WAF and WSUS - possible?

Hi everyone,

i want to "publish" our WSUS to the internet to reach all those remote workers client which do not connect to the VPN anymore because everything is in the cloud.

As we are not ready to use Windows Update for Business and Intune - i want to perform a small step into "cloud updates".

Is this even possible? Did anyone try it? I've set it up - but nothing happens. - I do not want to use DNAT if possible

Best regards


  • Hi Stephan,

    technical spoken, I don’t see a real barrier. Does the certificate match? Somewhere I read about BLOCK access to /DssAuthWebService, /ServerSyncWebService, and /ApiRemoting30. That should be more easy with WAF as NAT.
    I didn’t try that myself, but see the point as I am in the same situation.

    Best regards