Wrong IP Address of clients on WSUS

Problem:

In my setup a WSUS server was installed in a vlan different from the clients. An UMT (namely a FortiGate) ensures the inter-vlans communications. The necessary rules were established to permit the communications between WSUS and the clients. However, the clients report to the server with the wrong IP address. In fact, they all appear on the console with their gateway.



Servers which are on the same vlan as WSUS appear on the console with their true IP address.

Solution:

After investigation, It was found out that the address translation done by the firewall was causing the problem.



To solve the problem, edit the policy which permits the communication between the clients vlan and the WSUS server and disable the NAT feature. Reporting of clients could be forced, or we can wait for the next synchronization in order to see clients appearing with their true IP address on the WSUS console.

The command used to force synchronization is:

wuauclt /detectnow

Sometimes, the above command does not resolve the problem and we should add another switch:

wuauclt.exe /resetauthorization /detectnow

The /resetauthorization parameter forces the targeting cookie to be immediately expired. Normally the cookie expires within 60 minutes.



Commentaires

Posts les plus consultés de ce blog

How to determine eigenvalues and eignevectors of a matrix in Excel

Analyse de Fourrier sur Excel

Calcul des valeurs propres et vecteurs propres sur Excel