Share via

How to add outbound rule in windows firewall to allow Windows Update?

Anonymous
2012-10-16T10:00:30+00:00

Please don't ask me to change firewall policy. My default policy for outbound connections is "block". Many programs connect to internet without my attention and consumes bandwidth so I restricted the firewall policy to block, but Microsoft update or Windows update service not working. Please suggest safe option to enable MS Update by creating outbound rule.

Windows for home | Windows 10 | Windows update

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments
Answer accepted by question author
  1. Anonymous
    2012-10-16T22:39:34+00:00

    Hi Rajendra_T,

    Thank you for the post. I understand that you would like to allow Windows updates in firewall by creating an outbound rule.

    I will definitely help you with this.

    You need to add the Windows Update website addresses to the blocking program's exceptions or "allow" list or allow Windows Update Service to connect to the Internet through port 80 and port 443.

    To add the Windows Update websites to a firewall exceptions list

    Windows Firewall ships with this version of Windows and should already include these sites in the exceptions list. If you use a different firewall, refer to the software publisher's documentation to see how to add these websites to your firewall exceptions list:

    - http://\*.update.microsoft.com
- https://\*.update.microsoft.com
- http://download.windowsupdate.com

    For more information, visit the following links and check.

    Allow a program to communicate through Windows Firewall

    http://windows.microsoft.com/en-us/windows7/Allow-a-program-to-communicate-through-Windows-Firewall

    How to Configure a Firewall for Software Updates

    http://technet.microsoft.com/en-us/library/bb693717.aspx

    If anything in my post is unclear or you have any further questions, please do not hesitate to let us know. We will be glad to assist you.

    8 people found this answer helpful.
    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2016-04-19T18:53:08+00:00

    Hi,

    I just tried the steps by @bluefirestar and I am still getting "Windows could not search for updates" with the Error Code 80072EE2.  This is our new server which has nothing on it, am I'm certain its a firewall issue.  Is there something else I need to do to activate this Outbound Rule, or another check I can perform to see if something  else could be causing this annoying issue?

    5 people found this answer helpful.
    0 comments
  2. Anonymous
    2015-02-18T18:22:42+00:00

    To make an outbound rule do the following :

    new ourbound rule, custom, choose "svchost" (from system32 folder)  after that click customize and select only wuauserv service from procol choose tcp, local port range 49152-65535 and remote ports 80 and 443 for local ip address choose any and for remote choose any or better search for microsoft update servers address range i found some but can be many more 

     65.52.0.0/14  for  http://windowsupdate.microsoft.com

     184.24.0.0/13 for  http://download.windowsupdate.com 207.46.0.0/16 for  http://ntservicepack.microsoft.comchoose allow the connection, choose public domain or home depending on your network profile give your rule a name and click FinishHope i did not miss something

    3 people found this answer helpful.
    0 comments