How to Check if Microsoft Online Servers URLs are Allowed on Device Firewall Settings

Modified on Mon, 6 Oct at 9:01 AM

Product Version: 6.5.0.0


Overview

In certain scenarios, Windows updates configured to download from Microsoft online servers may fail due to firewall restrictions. This document provides steps to check and adjust firewall settings, ensuring that Windows updates can be downloaded successfully.


Resolution Steps

1. Check Windows Firewall Settings on Your Device

a. Open Windows Defender Firewall with Advanced Security

  1. Press Win + R to open the Run dialog.

  2. Type wf.msc and press Enter. This opens the Windows Defender Firewall with Advanced Security console.

b. Verify Firewall Rules

  1. Look for rules that might block or allow connections to the Windows Update service.

    • Rules related to Windows Update may be named "Windows Update" or "WUDF".

  2. If any rules block or restrict access to certain URLs or IP addresses:

    • Right-click on the rule and select Properties.

    • Review the General and Scope tabs to see what is being blocked or allowed.


2. Check Firewall Rules in PowerShell

a. Open PowerShell as Administrator

  1. Press Win + R, type powershell, and select Windows PowerShell (Admin).

b. List All Firewall Rule

Get-NetFirewallRule -All


c. Filter Rules Related to Windows Update

Get-NetFirewallRule -All | Where-Object { $_.DisplayName -like '*Windows Update*' }


d. Search for Microsoft-Related Rules (Optional)
If the above command does not return relevant rules:

Get-NetFirewallRule | Where-Object { $_.DisplayName -match 'Microsoft' }



This can help identify hidden firewall rules that may affect Windows Update.


3. Check Network Configuration and DNS Settings

Ensure that the device’s network configuration allows access to Microsoft’s servers.

a. Verify DNS Resolution
Run the following command in PowerShell:

nslookup windowsupdate.microsoft.com



This confirms that the device can correctly resolve Microsoft update servers.


4. Test Connectivity to Windows Update Servers

Use PowerShell to verify connectivity to Microsoft server

Test-NetConnection -ComputerName windowsupdate.microsoft.com -Port 80
Test-NetConnection -ComputerName windowsupdate.microsoft.com -Port 443



Successful Connectivity: If TcpTestSucceeded returns True for both ports, the device can connect successfully to Windows Update servers.

Firewall Restrictions: If the test fails, it indicates firewall restrictions or network issues that need to be addressed.


Conclusion

By following these steps, you can verify and adjust firewall settings, DNS configuration, and network connectivity to ensure that your device can access Microsoft’s online servers for Windows updates. Proper validation of firewall rules and network settings helps prevent update failures and ensures smooth operation.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article