I have a somewhat unusual situation in that I have a LAN that is NOT connected to the Internet that I need to keep patched. Unfortunately, the documentation on how to do this sort of think is scant at best and so far I have only been able to make it work partially. Let me describe my problem in detail and I hope someone can help. I installed WSUS server on a server that is connected to the internet and after selecting the desired updates and patches, they were successfully downloaded. I then installed WSUS server on a server that is on a LAN that is NOT connected to the Internet. I then copied the files from the WSUScontent directory on the server that is connected to the Internet to the server that is not connected to the Internet. I then ran the wsusutil export command to export the metadata files and copied them to the server that is not connected to the Internet and imported them there. The WSUS server that is not connected to the Internet is set to synchronize with itself. This is where I begin to have problems. When I run a synchronization under Download Status I see the number of files that need to be downloaded in Updates needing files. Below that it shows me the number of megabytes that are required for those files and how many megabytes have been downloaded. The download begins but never completes. My computers are reporting back to the WSUS server and some patches are being installed, but many of them are not. When I investigate, I can see where many of them have been downloaded - in other words, they are in the WSUS server and available for install, but the computers don't seem to be getting them. In other cases, I it tells me that the files for a particular update have not been downloaded yet. This is beginning to be extremely frustrating for me. I have tried to search for updates on the hard disk of my server but I don't see any way to correlate the Update name with the cryptic codes used to identify them. The update ID's don't seem to map to the files names in the WSUScontent directory either. I have checked and double checked to make sure that my settings on both servers, the one connected to the Internet and the one that is not, are the same. I have tried just about all the fixes I have been able to find on the Internet with no luck. Of course not many of these deal with my particular situation either. Just to sum up - my biggest problesm are that my clients don't seem to be picking up all needed patches even though they show up as available in the WSUS server and that not all needed files are being downloaded, even though I have copied them from my WSUS server that is connected to the Internet. I would greatly appreciate any ideas anyone may have.

Hello,use the not internet connected server as a downstream server from the machine connected to the internet. For replication between both disconnect the internet-WSUS from the internet and connect it with the downstream server, if replication is done reconnect them back to the default and you are done.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

Hi , Just want to check back on the issue, did you had a chance to go through the meinolf suggestion ?if you have further questions please do post back on the forum.

I apologize for not getting back to this thread for such a long time. The reason was that nothing I was finding out on the Internet was helping so I was forced to solve the problem on my own. In doing so I have pretty much become a WSUS guru when it comes to setting up WSUS so that it will work on a network that is not connected to the Internet. It's not really all that difficult to do, but complete documentation on how to do it is rather lacking. In addition to that, I was new to WSUS and didn't fully understand what was going on behind the scenes and that was what was causing most of my problems. What I discovered was that very often when a download that I had approved wasn't being installed on workstations was because the files for the update had not been downloaded and this is a problem that anyone who tries to do this sort of thing is going to have. The biggest difficulty is getting the WSUS server you have connected to the Internet and the one that is not in sync. It's not as easy as you would think because there are thousands of updates. You have to select the updates that apply to you on the WSUS server that is connected to the Internet and then copy them to the server that is not connected to the Internet where you again have to select the ones you want. You'd think that Microsoft would give you a way to sync up the two separate servers in this type of scenario, but they think that all networks should be connected to the Internet. What I finally ended up doing was to select literally everything on the WSUS server that was connected to the Internet. Once all the files had been copied to that server, I burned them all to DVD and then transferred them to the WSUS server that was not connected to the Internet. That way I got them all. Then all I had to do was to select the updates and patches I needed on the network that was not connected to the Internet and WSUS found them all. There are a couple other gotchas you have to make sure you take care of when you set up this sort of an environment, but once you understand what is really happening, it's not too difficult. I can practically do these installs in my sleep now so if anyone ever has any problems or questions, I'm available.