Iis – Unable to Windows Update and WSUS broken

for a while now, despite working faultlessly for over 3 years, both WSUS and Windows Update have stopped working on our single domain contoller running Windows Server 2008 (not R2).

The error we get when trying to run Windows Update is "80072efd" which of course we've Google'd and tends to point to a firewall issue. We're inclined to believe this isn't the problem, as there are a couple of standalone PC's on the network here that aren't part of the domain and as such don't use the DC as a source for updates which connect through to Windows Update just fine. As all connections are routed the same way this would suggest the firewall is not at fault, and also the age old saying of "nothing has been changed on the firewall" – which it hasn't to prompt this sudden stoppage on the DC and subsequent domain machines.

Also, whilst investigating, I've noticed the WSUS snap-in doesn't load anymore, just prompts for "Reset Server Node" which doesn't work. Further to this I've taken a look in IIS and can see the WSUS Administration "site" it stopped. I cannot restart it as it says another site is using that port, which from what I can tell within IIS is not the case. We only have 2 sites in IIS and one uses 80 and the other, WSUS Administration, uses 8530/1.

I've also tried removing and upping the limits on WsusPool in the Recyling tab as a technet post suggested this could be the cause, but even after restarting IIS – nothing. I presume this is all related to Windows Update not working either but can't be sure.

I have attached below the error from the WSUS snap-in:

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

System.Net.Sockets.SocketException — No connection could be made because the target machine actively refused it 10.0.0.253:8530

Source
System

Stack Trace:
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception)
** this exception was nested inside of the following exception **

System.Net.WebException — Unable to connect to the remote server

Source
Microsoft.UpdateServices.Administration

Stack Trace:
at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)
at Microsoft.UpdateServices.Administration.AdminProxy.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber)
at Microsoft.UpdateServices.UI.AdminApiAccess.AdminApiTools.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber)
at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.GetUpdateServer(PersistedServerSettings settings)
at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServer()
at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServerAndPopulateNode(Boolean connectingServerToConsole)
at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.OnExpandFromLoad(SyncStatus status)

Server was rebooted last night to take care of SQL/IIS and the update service but to no avail.

Any pointers greatly appreciated. Much as I hate to say it, the server has been running since 2013 and WSUS and all domain PC's have been updating wonderfully until it seems one fateful day when, from what we can tell, no conscious changes were made at all.