Hi, When talking about WSUS are you referring to the SUP role ? If you are already using a DP in the DMZ for IBCM Client then you should implement a SUP and MP there too to limit the communications between your clients and your internal network.
Once configured as downstream server, the SUP will synchronize with the existing one in your hierarchy therefore won't connect to Windows Update. These were my 2cents. Jérémy SI HASSEN | InepSol | Architecte Configuration Manager, Poste de Travail et Data Protection Manager | +33 6 63 23 22 11 | [email protected]<mailto:[email protected]> [btn_in_20x15]Jsihassen on Linkedin<http://fr.linkedin.com/in/jsihassen> From: [email protected] [mailto:[email protected]] On Behalf Of Chris Carbone Sent: lundi 27 juillet 2015 17:47 To: [email protected] Subject: [mssms] Setting up a second WSUS DP on DMZ I tried getting Windows Updates working for internet clients about half a year ago and failed miserably. This is all new to me. We have an internal DP with the WSUS role and all is working fine with that for internal clients. When you want to push Windows Updates out to internet clients, is it normal to setup another WSUS role on a DP sitting on the DMZ and use that for only internet clients? And if I set up a second WSUS server for internet clients, do I sync this DB with the internal DP one instead of pulling the updates from Microsoft? If anyone can point me to a guide for this kind of situation that would be greatly appreciated. Or recommend what method is best. Thanks in advance! This electronic mail transmission may contain confidential information intended only for the use of the individual(s) identified as addressee(s). If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or the taking of any action in reliance on the contents of this electronic mail transmission is strictly prohibited. If you have received this transmission in error, please notify me by telephone immediately.
