Skip to main content

Hi Team,

We have disable Domain Firewall and we have Private and Public FW enabled on End nodes. In this case, do I need to allow below URLs on my all-End node’s Local firewall? to fetch updates from Microsoft.

Windows OS - We might choose to apply a rule to permit HTTP RANGE requests.gRS1] 

 

•             *.download.windowsupdate.com

•             *.dl.delivery.mp.microsoft.com

•             *.delivery.mp.microsoft.com

Devices can reach necessary Windows Update endpoints through the firewall

TLS 1.2  *.prod.do.dsp.mp.microsoft.com

HTTP      emdl.ws.microsoft.com

HTTP      *.dl.delivery.mp.microsoft.com

HTTP      *.windowsupdate.com

HTTPS   *.delivery.mp.microsoft.com

TLS 1.2  *.update.microsoft.com

TLS 1.2  tsfe.trafficshaping.dsp.mp.microsoft.com

 

Good morning @MD Shoaib Pasha !

 

On most devices the default outbound firewall behavior is to allow all traffic. Provided you haven’t modified this default behavior on the outbound side: you should not have to make any changes to your endpoints’ firewall config.

 

Hope this helps!

 

AM


Reply