- How do I configure my system so that up2date, yum, or satellite-sync can access RHN channels through a firewall or proxy?
- What URLs and ports do I need to configure in my proxy server to access RHN?
- Network error when registering a server with rhn_register or rhnreg_ks.
- Having issues with my subscription certificate on a machine behind a firewall.
When trying to update packages with yum, the following error is seen:
There was an error communicating with RHN. RHN channel support will be disabled. Error communicating with server. The message was: Unable to connect to the host and port specified
- Red Hat Enterprise Linux
- Red Hat Network
- Red Hat Satellite 5.x
- Internet access filtered by proxy or firewall
satellite-syncto work correctly, the firewall must allow connections to:
- rhn.redhat.com on port 80 (http)
- rhn.redhat.com on port 443 (https)
- xmlrpc.rhn.redhat.com on port 80 (http)
- xmlrpc.rhn.redhat.com on port 443 (https)
- content-xmlrpc.rhn.redhat.com on port 80 (http)
- content-xmlrpc.rhn.redhat.com on port 443 (https)
- content-web.rhn.redhat.com on port 80 (http)
- content-web.rhn.redhat.com on port 443 (https)
- cdn.redhat.com on port 80 (http)
- cdn.redhat.com on port 443 (https)
Red Hat Satellite 5.x needs additional access to (click here for Satellite 6.x):
- satellite.rhn.redhat.com on port 443 (https)
- satellite.rhn.redhat.com on port 80 (http)
- content-satellite.rhn.redhat.com on port 80 (http)
- content-satellite.rhn.redhat.com on port 443 (https)
Note: IP addresses for servers are not permanent. Please use the domain names instead. This is partly because we distribute them through a Content Delivery Service by Akamai. For this reason, it is necessary to allow the following ports/hostnames on firewall for proper yum operation:
* *.akamaiedge.net on port 443 [https]
- If the network cannot be opened to the above hostnames and ports, and RHN Classic is being used, location aware updates can be disabled as a workaround. This will not work with RHSM, which requires a different set of hostnames through the firewall.
- If FTP is used as opposed to HTTP, then outbound port 20 (FTP) will need to be opened. To determine if FTP is used, see the output of
grep -i ftp:///etc/yum.repos.d/*.
- A Red Hat Enterprise Linux server or Satellite must be able to connect back to RHN channels to download software updates.
- If a firewall prohibits unlimited outbound connections, it is necessary to re-configure the firewall or use a proxy which allows access to the appropriate hosts and ports.