Windows update repository

Question

Hi, I would like to patch a server in DM Zone. And I need to allow a network path so that server could use proxy to download windows update. May I know what is the port, destination or repository of windows update?

Answer 1

Hello

Thank you for your question and reaching out. Windows Update requires TCP port 80, 443, and 49152-65535. The IP address for the Windows Update website is dynamic and changes frequently. The IP addresses are not officially published either. Typically, we recommend against using the firewall's IP address definitions for this. Instead, we advise designating the DNS names as allowed destinations for traffic via the firewall or enabling all outbound connections to http & https ports. Use the DNS system since it is the only trustworthy source of current information for the IPs that Windows Update is currently using. Make sure the following destination hosts are supplied if you're using DNS:

http://windowsupdate.microsoft.com

http://.windowsupdate.microsoft.com

https://.windowsupdate.microsoft.com

http://.update.microsoft.com

https://.update.microsoft.com

http://.windowsupdate.com

http://download.windowsupdate.com

http://download.microsoft.com

http://.download.windowsupdate.com

http://wustat.windows.com

http://ntservicepack.microsoft.com

http://stats.microsoft.com

https://stats.microsoft.com

Reference : https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc708605(v=ws.10)?redirectedfrom=MSDN

--If the reply is helpful, please Upvote and Accept as answer--