Hi,
I have Windows Server 2012 Essentials running as the DC etc. in a network - it replaced an SBS 2003 box (the domain wasn't migrated, rather a fresh new domain was created, files copied across, shares reconfigured, machines migrated etc.)
I have installed Windows Server Update Services on the system, and the server itself can contact the WSUS instance and has registered with it. Other machines, however, cannot connect to the WSUS instance.
Extract from netstat -ano:
TCP 0.0.0.0:8530 0.0.0.0:0 LISTENING 4 TCP [::]:8530 [::]:0 LISTENING 4 TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4 TCP [::]:80 [::]:0 LISTENING 4
There are rules in firewall.cpl allowing full access to 80, 8530 and 8531.
Attempting to telnet to port 8530 on the loopback interface works - and interrogating the port with an HTTP query gets a response. Eg.
> telnet 127.0.0.1 8530 Microsoft Telnet> SET LOCALECHO HEAD / HTTP/1.0 HTTP/1.1 403 Forbidden Cache-Control: private Content-Length: 5093 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/8.0 X-Powered-By: ASP.NET Date: Tue, 13 Aug 2013 08:04:07 GMT Connection: close Connection to host lost.
Attempting to telnet to port 8530 on the internal RFC1918 IP fails from both the server itself and other devices on the network.
>telnet RFC1918IP 8530 Connecting To RFC1918IP...Could not open connection to the host, on port 8530: Connect failed
inetmgr as far as I can tell doesn't appear to have any restrictions.
What am I missing? Why can't other machines connect to WSUS? GPO says:
Set the intranet update service for detecting updates: http://HOSTNAME:8530 Set the intranet statistics server: http://HOSTNAME:8530... and HOSTNAME resolves to the RFC1918IP..
