2.4. Additional Requirements
Red Hat Satellite has some additional considerations before installation. These additional requirements must be met before starting the Satellite installation.
2.4.1. Firewall
Protect your Red Hat Satellite environment with a firewall by blocking all unnecessary and unused ports.
The following table provides a list of port requirements for Red Hat Satellite.
Port | Protocol | Direction | Reason |
---|---|---|---|
67 | TCP/UDP | Inbound | Open this port to configure the Red Hat Satellite as a DHCP server for systems requesting IP addresses. |
69 | TCP/UDP | Inbound | Open this port to configure Red Hat Satellite as a PXE server and allow installation and re-installation of PXE-boot enabled systems. |
80 | TCP | Outbound | Red Hat Satellite uses this port to reach Red Hat Network. |
80 | TCP | Inbound | Web UI and client requests come in via http. |
443 | TCP | Inbound | Web UI and client requests come in via https. |
443 | TCP | Outbound | Red Hat Satellite uses this port to reach Red Hat Network (unless running in a disconnected mode for Satellite). |
4545 | TCP | Inbound and Outbound | Red Hat Satellite Monitoring makes connections to rhnmd running on client systems, if Monitoring is enabled and probes are configured for registered systems. |
5222 | TCP | Inbound | This port pushes actions to client systems. |
5269 | TCP | Inbound and Outbound | This port pushes actions to Red Hat Proxy Server. |
5432 | TCP | Inbound and Outbound | This is a requirement for communication with a PostgreSQL database server if using an External Database or Managed Database. |
Open your firewall to the following hosts for access to Red Hat's Content Delivery Network (CDN):
rhn.redhat.com
xmlrpc.rhn.redhat.com
satellite.rhn.redhat.com
content-xmlrpc.rhn.redhat.com
content-web.rhn.redhat.com
content-satellite.rhn.redhat.com