How to determine the necessary URL and port to whitelist for Azure Update Manager patching?

Yuk Leong Chow 5 Reputation points


I would like to know if there is documentation available indicating which URL or port is used by the Windows Update Agent (WUA) on Windows machines to report to Microsoft Update for patching / updating the OS.

VM Extension Azure Arc Server Extension
Windows Microsoft.CPlat.Core.WindowsPatchExtension Windows Microsoft.CPlat.Core.WindowsPatchExtension (Periodic assessment)

Thank you.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
6,290 questions
Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
234 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
11,100 questions
Azure Update Manager
Azure Update Manager
An Azure service to centrally manages updates and compliance at scale.
128 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Prrudram-MSFT 19,956 Reputation points

    Hi @Yuk Leong Chow

    Thank you for reaching out to the Microsoft Q&A platform

    Communication between Windows Update agent and Microsoft servers occurs over HTTP or HTTPS over port 80 and 443. If you are using the update management, you can to the connectivity checks by following this document

    Reference for communication issues and debugging guide

    This below highlighted section of the document has the information above prerequisite URLs. and Port details documented, other than this i didn't find it elsewhere mentioned about the URLs and ports.

    User's image

    User's image

    Please click "Accept as answer" if this helps

  2. sam goudie 0 Reputation points Microsoft Employee