Problem with downloading WSUS Updates


there is a known problem with the HTTP1.1 Byte Range command. Now a customer has a problem with WSUS Updates:

"Content File Download Failed: The server does not support the necessary HTTP protocol 

Content file download failed. Reason: The server does not support the necessary HTTP protocol. Background Intelligent Transfer Service (BITS) requires that the server support the Range protocol header. "

Did somebody manage to solve this problem with changing the configuration in the utm proxy settings? The proxy is in standard mode and the traffic should not be bypassed for this, if it is possible. The last solution would be to change the WSUS configuration.

There is already an Exception in place for the MS Updates:

Skipping: Antivirus / Sandstorm / Extension blocking / SSL scanning
Matching these URLs: ^https?://([A-Za-z0-9.-]*\.)?windowsupdate\.com/

MS also describes the problem :

You may experience this problem if a computer is behind a firewall or behind a proxy server. This problem occurs if one of the following conditions is true:

  • The proxy server environment does not support the HTTP 1.1 range request feature.
  • You are behind a SonicWALL firewall device, and the Enable HTTP Byte-Range request with Gateway AV setting is not enabled for the device.

When you copy a file by using BITS in background mode, the file is copied in multiple small parts. To perform this kind of copy operation, BITS uses the HTTP 1.1 Content-Range header. If you are behind a proxy server or behind a firewall that removes this header, the file copy operation is unsuccessful. 

Note When BITS copies files in foreground mode, BITS does not use this header.

is it possible to get this working with the proxy?

Best Regards