Share via

Which port does the wsus servers(windows server 2019) download updates from the internet?

li li 0 Reputation points
2023-08-09T09:32:33.9933333+00:00

Which port does the wsus servers(windows server 2019) download updates from the internet?

how to change this port?

Does this port have to be 80 or 8530?

thank you!

Microsoft Security | Intune | Configuration Manager | Updates
Windows for business | Windows Server | User experience | Other
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Adam J. Marshall 10,771 Reputation points MVP
    2023-08-15T15:19:00.52+00:00

    That last post by Simon is half right and half wrong (even though it kind of works).

    WSUS uses ports 80/443 to contact Microsoft. That doesn't change.

    https://learn.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/2-configure-wsus#211-configure-your-firewall-to-allow-your-first-wsus-server-to-connect-to-microsoft-domains-on-the-internet

    Now that WSUS has updates, it LISTENS on port 8530 or on ports 8530/8531 (SSL) for your clients to talk with your WSUS services. You CAN change this to 80/443 by using the PROPER way of

    WsusUtil.exe usecustomwebsite false

    This will ensure WSUS knows what IIS is doing. If you just edit the IIS settings like Simon said above - it WILL work... sort of, kind of, but it will not be done properly and WSUS will STILL BELIEVE it is using 8530/8531.

    This is the same type of thing with configuring WSUS to use an SSL Certificate - you always want to ensure you're using WsusUtil.exe as that tool ensures that WSUS and IIS both know what's what - even though you can configure SSL solely through IIS.

    https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-7-ssl-setup-for-wsus-and-why-you-should-care/

    1 person found this answer helpful.
    0 comments
  2. Simon Ren-MSFT 40,386 Reputation points Microsoft External Staff
    2023-08-17T09:47:12.84+00:00

    Hi,

    Hope everything goes well. Do you need any further assistance about this issue? If yes, please feel free to let us know, we will do our best to help you.

    If the response is helpful, it's appreciated that you could click "Accept Answer" and upvote it, this will help other users to search for useful information more quickly.

    Thanks for your time.

    Best regards,

    Simon

    0 comments
  3. Simon Ren-MSFT 40,386 Reputation points Microsoft External Staff
    2023-08-09T09:57:22.76+00:00

    Hi,

    Thank you for posting in Microsoft Q&A forum.

    1,By default, WSUS server uses port 80 for HTTP and port 443 for HTTPS to get updates from Microsoft Update in internet. Refer to:

    https://learn.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/2-configure-wsus

    2,If you want to change the port that WSUS uses to download updates, you can follow these steps:

    a. Open the Internet Information Services (IIS) Manager on the WSUS server.

    b. Locate the "WSUS Administration" site.

    c. Click on "Bindings" in the right-hand menu.

    d. Edit the existing binding for either HTTP or HTTPS (depending on your needs) and change the port number.

    e. Save your changes and restart the IIS services.

    Thanks for your time. Have a nice day!

    Best regards,

    Simon

    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.