2.4.5. DMZ Proxy Solution

Unless the Red Hat Satellite server is in disconnected mode, it needs to initiate outbound connections on ports 80 and 443 to the Red Hat Network Hosted service (rhn.redhat.com, xmlrpc.rhn.redhat.com, and satellite.rhn.redhat.com). To ensure correct functioning of the system, do not restrict access to these hosts and ports. If required, use an http or https proxy by issuing the satellite-sync --http-proxy command.
The Red Hat Satellite server needs open inbound connections on ports 80 and 443 from client systems and any Red Hat Proxy Servers connected to the Red Hat Satellite, as well as any system that needs to access the web interface. Web interface and client requests come from either http or https.
The Red Hat Satellite Monitoring functions require outbound connections to individual Monitoring-enabled client systems on port 4545. Red Hat Satellite Monitoring makes connections to rhnmd running on client systems if Monitoring is enabled and probes are configured for registered systems.
The Red Hat Network push functionality requires both outbound and inbound connections on port 5269 to and from each registered Red Hat Proxy Server with Red Hat Network push functionality enabled. This is used for two-way communications between the jabberd service on Red Hat Satellite and Red Hat Proxy Server, respectively. In addition, it needs to allow inbound connections on port 5222 from client systems directly registered to Red Hat Satellite. This is used for one-way (client to server) communications between the osad service on client systems and the jabberd service on the Red Hat Satellite.