Fortigate - allowing SCCM to update repositories.

Question

Hi everyone,

Trying to allow my sccm server to download windows and office updates.

If I setup a rule to allow all everything then all updates are able to be downloaded without issue.

When I set up a rule allowing the following services: Microsoft-Azure, Microsoft-DNS, Microsoft-Microsoft.Update, Microsoft-NetBios.Name.Service, Microsoft-NetBios.Session.Service, Microsoft-NTP, Microsoft-SSH and Microsoft-Web I am not able to download successfully.

Any hints about what i am missing to get this to work correctly? When i monitor all traffic from the server i can not see any blocks.

AlexC-FTNT · Answer

" I am not able to download successfully. "

How does this translate in the firewall language? Is the traffic blocked or allowed? What do you have in the logs? When you set up the services in a policy - is that policy matched? The IP that your server is trying to reach belongs to one of those services?

Did you check this?
https://community.fortinet.com/t5/FortiGate/Technical-Tip-ISDB-common-admin-operations/ta-p/192971

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded