Hello everyone, this is my first post.
First of all, compliments for the great job you're making for this project!!
I've already searched in the forum but unfortunately I didn't find the answer.
So, this is my question: is in your plans implementing a feature for simply caching Windows Updates like IPFire (see http://wiki.ipfire.org/en/configuration/network/update-booster (http://wiki.ipfire.org/en/configuration/network/update-booster))?
In my lab there are many PCs (for repairing - no AD), when Windows Update starts internet connection slows down, a simply web page can take 1-2 mins to load. I think it could be helpful for everyone that doesn't have a good internet connection. If not possible, can you tell me a solution for this?
I've tried http://wiki.squid-cache.org/SquidFaq/WindowsUpdate (http://wiki.squid-cache.org/SquidFaq/WindowsUpdate) with pfSense, but IPFire's solution is much better and ready to use...
Hope to see that in OPNsense, and sorry for my bad english... :D
Thank you
If you already have a lab, why not setup a Windows server with WSUS?
Especially if you have a MSDN license that shouldn't be a problem.
Your clients don't need to be domain members to use the WSUS, although you need to manually configure the local group policy, and use wuauclt to authorize it.
Seems to me that's a lot simpler then messing around with non-Microsoft products.
I'm testing this solution for a couple of days, but requires registry or GP changes when pc come into the lab and I must remember to delete changes when I finish to repair...
It's better to have a transparent proxy that does the caching job (without necessity to approve or refuse update, etc), don't you think?
In my opinion, a computer that enters the lab will be enrolled for the lab.
Ideal situation of course.
Personally I don't like caching proxies. Never did.
And to come back to WSUS, you could use your production machine as well, as long as you allow the correct port to the VLAN where the production WSUS server resides.
Unless you have it fysically seperated.
Computers are not mine, I work in a repair shop, after repairing customers bring them back to home.
Aaah, now it makes sense to me :-)
:) :)
So none of you have this problem?
Pues yo bloquear todas las ip y web que utilizan para actualizaciones de windows (por ejemplo windowsupdate.com) tanto por firewall como por proxy, con eso ya ninguno tiene por que actualizarse y consumir tu ancho de banda, y que después vaya a su casa
This isn't a solution! :) Updates have to be done in lab...
Isn't Offline Windows Update (forgot the exact name) not something to try out in your case?
Could place it on a share or USB stick for usage.