Allow access only to Microsoft update services
- November 26, 2018
- 2 replies
- 47481 views
Hi all,
I have an upstream WSUS server in my DMZ which should be allowed to only access the Microsoft update services resumed in these urls:
[link]https://*.microsoft.com[/link] [link]https://*.update.microsoft.com[/link] [link]http://*.windowsupdate.com[/link] [link]http://*.download.windowsupdate.com[/link] [link]https://*.windowsupdate.microsoft.com[/link] [link]http://*.update.microsoft.com[/link] [link]http://*.windowsupdate.microsoft.com[/link] download.windowsupdate.com windowsupdate.microsoft.com ntservicepack.microsoft.com wustat.windows.com download.microsoft.com stats.microsoft.com test.stats.update.microsoft.com
I tried two ways but I failed in
1- Way1
I blocked all Fortiguard web categories and added a url filter allowing all the needed urls (as you can see in attach1).
This doesn't work since the urls were blocked by the web categories filter as belonging to the blocked Information Technologie category.
2- Way2
I disabled the web categories filter and added a blocking filter at the end of the url filter list (attach2). But access was also blocked. I also tried allow and exempt in the url filter but the result was the same.
Could anyone help ?