I just wanna learn!


Windows Update, Windows Server 2016 and proxy

The dumbest thing… you are installing your brand new Windows Server 2016 machines and then you realize that Windows Update doesn’t work. It just gets stuck on Checking for updates/Downloading updates… for days.


Of course, you have some sort of proxy on your network, and you start troubleshooting this issue by testing on a proxy-free network… and without proxy, Windows Update works just as it should!

So, the next logical next step is to blame “those networking guys”, because updating your machine works fine, when not behind their “fancy proxy thing”.

But no.

You will soon realize that you have some “old” Windows Server 2012 R2 (or even Windows 10) machines, which are updating just fine… even through the “fancy proxy thing”.

And then you start asking yourself why.

You are checking the configuration of older machines by opening up Internet Explorer and double-checking proxy settings… and then you make sure that your new machines are having the same configuration – they have. Then you are just confused. It’s not networking, it’s not proxy settings… what could it be???

Still a bit confused, you have a great idea to check system proxy settings by running netsh winhttp show proxy – on older machines you’ll probably see something like this (which is probably OK, because you’ve just seen the Proxy Settings in IE, which are set to correct values):


So, you’re (naturally) configuring new machines accordingly. Still doesn’t work.

What next?

You can do further reading & testing, but the thing that helped in our case was setting the system (winhttp) proxy with netsh command, so that it actually imports IE proxy settings.

Basically, you need to run netsh winhttp import proxy source=ie (after you’ve set the right proxy settings through IE dialog, of course) or set your system proxy by using the netsh winhttp set proxy command.

After that, Windows Update starts working again!

So, remember – when using Windows Server 2016, set your system proxy settings by using the netsh command and everything will work just fine! Smile


P.S. Of course, if you have another trick to make it work, please comment. Smile

Comments (34) Trackbacks (0)
  1. Hallelujah! I was pulling my hair out trying to update Win 2016, until I found the solution on your blog. You saved my sanity. Hvala vam puno, Tomica!!

  2. Thank you, this was really helpful!

  3. didnt work for me 🙁

  4. Thanks!!!!!!

  5. Thank you, worked for me!

  6. Fantastic, that’s what I was missing – thank you!

  7. This looks like the problem we have, however when I import the ie changes and then check again, it has reset back to Direct Access. I am not aware of any policies that could be overriding this and I am local admin on the machine so would expect that I have permission to make this change permanent. Any thoughts about what might be blocking these changes?

  8. I’ll second that Hallelujah! Why the hell would MS do this? Thank you

  9. They now use the new style setting Panel.
    Start > Settings Cog > Network & Internet > Proxy menu item.

    Set what you need to set here and then retry windows update…. This way worked for me

  10. Thank you, thank you, thank you!

  11. If the proxy required basic authentification (no AD), the windows update hangs also, but in some cases an authentification window like IE comes, in some cases this comes not. The developer must spent 2 fields for user/pw combination.

    “The dumbest thing… you are installing your brand new Windows Server 2016 machines and then you realize that Windows Update doesn’t work.”

  12. Good tip. However it only works if the proxy doesn’t require authentication. If the proxy prompts for password, as it would be the case of patching workgroup computers, then to my knowledge there is no mechanism to pass credentials when system-level proxy is configured.

  13. This is great! Thanks for help

Leave a Reply

No trackbacks yet.