Software update synchronization fails with 502 Bad Gateway or 504 Gateway Timeout in WCM.log

Applies to: System Center Configuration Manager


Consider the following scenario:

  • On the top-level site server, you have a site system role installed that requires Internet access such as the service connection point. Or, you have configured such cloud services as Microsoft Store for Business or the cloud management gateway (CMG).
  • You have a proxy server configured for the top-level site server.
  • You have a remote software update point (SUP) configured for the top-level site.

In this scenario, software update synchronization fails, and the following error entry is logged in WCM.log on the site server:

Note Sometimes, the error entry contains "HTTP status 502: Bad Gateway" instead of "HTTP status 504: Gateway Timeout."


This issue occurs because the site server incorrectly uses the proxy server when it connects to the remote SUP.



To work around this issue without updating, use one of the following methods:

  • Move the SUP role to the site server.

    Note If you have more than one SUP at the top-level site, use either of the other methods.
  • Move the site system roles that require internet access to a remote server, and then remove the proxy configuration from the site server.
  • Temporarily set the proxy server to allow routing traffic from the site server to the remote SUP.