Thanks Alexander, unfortunately I could only find outdated documentation.
I just realized that my question is not precise enough.

Suppose I have a master running in its LAN, with all required ports open.
Now I want to setup a replica running in a docker in a AWS EC2 instance.

>From your answer, I understand that during the replica setup process, all I
need (because I do not use RHEL) is a ssh port between the master and the
What about the after-setup replica synchronization ? Does it also only use
ssh ?


On Wed, Oct 12, 2016 at 7:25 PM, Alexander Bokovoy <>

> On ke, 12 loka 2016, Karl Forner wrote:
>> Hello,
>> A very simple question, but I could not find the answer. I'd like to setup
>> a replica on another network than my master. Is it possible to setup the
>> replication using only https, or other ports must be available ?
> This is all documented, did you read the guide?
> rise_Linux/7/html/Linux_Domain_Identity_Authentication_and_
> Policy_Guide/prepping-replica.html
> ----
> The replica requires additional ports to be open
>    In addition to the standard IdM server port requirements described
> in Section 2.1.4, “Port Requirements”, make sure the following port
> requirements are complied as well:
>        During the replica setup process, keep the TCP port 22 open.
> This port is required in order to use SSH to connect to the master
> server.
>        If one of the servers is running Red Hat Enterprise Linux 6 and
> has a CA installed, keep also TCP port 7389 open during and after the
> replica configuration. In a purely Red Hat Enterprise Linux 7
> environment, port 7389 is not required. ----
> Section 2.1.4:
> rise_Linux/7/html/Linux_Domain_Identity_Authentication_and_
> Policy_Guide/installing-ipa.html#prereq-ports
> --
> / Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to