Hi,
there is a known problem with the HTTP1.1 Byte Range command. Now a customer has a problem with WSUS Updates:
"Content File Download Failed: The server does not support the necessary HTTP protocol
Content file download failed. Reason: The server does not support the necessary HTTP protocol. Background Intelligent Transfer Service (BITS) requires that the server support the Range protocol header. "
Did somebody manage to solve this problem with changing the configuration in the utm proxy settings? The proxy is in standard mode and the traffic should not be bypassed for this, if it is possible. The last solution would be to change the WSUS configuration.
There is already an Exception in place for the MS Updates:
Skipping: Antivirus / Sandstorm / Extension blocking / SSL scanning
Matching these URLs: ^https?://([A-Za-z0-9.-]*\.)?windowsupdate\.com/
^https?://([A-Za-z0-9.-]*\.)?microsoft\.com/
MS also describes the problem https://support.microsoft.com/en-us/kb/922330 :
You may experience this problem if a computer is behind a firewall or behind a proxy server. This problem occurs if one of the following conditions is true:
When you copy a file by using BITS in background mode, the file is copied in multiple small parts. To perform this kind of copy operation, BITS uses the HTTP 1.1 Content-Range header. If you are behind a proxy server or behind a firewall that removes this header, the file copy operation is unsuccessful.
Note When BITS copies files in foreground mode, BITS does not use this header.
is it possible to get this working with the proxy?
Best Regards
Sebastian
Hi Sebastian,
Configure an exception and bypass all the check for URL(s) mentioned here. Let us know if that works.
Thanks
Sachin Gurung
Team Lead | Sophos Technical Support
Knowledge Base | @SophosSupport | Video tutorials
Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.