Skip to navigation

Warning message

log in to add comments or rate this document

How do I access RHN (yum/up2date/satellite-sync) through a firewall?

Updated 2014-03-28T16:35:43+00:00


  • How do I configure my system so that up2date, yum, or satellite-sync can access RHN channels through a firewall or proxy?
  • What URLs and ports do I need to configure in my proxy server to access RHN?
  • Network error when registering a system with rhn_register or rhnreg_ks.
  • When trying to update system with yum, receiving the error:
There was an error communicating with RHN.
RHN channel support will be disabled.
Error communicating with server. The message was:
Unable to connect to the host and port specified


  • Red Hat Enterprise Linux
  • Red Hat Network
  • Red Hat Satellite
  • Internet access filtered by proxy or firewall


  • For up2date, yum, rhn_register, and satellite-sync to work correctly, your firewall must allow connections to:

    • on port 80 (http)
    • on port 443 (https)
    • on port 80 (http)
    • on port 443 (https)
    • on port 80 (http)
    • on port 443 (https)
    • on port 80 (http)
    • on port 443 (https)
    • on port 80 (http)
    • on port 443 (http)
  • RH Satellite needs additional access to:

    • on port 443 (https)
    • on port 80 (http)
    • on port 80 (http)
    • on port 443 (https)
  • IP addresses for servers are not permanent. Please use the domain names instead ; this is partly because we distribute them through Akamai

  • It's necessary to allow the following ports/hostnames on firewall to have fully working yum

    • on port 443 [https]
  • If you can't open your network and use RHN classic you can disable location aware updates as a workaround. This will not work with RHSM.

  • For systems using RHSM, please see Configuring my firewall to access RHSM.

Root Cause

  • A Red Hat Enterprise Linux system or satellite must be able to connect back to RHN channels to download software updates.
  • If a firewall prohibits unlimited outbound connections, it is necessary to re-configure the firewall or use a proxy which allows access to the appropriate hosts and ports.