WSUS 2012 R2 in DMZ

Hi We have to setup a New WSUS server in DMZ 

I wanted to check the following:

Can we deploy Server 2012 R2 / WSUS v6  and make it the Upstream server for 2 of our Windows 2008 (WSUS 3.0) server

We wish to Use the new 2012 R2 server to just get Updates from MS and then Have the existing WSUS 3.0 servers get it from the Upstream Server in Autonomous mode.

I am hoping we only need to open following ports on firewall (80/443) between the 2 existing WSUS 3.0 to the new 2012R2 WSUS 

June 28th, 2015 12:45pm

Hi Kitaab,

This design is supported, by default, the WSUS server uses port 80 for HTTP protocol and port 443 for HTTPS protocol to obtain updates from Microsoft. If there is a corporate firewall between your network and the Internet, you will have to open these ports on the server that communicates directly to Microsoft Update.

There are two ways to link WSUS servers together:

Autonomous mode: An upstream WSUS server shares updates with its downstream server or servers during synchronization, but not update approval status or computer group information. Downstream WSUS servers must be administered separately. Autonomous servers can also synchronize updates for a set of languages that is a subset of the set synchronized by their upstream server.

Replica mode: An upstream WSUS server shares updates, approval status, and computer groups with its downstream server or servers. Downstream replica servers inherit update approvals and cannot be administered apart from their upstream WSUS server.

More details please refer the following KB:

Choose a Type of WSUS Deployment

https://technet.microsoft.com/en-us/library/cc720448(v=ws.10).aspx

Configure and Manage Replica Servers

https://technet.microsoft.com/en-us/library/dd939885(v=ws.10).aspx

Im glad to be of help to you!

Free Windows Admin Tool Kit Click here and download it now
July 1st, 2015 2:38am

Thanks Alex,

So will it mean that i can have a Server 2012 R2 (WSUS v6) as the Upstream server  and have Server 2008 WSUS 3.0 SP2 as its Autonomous Downstreams

July 1st, 2015 11:17am

Hi Kitaab,

Yes, we can use the server 2012R2 as upstream server and WSUS3.0 as downstream server.

Best Regards,

Free Windows Admin Tool Kit Click here and download it now
July 6th, 2015 2:06am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics