WSUS Server in DMZ Tony 5/30/2007 6:10:03 PM I have 2 WSUS servers configured. One of these servers is on our internal network and one is in our DMZ. I have installed the administrator console on my Windows XP system (internal network) so I can manage both of these servers. I can only manage the internal WSUS server. The console will not allow me to connect to the DMZ server. Any ideas? What firewall ports are needed to allow me to do this?

Re: WSUS Server in DMZ Gus <vines77[ at ]gmail.com> 5/31/2007 1:40:54 AM On May 30, 2:10 pm, Tony <T...[ at ]discussions.microsoft.com> wrote: [Quoted Text] > I have 2 WSUS servers configured. One of these servers is on our internal > network and one is in our DMZ. I have installed the administrator console on > my Windows XP system (internal network) so I can manage both of these > servers. I can only manage the internal WSUS server. The console will not > allow me to connect to the DMZ server. Any ideas? What firewall ports are > needed to allow me to do this? I have done a sniffer trace on the new WSUS3 MMC. It uses HTTP as it's mechinisim. You will need outboud TCP80 to your WSUS server for this to work. If your firewall is SPI capable, no other rules will be necessary.

Re: WSUS Server in DMZ Tony 5/31/2007 7:50:00 PM Still not working. Can't connect to server is the error msg. I had our firewall guy look at our settings. Basically he has the firewall setup one way. Anything from the internal network can get out but the other way is locked down.

Re: WSUS Server in DMZ "Jeff Centimano [MVP]" <my_last_name[ at ]msn.com> 6/2/2007 3:44:01 AM Is your DMZ WSUS server an Active Directory domain member, or simply a workgroup server? The MMC console requires Kerberos authentication, and therefore AD domain membership. Server and management client must be in the same domain, or in domains in the same forest. Haven't tried external NTLM style trusts to see if it falls back from Kerberos... but will do so when I get some 'free time' (a.k.a. whenever I have a need for this myself). ;) I'm guessing this is your problem. If so, your only management strategy is to RDP into the box and run the MMC locally. -- Jeff Centimano MVP - Windows Server http://windowsconnected.com/blogs/jeff "Tony" <Tony[ at ]discussions.microsoft.com> wrote in message news:70710AB9-E6D9-413C-A9DD-F52742632CBB[ at ]microsoft.com... [Quoted Text] >I have 2 WSUS servers configured. One of these servers is on our internal > network and one is in our DMZ. I have installed the administrator console > on > my Windows XP system (internal network) so I can manage both of these > servers. I can only manage the internal WSUS server. The console will > not > allow me to connect to the DMZ server. Any ideas? What firewall ports > are > needed to allow me to do this?