NSA 2600 not allowing windows updates
Robert13
Newbie ✭
Hello All, this is my first post here.
For some reason my PC's and servers cannot download windows updates. Last successful updates date was 9/25/20.
Content Filtering and IPS was not changed. Windows updates are not blocked.
For testing purposes I disabled content filtering and IPS. No change. Rebooted firewall still no change.
I didn't have time troubleshoot any further yet and wondering what should I be looking for. I don't know much of Sonicwall or it's security services.
I think this is related to problem with firewall because one of the laptops couldn't get updates while in the office but as soon user took it home all updates downloaded.
I would appreciate any suggestions,
Thanks for reading,
Robert
Category: Firewall Security Services
0
Answers
Hi @ROBERT13,
Glad to have you on SonicWall Community.
Could you please turn OFF the App Control or application firewall that could also block windows update if configured or enabled?
Please try and let us know.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Hi @Robert13,
Microsoft Update might be get block if you block the "Webmail Category under the APP Control. because under the Webmail category there is Microsoft Application and the signatures. That signatures contain / handling the Microsoft SSL Traffic so you would have to disable the "Block" on those signatures.
As well as make sure you are not blocked the "APP-UPDATE" category under the App control. If you are block that category please make sure not blocking the " Microsoft windows updates"
NB: This will be applicable only if you are enable the App control & the Blocking the Webamail & App-Update category.
Hi @Robert13
it's a bit of a fishing expedition here, but we should start with the basics. Firewall model and Firmware version?
Did you checked with the event log if there are any events showing with SecurityService might interfere? Did you do a packet monitor to see if any packets got dropped?
And the most common question I'am asking my customers: "Did you changed anything since last successful Windows update?".
--Michael@BWC
Thanks All, this was due to bad signature under App Control. The issue is resolved.
As a side note. We didn't change anything to begin with. SonicWALL support confirmed it was due to bad signature which get updated periodically by them. Bad feature to have enabled in my opinion.
@ROBERT13 - As we suspected, it was the App Control causing the issue. Glad to know that you have contact our Support team and got necessary help.
Have a good one!!!
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Hi @Robert13
thats a bummer, great that you got it sorted all out.
Stay safe.
--Michael@BWC
Hi @ROBERT13,
To add to the existing info on this post, there is nothing called Bad Signature. It must be phrased incorrectly. Here is what happens at the background, everyday our signature team creates new signatures and updates all other existing signatures on the firewall engine to make the firewall more powerful against network security concerns. When the signature gets updated, sometime kind of false positives or false negatives can happen. These negatives are unintentional and sometime a signature can overlap with multiple applications leading to similar situation explained in the post and a small tweak at the back-end is required.
Hope this clarifies.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services