![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 63%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
20,212 questions
An offline WSUS system requires 2 WSUS servers (you can get away with 1, if you switch the NIC cable to go from online network to offline network).
1 is online, that downloads the updates after being approved, and syncs with Microsoft and provides the path for exporting the database and copying the update files (WsusContent folder) to media which is then brought to the offline system.
1 is offline, connected to your offline network and uses the media to where you import the database and then copy the update files from the media to your offline WSUS server.
The Offline WSUS server then is setup on the offline network clients to be the source of windows updates - either via GPO or registry edits depending on your setup/need.
WSUS is a website (with a little bit of a backend). As long as your client systems can reach it (ports open, etc), they should be able to download updates from it. If they can't use my guide to run through all the possibilities of why there may be problems.
https://www.ajtek.ca/wsus/client-machines-not-reporting-to-wsus-properly/
My other guide here - https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-1-choosing-your-server-os/ will help you understand not only how to set it up, but also how to easily manage it so that it takes very little time (with an online server, roughly 5-15 minutes per month - offline will be more due to the nature of having to copy and export to media and then import it on the offline system).