Problems receiving Windows Updates with VelociRaptor Firewall/VPN

[CICTech]

We have a Symantec VelociRaptor Firewall/VPN Device installed thorough an efficient networks DSL router. When we try to receive Windows Updates the system crashes when traffic is routed through the firewall. When taken off the firewall and routed straight thru the router we can receive updates without any problems. I was wondering if anyone knows ports that windows update uses so we can open them up and receive updates?

Thank you in advance

 

[michigan]

Hello CICTech -

I think you want to open ports 443 & 1356.

I traced all in/out when I ran my Windows Update. Those ports were screamin back & forth! If those do not work, plz post and let me know. I may be lookin' at the wrong traffic (w/UDP drops).

Good Luck.

 

[CICTech]

thanks for the reply! I will try it out

 

[CICTech]

I was going to open those ports up when I realized they are already open! Any other suggestions?? Thanks!!

 

[michigan]

CICTech -

Sorry that didn't work. I wish I could be more help. I recently purchased our first FW, and Im not too familar with all functions.

Couple of thoughts:

Is there a way on the VelociRaptor to monitor real-time (or close to in logs) which ports are trying to be opened/accessed from the outside? If so, I would turn the log on, run over to the machine that freezes up, try running the update, run back to the firewall software/log, and see which ports were trying to be opened.

I noticed from my OS, the 443 port isn't even attempted until an update was available. I'm using XP Pro.

Or, maybe your 443 is only opened for outbound traffic. Or, vis versa.

Good Luck.

 

[CICTech]

Thank you for your help!! That resloved my problem. I only had 443 set to outbound for some reason. I appreciate it!

 

[michigan]

CICTech -

Glad it worked out for ya. Have a great new year.