Thanks Alexander, unfortunately I could only find outdated documentation. I just realized that my question is not precise enough.
Suppose I have a master running in its LAN, with all required ports open. Now I want to setup a replica running in a docker in a AWS EC2 instance. >From your answer, I understand that during the replica setup process, all I need (because I do not use RHEL) is a ssh port between the master and the replica. What about the after-setup replica synchronization ? Does it also only use ssh ? Regards, Karl On Wed, Oct 12, 2016 at 7:25 PM, Alexander Bokovoy <aboko...@redhat.com> wrote: > On ke, 12 loka 2016, Karl Forner wrote: > >> Hello, >> >> A very simple question, but I could not find the answer. I'd like to setup >> a replica on another network than my master. Is it possible to setup the >> replication using only https, or other ports must be available ? >> > This is all documented, did you read the guide? > https://access.redhat.com/documentation/en-US/Red_Hat_Enterp > rise_Linux/7/html/Linux_Domain_Identity_Authentication_and_ > Policy_Guide/prepping-replica.html > > ---- > The replica requires additional ports to be open > In addition to the standard IdM server port requirements described > in Section 2.1.4, “Port Requirements”, make sure the following port > requirements are complied as well: > > During the replica setup process, keep the TCP port 22 open. > This port is required in order to use SSH to connect to the master > server. > If one of the servers is running Red Hat Enterprise Linux 6 and > has a CA installed, keep also TCP port 7389 open during and after the > replica configuration. In a purely Red Hat Enterprise Linux 7 > environment, port 7389 is not required. ---- > > Section 2.1.4: > https://access.redhat.com/documentation/en-US/Red_Hat_Enterp > rise_Linux/7/html/Linux_Domain_Identity_Authentication_and_ > Policy_Guide/installing-ipa.html#prereq-ports > > -- > / Alexander Bokovoy >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project