Show Table of Contents
2.4. Additional Requirements
Red Hat Satellite has some additional considerations before installation. These additional requirements must be met before starting the Satellite installation.
Protect your Red Hat Satellite environment with a firewall by blocking all unnecessary and unused ports.
Client systems connect to Red Hat Satellite over ports 80, 443, and 4545 (if Monitoring is enabled). In addition, enabling push actions from Red Hat Satellite to client systems, as described in Section 8.7, “Enabling Push to Clients”, requires inbound connections on port 5222. Finally, if the Satellite pushes to a Red Hat Proxy Server, allow inbound connections on port 5269.
The following table provides a list of port requirements for Red Hat Satellite.
Table 2.1. Ports to open on the Red Hat Satellite Server
|67||TCP/UDP||Inbound||Open this port to configure the Red Hat Satellite as a DHCP server for systems requesting IP addresses.|
|69||TCP/UDP||Inbound||Open this port to configure Red Hat Satellite as a PXE server and allow installation and re-installation of PXE-boot enabled systems.|
|80||TCP||Outbound||Red Hat Satellite uses this port to reach Red Hat Network.|
|80||TCP||Inbound||Web UI and client requests come in via http.|
|443||TCP||Inbound||Web UI and client requests come in via https.|
|443||TCP||Outbound||Red Hat Satellite uses this port to reach Red Hat Network (unless running in a disconnected mode for Satellite).|
|4545||TCP||Inbound and Outbound|| Red Hat Satellite Monitoring makes connections to |
|5222||TCP||Inbound||This port pushes actions to client systems.|
|5269||TCP||Inbound and Outbound||This port pushes actions to Red Hat Proxy Server.|
|5432||TCP||Inbound and Outbound||This is a requirement for communication with a PostgreSQL database server if using an External Database or Managed Database.|
Finally, open your firewall to the following hosts for access to Red Hat's Content Delivery Network (CDN):