Windows could not search for new updates - Error Code 8024402F / 80072EFE

1

I've recently started experiencing some issues with a couple of workstations on my network getting the above-mentioned errors when trying to check for and download updates for Windows 7 (x64). Sometimes I get the 8024402F error, and sometimes I get the 80072EFE error. I've attempted to resolve the problem myself through liberal use of Google-fu, but I've been unable to find anything yet that will allow these computers to check for updates.

For now, I'm just working on one of the (apparently) three computers on my network that are having the problem because it's a computer that isn't actively in use for production at the moment.

If you're experiencing this issue and stumbled across this thread but haven't tried one or more of the steps I list below, I'd suggest going through these first. Most people swear by the Kaspersky TDSSKiller application I mention, even though it didn't work for me.

UPDATE - RESOLVED: If you're getting one of the two errors identified here, the first troubleshooting step you may want to try, regardless of which of the two errors you're encountering, is to simply reboot and/or update whatever firewall solution you're using. Our problem was apparently caused by something in our hardware firewall, and a reboot "cleared up" whatever was causing interference in the connection to the Windows Update servers. See the self-accepted solution below for additional details, but hopefully, this will save you from chasing your tail in your troubleshooting.


TROUBLESHOOTING SO FAR

In my research, the most common cause reported for these errors is some sort of virus or rootkit infection. Many articles point to a rootkit detection tool provided by Kaspersky Labs (Anti-rootkit utility TDSSKiller) as the best solution as it seems to resolve most problems. Other malware detection tools to try include MalwareBytes, Spybot Search & Destroy, Microsoft's own malware detection tools (Safety Scanner), etc. I've run several different variants, including our internal antivirus solution, ESET Endpoint Antivirus in an effort to ensure there is no infection, and all of them come up clean.

Per another thread in the Microsoft Community forums for a different Windows Update error (Windows Update Error Code 80244019), I also checked the status of Data Execution Prevention on the affected workstation to ensure that it was set to Turn on DEP for Essential Windows Programs and Services only (which it was).

The next step was to try to reset the Windows Update components. I followed all of the instructions listed in the Microsoft article, "How do I reset Windows Update components?", and even created a batch file to run through all of the steps automatically in case it worked so I could run it on the other affected workstations.

Per a recommendation from another System Administrator with whom I've been discussing the issue, I even reset TCP/IP on the workstation in case there was a problem there that was causing the interruption. For this, I followed the instructions in the Microsoft article "How to reset TCP/IP by using the NetShell utility", but I still continue to receive one of the above-listed errors when I attempt to check for new updates after rebooting.

One user suggested that the issue could possibly be with the firewall blocking communication, so I went to my SonicWALL configuration settings and added all of the following URI's to the "Allowed Domains" list (whitelist) for the firewall's content filter. For reference, here are the URI's I added. (I know there's some "overlap" in these, but I pulled the list from the following TechNet forum thread, "Windows update IP addresses range and subnet mask for Windows Server 2008.".)

  • windowsupdate.microsoft.com
  • *.windowsupdate.microsoft.com
  • *.update.microsoft.com
  • *.windowsupdate.com
  • download.windowsupdate.com
  • download.microsoft.com
  • *.download.windowsupdate.com
  • wustat.windows.com
  • ntservicepack.microsoft.com
  • stats.microsoft.com

I haven't been able to find any other useful articles or forum threads at this point, and both I and the other System Administrator I've been working with have run out of ideas. Has anyone else run into and resolved this stubborn problem? Any suggestions would be greatly appreciated.

NOTE: Other workstations including my own do not seem to be experiencing any problems checking for, downloading, or installing updates. The affected workstations do not appear to have any other network/Internet-related issues, as far as I can tell. The problem only seems to be with checking for Windows updates. All of the workstations on the network have the same basic configuration when it comes to AV software scanning and security.


UPDATE: I went ahead and ran the System File Checker utility (sfc /scannow). It did find some corrupted files (looking through the CBS.log file, I only found one file listed: diskmgt.CHM - a compiled HTML file for the Windows Help system), so I rebooted and tried again, but I'm still getting the 80072EFE error. Per comments, I'm still looking at our SonicWALL, but the fact that not all workstations are affected makes me less-than-optimistic about finding a solution there.
UPDATE #2: Per a suggestion in the comments from @Ramhound, I manually downloaded the January 2018 "Security Monthly Quality Rollup" update directly from Microsoft's catalog site and ran the .msu file on the workstation I've been working on. Everything appeared to have installed correctly, so I rebooted and tried to check for updates again. Unfortunately, I got the 8024402F error again.

I was searching around the catalog for other updates that might be useful and ran across the "Microsoft .NET Framework 4.7.1" and "Cumulative Security Update for Internet Explorer 11" updates, so I went ahead and downloaded those separately and attempted to install them as well. The .NET Framework update reported that it was already installed, so I just installed the IE update. It didn't require a reboot, so I went ahead and tried to update again, but got the same error. I rebooted and tried again, just in case, but still get the 8024402F error.


UPDATE #3: In an attempt to provide as much detail as possible, here are the results from the WindowsUpdate.log file from my most recent attempt:

2018-01-17  13:38:24:765     836    1668    AU  Triggering AU detection through DetectNow API
2018-01-17  13:38:24:765     836    1668    AU  Triggering Online detection (interactive)
2018-01-17  13:38:24:765     836    136c    AU  #############
2018-01-17  13:38:24:765     836    136c    AU  ## START ##  AU: Search for updates
2018-01-17  13:38:24:765     836    136c    AU  #########
2018-01-17  13:38:24:765     836    136c    AU  <<## SUBMITTED ## AU: Search for updates [CallId = {351E19E7-2512-433F-9FDC-5766DCEC2CD9}]
2018-01-17  13:38:24:765     836    844 Agent   *************
2018-01-17  13:38:24:765     836    844 Agent   ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
2018-01-17  13:38:24:765     836    844 Agent   *********
2018-01-17  13:38:24:765     836    844 Agent     * Online = Yes; Ignore download priority = No
2018-01-17  13:38:24:765     836    844 Agent     * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2018-01-17  13:38:24:765     836    844 Agent     * ServiceID = {9482F4B4-E343-43B6-B170-9A65BC822C77} Windows Update
2018-01-17  13:38:24:765     836    844 Agent     * Search Scope = {Machine}
2018-01-17  13:38:24:827     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:24:827     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:24:827     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMP9559.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:24:827     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:24:827     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\v6-win7sp1-wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:24:843     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:28:244     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\v6-win7sp1-wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:28:244     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:28:260     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:28:275     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:28:275     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMPA2D2.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:28:275     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:28:275     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:28:291     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:28:291     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMPA2E3.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:28:306     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:28:306     836    844 Agent   Downloading new auth cab for service 7971f918-a847-4430-9279-4a52d1efe18d at http://ds.download.windowsupdate.com/v11/2/microsoftupdate/redir/v6-muauth.cab
2018-01-17  13:38:32:831     836    844 Misc    WARNING: Send failed with hr = 80072efe.
2018-01-17  13:38:32:831     836    844 Misc    WARNING: SendRequest failed with hr = 80072efe. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2018-01-17  13:38:32:831     836    844 Misc    WARNING: WinHttp: SendRequestUsingProxy failed for <http://ds.download.windowsupdate.com/v11/2/microsoftupdate/redir/v6-muauth.cab>. error 0x80072efe
2018-01-17  13:38:32:831     836    844 Misc    WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072efe
2018-01-17  13:38:32:831     836    844 Misc    WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072efe
2018-01-17  13:38:32:831     836    844 Misc    WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efe
2018-01-17  13:38:32:831     836    844 Misc    WARNING: DownloadFileInternal failed for http://ds.download.windowsupdate.com/v11/2/microsoftupdate/redir/v6-muauth.cab: error 0x80072efe
2018-01-17  13:38:32:831     836    844 Agent   WARNING: Failed to download auth cab for service 7971f918-a847-4430-9279-4a52d1efe18d from http://ds.download.windowsupdate.com/v11/2/microsoftupdate/redir/v6-muauth.cab, hr=0X80072EFE
2018-01-17  13:38:32:831     836    844 Agent   FATAL: Caller Default Service Recovery failed to opt in to service 7971f918-a847-4430-9279-4a52d1efe18d, hr=0X80072EFE
2018-01-17  13:38:32:831     836    844 Setup   Checking for agent SelfUpdate
2018-01-17  13:38:32:831     836    844 Setup   Client version: Core: 7.6.7601.23806  Aux: 7.6.7601.23806
2018-01-17  13:38:32:831     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:32:846     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:32:862     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMPB4AF.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:32:862     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:32:862     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\v6-win7sp1-wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:32:862     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:36:263     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\v6-win7sp1-wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:36:278     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:36:278     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:36:278     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:36:278     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMPC218.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:36:294     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:36:294     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:36:294     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:36:294     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMPC229.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:36:309     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:40:007     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\SelfUpdate\wuident.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:40:022     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:40:022     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\SelfUpdate\TMPD0BA.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:40:038     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:40:038     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:40:038     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:44:578     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:44:593     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:44:625     836    844 Setup   Determining whether a new setup handler needs to be downloaded
2018-01-17  13:38:44:625     836    844 Setup   SelfUpdate handler is not found.  It will be downloaded
2018-01-17  13:38:44:625     836    844 Setup   Evaluating applicability of setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.320"
2018-01-17  13:38:44:625     836    844 Setup   Setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.320" is already installed.
2018-01-17  13:38:44:640     836    844 Setup   Evaluating applicability of setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320"
2018-01-17  13:38:44:656     836    844 Setup   Setup package "WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320" is already installed.
2018-01-17  13:38:44:656     836    844 Setup   Evaluating applicability of setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320"
2018-01-17  13:38:44:687     836    844 Setup   Setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.320" is already installed.
2018-01-17  13:38:44:687     836    844 Setup   SelfUpdate check completed.  SelfUpdate is NOT required.
2018-01-17  13:38:44:921     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:44:921     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:44:937     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMPE3DD.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:44:937     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:44:937     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\v6-win7sp1-wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:44:937     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:58:462     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\v6-win7sp1-wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:58:478     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:58:478     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:58:493     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:58:493     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMP18E2.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:58:493     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:58:493     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab with dwProvFlags 0x00000080:
2018-01-17  13:38:58:509     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:58:509     836    844 Misc    Validating signature for C:\windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\TMP18F3.tmp with dwProvFlags 0x00000080:
2018-01-17  13:38:58:509     836    844 Misc     Microsoft signed: NA
2018-01-17  13:38:58:509     836    844 PT  +++++++++++  PT: Synchronizing server updates  +++++++++++
2018-01-17  13:38:58:509     836    844 PT    + ServiceId = {9482F4B4-E343-43B6-B170-9A65BC822C77}, Server URL = https://fe2.update.microsoft.com/v6/ClientWebService/client.asmx
2018-01-17  13:39:07:183     836    844 Misc    WARNING: WinHttp: WinHttpQueryHeaders(WINHTTP_QUERY_CONTENT_TYPE) for X-CCC failed. error 0x80072f76
2018-01-17  13:39:07:183     836    844 PT  WARNING: ECP: DownloadCabFile: failed to get CDN Country for error reporting, hr = 0X80072F76
2018-01-17  13:39:11:520     836    844 Misc    WARNING: Send failed with hr = 80072efe.
2018-01-17  13:39:11:520     836    844 Misc    WARNING: SendRequest failed with hr = 80072efe. Proxy List used: <(null)> Bypass List used : <(null)> Auth Schemes used : <>
2018-01-17  13:39:11:520     836    844 Misc    WARNING: WinHttp: SendRequestUsingProxy failed for <http://download.windowsupdate.com/d/msdownload/update/others/2014/09/14135010_99b8c18f12abf1898a7a14340ae8aeb14d617b69.cab>. error 0x80072efe
2018-01-17  13:39:11:520     836    844 Misc    WARNING: WinHttp: SendRequestToServerForFileInformation MakeRequest failed. error 0x80072efe
2018-01-17  13:39:11:520     836    844 Misc    WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x80072efe
2018-01-17  13:39:11:520     836    844 Misc    WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x80072efe
2018-01-17  13:39:11:520     836    844 PT  WARNING: ECP: DownloadCabFile: failed to get CDN Provider for error reporting, hr = 0X80070006
2018-01-17  13:39:11:520     836    844 PT  WARNING: ECP: DownloadCabFile: failed to get CDN Country for error reporting, hr = 0X80070006
2018-01-17  13:39:11:520     836    844 PT  WARNING: ECP: Failed to download cab file from http://download.windowsupdate.com/d/msdownload/update/others/2014/09/14135010_99b8c18f12abf1898a7a14340ae8aeb14d617b69.cab with error 0x80072efe
2018-01-17  13:39:11:520     836    844 PT  WARNING: ECP: This roundtrip contained some optimized updates which failed. New Update count = 1, Old Count = 60
2018-01-17  13:39:11:598     836    844 PT  WARNING: Sync of Updates: 0x8024402f
2018-01-17  13:39:11:598     836    844 PT  WARNING: SyncServerUpdatesInternal failed: 0x8024402f
2018-01-17  13:39:11:598     836    844 Agent     * WARNING: Failed to synchronize, error = 0x8024402F
2018-01-17  13:39:11:598     836    844 Agent     * WARNING: Exit code = 0x8024402F
2018-01-17  13:39:11:598     836    844 Agent   *********
2018-01-17  13:39:11:598     836    844 Agent   **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2018-01-17  13:39:11:598     836    844 Agent   *************
2018-01-17  13:39:11:598     836    844 Agent   WARNING: WU client failed Searching for update with error 0x8024402f
2018-01-17  13:39:11:598     836    a60 AU  >>##  RESUMED  ## AU: Search for updates [CallId = {351E19E7-2512-433F-9FDC-5766DCEC2CD9}]
2018-01-17  13:39:11:598     836    a60 AU    # WARNING: Search callback failed, result = 0x8024402F
2018-01-17  13:39:11:598     836    a60 AU    # WARNING: Failed to find updates with error code 8024402F
2018-01-17  13:39:11:598     836    a60 AU  #########
2018-01-17  13:39:11:598     836    a60 AU  ##  END  ##  AU: Search for updates [CallId = {351E19E7-2512-433F-9FDC-5766DCEC2CD9}]
2018-01-17  13:39:11:598     836    a60 AU  #############
2018-01-17  13:39:11:598     836    a60 AU  Successfully wrote event for AU health state:0
2018-01-17  13:39:11:598     836    a60 AU  Successfully wrote event for AU health state:0
2018-01-17  13:39:16:606     836    844 Report  REPORT EVENT: {1FF41EAC-73DF-49E2-8846-58D75AF34788}    2018-01-17 13:39:11:598-0600    1   148 101 {00000000-0000-0000-0000-000000000000}  0   8024402f    AutomaticUpdates    Failure Software Synchronization    Windows Update Client failed to detect with error 0x8024402f.
2018-01-17  13:39:16:621     836    844 Report  CWERReporter::HandleEvents - WER report upload completed with status 0x8
2018-01-17  13:39:16:621     836    844 Report  WER Report sent: 7.6.7601.23806 0x8024402f(0x80072efe) 0000000-0000-0000-0000-000000000000 Scan 0 0 AutomaticUpdates {9482F4B4-E343-43B6-B170-9A65BC822C77} 0

I've also cross-posted this question in the Microsoft TechNet forums and will make sure that both posts are updated as more information becomes available.

windows-7
windows-update
asked on Super User Jan 15, 2018 by G_Hosa_Phat • edited Jan 22, 2018 by G_Hosa_Phat

1 Answer

1

PROBLEM SOLVED

After all of the troubleshooting I've done so far at the workstation with no solution, I kept coming back to the possibility that something might be going on at the firewall. Since the SonicWALL is a hardware firewall at the edge of our network through which all traffic into or out of our network has to pass, and the problem was only affecting some workstations, I really didn't think that it could be the source of my trouble. But, short of completely wiping the problem workstations and reinstalling Windows, I was out of troubleshooting steps to try. Of course, my only real troubleshooting option for this device was to look for a possible configuration issue or something within the firewall itself that could be interfering.

I went out and checked and found that there was a newer firmware version available for the SonicWALL device, so I downloaded the latest firmware package and updated the SonicWALL. Everything appeared to be working normally when it was complete, but I had to leave for the night, so I left it (and the testing) until this morning.

When I came into the office this morning, we had some very strange network issues that took me half the day to work through, including problems with (again) some stations in a VOIP phone system not properly communicating with the PBX. Since everything appeared to be working the night before, and not everyone was affected, I was totally confused by what might be causing it. I checked the firewall to see if I could simply roll back the firmware update I had just applied, but I didn't see any option for that in the UI.

I started digging through the entire network trying to find the cause of my latest issue. I was looking at everything from firewall rules, to managed switch logs, to VLAN tagging, to DHCP address leases, and anything else that popped into my head. After hours of work with no apparent progress, my Network/System Administrator friend with whom I'd been discussing the issue suggested rebooting the SonicWALL. I still didn't think it would make any difference, but I figured it couldn't hurt at this point, so we went ahead and rebooted.

When the SonicWALL came back online, voila! My phones started connecting to the PBX again, and the rest of the network seemed to stabilize. I ran a few additional tests and it seemed that we were back in business. While I was tremendously grateful, I'm still not 100% certain exactly why rebooting the SonicWALL cleared it up since I had already rebooted when the new firmware was applied.

Regardless, once our internal network was back to normal, I tried again to update Windows on the machine I've been using for troubleshooting. This time, the check for updates was successful and I was able to download and install the most recent updates.

I checked the other workstations that were experiencing the same issue, and they all appear to be working now as well. At this point, I'm going to have to assume that something in the SonicWALL was causing the issue and the firmware update/reboot is what solved it. Thank you all for your assistance.

answered on Super User Jan 19, 2018 by G_Hosa_Phat • edited Jan 22, 2018 by G_Hosa_Phat

User contributions licensed under CC BY-SA 3.0