+ Post New Thread
Results 1 to 6 of 6
Windows Server 2008 Thread, WSUS/Internet Updates Combination? in Technical; Hey guys, first off, new to the forums although you have been my main source of information for about 7 ...
  1. #1
    DEvans's Avatar
    Join Date
    Sep 2010
    Location
    Droitwich, Worcestershire
    Posts
    74
    Thank Post
    3
    Thanked 16 Times in 10 Posts
    Rep Power
    22

    WSUS/Internet Updates Combination?

    Hey guys, first off, new to the forums although you have been my main source of information for about 7 months, for some reason I never got round to registering, so no more excuses.

    Anyway, straight to the point.

    I am currently working in a college and we have some members of staff that take thier laptops everywhere which doesn't just include home and school but abroad as well, all work related.

    Either way, I have been called in to help another technician and first on the list was to setup WSUS. Something I have done a plenty of times before, however the issue I foresee happening is that when a member of staff comes back from an extended holiday they are going to have a laptop that is going to require X amount of updates.

    I am wondering if it is possible to set up the laptop to use WSUS when inside the college and on the network but also set it so it can recognise when its outside the network which will then trigger it to use windows updates from the internet as its second choice. Ensuring the laptop is always kept up-to-date.

    The college has 6 main servers, one of which is dedicated for WSUS alone, all Server 2008 R2.

    The setup is all group policy, no professional management systems.

    So main question, is it possible to have a combination of WSUS and internet, or am I just speaking rubbish. Until someone tells me I am, I might be looking for something thats just not possible.

  2. #2

    Join Date
    Jun 2007
    Location
    London
    Posts
    894
    Thank Post
    64
    Thanked 171 Times in 140 Posts
    Rep Power
    55
    We have remote access for our laptops via ISA server VLAN - when they connect to the school network the laptop downloads any WSUS updates it's been assigned. Users can connect to the VLAN even if they're logged onto the laptop using a non-domain user account.

  3. #3

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,263
    Thank Post
    111
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    Set up a reverse proxy on a public facing IP to the WSUS server so a url something like

    https://private.schoolname.borough.sch.uk/MyWSUSServer/

    points to

    https://wsusserver.schoolname.internal/

    Apache, Squid or MS ISA/TMG can be used for this.

    Then set Group Policy for machines that leave site to use the public URL instead of the local one.

  4. #4
    gaz350's Avatar
    Join Date
    Jul 2007
    Location
    Rutland, east.leicestershire :P
    Posts
    579
    Thank Post
    47
    Thanked 49 Times in 41 Posts
    Rep Power
    28
    Quote Originally Posted by psydii View Post
    Set up a reverse proxy on a public facing IP to the WSUS server so a url something like

    https://private.schoolname.borough.sch.uk/MyWSUSServer/

    points to

    https://wsusserver.schoolname.internal/

    Apache, Squid or MS ISA/TMG can be used for this.

    Then set Group Policy for machines that leave site to use the public URL instead of the local one.
    I believe MS Licencing terms of WSUS forbid external access(i asked the question a month or so ago)
    although it seems using a VPN is an option.

  5. #5

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,263
    Thank Post
    111
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    Ah, perhaps that's why I've always done it via VPN. Guess I must have 'known that' back when I last built a system...

    If the machines are mostly not going to be connected to the lan then perhaps just letting (forcing) them to use Microsfot Update instead would be best?

    Incidently:
    WSUS & Remote Users

  6. #6
    lafleur1977's Avatar
    Join Date
    May 2009
    Location
    Lancashire
    Posts
    160
    Thank Post
    119
    Thanked 4 Times in 4 Posts
    Rep Power
    11
    You can create two different group policy's, specifying the windows updates settings in each - one to point to wsus and another to point to windows update. Then apply each gpo to seperate containers. This may involve re-organizing your AD computers a bit.

SHARE:
+ Post New Thread

Similar Threads

  1. WSUS Updates
    By cookie_monster in forum Windows
    Replies: 0
    Last Post: 1st July 2008, 09:16 AM
  2. WSUS Updates
    By cookie_monster in forum Windows
    Replies: 9
    Last Post: 25th June 2008, 06:41 PM
  3. WSUS updates
    By RChilcott in forum Windows
    Replies: 2
    Last Post: 24th January 2007, 02:48 PM
  4. New WSUS Updates
    By Gatt in forum Windows
    Replies: 10
    Last Post: 2nd December 2006, 10:58 AM
  5. Where does WSUS store all the updates?
    By ChrisH in forum Windows
    Replies: 4
    Last Post: 13th September 2005, 10:55 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •