Win10 feature upgrades

I have a question about the win10 version upgrades and using PM to push them (1909, 2004, 20h2, etc). I just started looking into doing this with PM and I have a question. We have the microsoft update page blocked due to bandwidth issues all of our machines should be pointing to our WSUS servers for updates, but in the event the machine is placed in the wrong OU and doesn't get the policy it prevents machines from going out to get updates and causing problems. My question is when testing using the 2004 upgrade package when I tried to install it the update failed. Once I had my network team open the individual computer up to the microsoft update site the update downloaded and was waiting to install. Is this normal? Does it need to reach out to Microsofts update site to download anything for these upgrades? I thought it would have all been downloaded to the local PM servers and pushed from there?

Any information would be very helpful. Thanks in advance.