2003 Server in the DMZ
Setup as : MP,DP,Site System
Intranet :
SCCM/WSUS Configured as the Central Site Server and all packages are being deployed sucessfully to remote laptops via internet access. WSUS was introduced and port 8530/8531 were included into IIS (WSUS Administrator)and all ssl settings were configured. Updates were sychronized sucessfully in the wsyncmgr.log file (100% downloads with no errors). I am able to utilize update pushes via update list deployment via templates (collection) on the lan.
Problem: When scheduling, windows update pushes to remote laptops, then they don't get any patches at all. The scan log lets me know exactly how many updates are needed on those systems but, I can not get the updates unless they interact with the lan. All conventional packages are still working fine except wsus update packages.
Troubleshooting steps takes to resolve this headache:
I examined the registry on one laptop and noticed that it is looking for the Central Site Server were WSUS was intergrated (That is the plan), example : https://servername.fqdn:8531. The entry is in the windows update folder.
a) I did a Netstat -and to examine the port and it reports that 8531 is established
The MP in the DMZ port were examined and 8531 was not available. Is this my problem ?
The WUAHandler is reporting = OnSearchComplete-Failed to end search job=0x8024402c.
Scan failed with error =0x80224402c
If I connect the laptop to the lan it will work fine and all updates will be deployed sucessfully.
I launched a few more test laptops out of an OU where GPO was enforced. Lauch verizon broadband on the laptop and forced the Update policies in the SCCM Client on the laptop. The problem continues.
Any Ideas?
I appologize for the long post, its just that i wanted to explain the entire scenerio.