Red Hat Training
A Red Hat training course is available for Red Hat Satellite
2.4. Additional Requirements
Red Hat Network Satellite has some additional considerations before installation. Ensure to meet these additional requirements before commencing the Satellite installation.
2.4.1. Firewall
The entire Satellite solution should be protected by a firewall if the Satellite accesses or is accessed via the Internet. All unnecessary ports should be firewalled off. Client systems connect to Satellite over ports 80, 443, and 4545 (if Monitoring is enabled). In addition, if you plan to enable the pushing of actions from the Satellite to client systems, as described in Section 9.11, “Enabling Push to Clients”, you must allow inbound connections on port 5222. Finally, if the Satellite will also push to an Red Hat Network Proxy Server, you must also allow inbound connections on port 5269.
Table 2.5. Ports to open on the Satellite
| Port | Protocol | Direction | Reason |
|---|---|---|---|
| 67 | TCP/UDP | Inbound | Open this port to configure the Satellite system as a DHCP server for systems requesting IP addresses. |
| 69 | TCP/UDP | Inbound | Open this port to configure Satellite as a PXE server and allow installation and re-installation of PXE-boot enabled systems. |
| 80 | TCP | Outbound | Satellite uses this port to reach Red Hat Network. |
| 80 | TCP | Inbound | Web UI and client requests come in via http. |
| 443 | TCP | Inbound | Web UI and client requests come in via https. |
| 443 | TCP | Outbound | Red Hat Network Satellite uses this port to reach Red Hat Network (unless running in a disconnected mode for Satellite). |
| 4545 | TCP | Inbound and Outbound | Red Hat Network Satellite Monitoring makes connections to rhnmd running on client systems, if Monitoring is enabled and probes are configured for registered systems. |
| 5222 | TCP | Inbound | If you plan to push actions to client systems. |
| 5269 | TCP | Inbound and Outbound | If you push actions to or via an Red Hat Network Proxy Server. |
