Unable to Download Updates from WSUS, Error 0x8024402c


To totally unlock this section you need to Log-in


Login

Consider a client workstation that it is using a WSUS Server that is located in the DMZ behind Forefront TMG. This WSUS Server is not a domain member. There is a group policy specifying the WSUS Server name as shown below:

Unable to Download Updates from WSUS, Error 0x8024402c

Symptom

When the client workstation is running Windows Update it receives an error 0x8024402c, which appears in the Windows Update log as shown below:

Unable to Download Updates from WSUS, Error 0x8024402c

Troubleshooting

During the course of troubleshooting of this issue the following items were validated:

  • The DNS Server correctly had an entry for the WSUS Server.
  • The DC was able to resolve the WSUS Server name.
  • The client was able to resolve the WSUS Server name using nslookup command, but it was not able to resolve when using ping command.

To better understand what it was happening the following steps were done on the client workstation:

  • Ran ipconfig /flushdns.
  • Started Netmon capture.
  • Ran the command ping server_wsus.com.
  • Stopped the capture.

On the netmon capture it was possible to see that the answer from the DNS Server came in correctly as shown below:

Unable to Download Updates from WSUS, Error 0x8024402c

At this point we know that name resolution works fine and that the client is able to talk to the DNS Server. To isolate potential name resolution issue we tried to ping to SRVWSUS using the IP address and got the result below:

Unable to Download Updates from WSUS, Error 0x8024402c

This indicates that the local machine didn’t know what to do with that request.

Solution

The client workstation was missing the IP address of the default gateway. Once we added the default gateway the client workstation was able to obtain updates.