This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows 10 store not downloading

I've got a Sophos Web Appliance running  v4.2.1.3

I have a test machine running Windows 10 but it's unable to download any updates or new apps.

The SWA is not showing anything blocked or warned just what sites I would site expect to be shown (v10.vortex-win.data.microsoft.com, mobile.pipe.aria.microsoft.com, wns.windows.com, storeedgefd.dsx.mp.microsoft.com etc.)

This is a brand new install of Windows 10.

If I connect the Windows 10 computer to my phone via as a mobile hotspot it downloads everything correctly.



This thread was automatically locked due to age.
Parents Reply Children
  • And you've added microsoft.com as trusted? 

  • I've disabled scanning and cert inspection for testing

    I've also noticed that if I point the traffic to our Fortinet proxies or TMGs the downloads work but the updates still fail. 

    Thanks

    Will

     

     

     

  • yes I have, and all the other sites recommended in the MS articles

    Rgds

    Will

  • Hi Will,

     

    Most of the W10 issues I have seen going through the swa are related to some of MS's back of house servers.   I have found a couple with self signed certificates as well as servers that still use SSLv3 .. The appliance will instantly drop a V3 connection and would only be seen in the logs.

    I recommend that you export the sophos.log file to a syslog server. 

    you will get something like this:

    h=10.99.115.13 u="DOMAIN\\johnsmith" s=200 X=- t=1336666489 T=284453Ts=0 act=1 cat="0x220000002a" app="-" rsn=- threat="-" type="text/html" ctype="text/html"
    sav-ev=4.77 sav-dv=2012.5.10.4770003 uri-dv=- cache=- in=1255 out=26198 meth=GET ref="-" ua="Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0"
    req="GET http://www.google.ca/ HTTP/1.1" dom="google.ca" filetype="-" rule="0" filesize=25815 axtime=0.048193 fttime=0.049360 scantime=0.011 src_cat="0x2f0000002a"
    labs_cat="0x2f0000002a" dcat_prox="-" target_ip="74.125.127.94" labs_rule_id="0" reqtime=0.027 adtime=0.001625 ftbypass=- os=Windows authn=53 auth_by=portal_cache 
    dnstime=0.000197 quotatime=- sandbox=-

    the log definition can be found in the help or online here : http://wsa.sophos.com/docs/wsa/webhelp/index.html#swa/concepts/InterpretingLogFiles.html

    You will need to use a combination of ssllabs and the output of the logs to identify either bad servers or problematic ones. RSN ACT GET will give you more info.

    The last issue you will have is W10 updates use torrents to transfer updates. Byte Range requests are blocked by default, only a site that is set as trusted will allow partial file requests.