I have an issue that I haven't been able to resolve. I have a small domain setup with a Windows Server Update Service that is located in a DMZ. The machinges that are in the inside network (trusted), are setup to pull their Windows updates from the server in the DMZ. I have setup Group Policy to make this happend, and it works fine for all of my servers.
The issue is that I have a Windows 10 machine that refuses to connect to the WSUS server. The same group policy is applied and when I look at Monitor, I can see attempts to connect to the server over port 8530 ( Default Port), but the traffic is identified at web-browsing instead of ms-update.
Since 8530 isn't a standard port for web-browsing, the traffic isn't allowed. I know I could always setup an application override, but I shouldn't have to. I cannot figure out why this particular machines traffic is recognized as web-browsing instead of ms-update.
If anyone has any suggestions, I would like to hear them.
Solved! Go to Solution.
The PAN takes time to identify traffic, unfortuantly its getting blocked prior to being inspected properly. Just create a new policy that allows web-browsing and ssl. Then set the services to http, https, and create a custom service for 8530-tcp.
Hope that makes sense.
I did work with support on this, and they did find that they were identifying the traffic incorrectly. They made a change and released it as a part of their weekly content updates. Since doing this, I haven't had an issue.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!