

    Hi @ROBERT13,

    Glad to have you on SonicWall Community.

    Could you please turn OFF the App Control or application firewall that could also block windows update if configured or enabled?

    Please try and let us know.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • AjishlalAjishlal Cybersecurity Overlord ✭✭✭

    Hi @Robert13,

    Microsoft Update might be get block if you block the "Webmail Category under the APP Control. because under the Webmail category there is Microsoft Application and the signatures. That signatures contain / handling the Microsoft SSL Traffic so you would have to disable the "Block" on those signatures.

    As well as make sure you are not blocked the "APP-UPDATE" category under the App control. If you are block that category please make sure not blocking the " Microsoft windows updates"

    NB: This will be applicable only if you are enable the App control & the Blocking the Webamail & App-Update category.

  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @Robert13

    it's a bit of a fishing expedition here, but we should start with the basics. Firewall model and Firmware version?

    Did you checked with the event log if there are any events showing with SecurityService might interfere? Did you do a packet monitor to see if any packets got dropped?

    And the most common question I'am asking my customers: "Did you changed anything since last successful Windows update?".

    --Michael@BWC

  • Robert13Robert13 Newbie ✭
    edited November 4

    Thanks All, this was due to bad signature under App Control. The issue is resolved.

  • Robert13Robert13 Newbie ✭

    As a side note. We didn't change anything to begin with. SonicWALL support confirmed it was due to bad signature which get updated periodically by them. Bad feature to have enabled in my opinion.

  • SaravananSaravanan Moderator

    @ROBERT13 - As we suspected, it was the App Control causing the issue. Glad to know that you have contact our Support team and got necessary help.

    Have a good one!!!

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @Robert13

    thats a bummer, great that you got it sorted all out.

    Stay safe.

    --Michael@BWC

  • SaravananSaravanan Moderator

    Hi @ROBERT13,

    To add to the existing info on this post, there is nothing called Bad Signature. It must be phrased incorrectly. Here is what happens at the background, everyday our signature team creates new signatures and updates all other existing signatures on the firewall engine to make the firewall more powerful against network security concerns. When the signature gets updated, sometime kind of false positives or false negatives can happen. These negatives are unintentional and sometime a signature can overlap with multiple applications leading to similar situation explained in the post and a small tweak at the back-end is required.

    Hope this clarifies.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

Sign In or Register to comment.