2.2. Configuring the Client Applications
Not every customer must connect securely to a RHN Satellite Server or RHN Proxy Server within their organization. Not every customer needs to build and deploy a GPG key for custom packages. (Both of these topics are explained in detail later.) Every customer who uses RHN Satellite Server or RHN Proxy Server must reconfigure the Red Hat Update Agent (up2date) and possibly the Red Hat Network Registration Client (rhn_register) to redirect it from Red Hat Network to their RHN Satellite Server or RHN Proxy Server.
Although this is not configurable, note that the port used by the Red Hat Update Agent is 443 for SSL (HTTPS) and 80 for non-SSL (HTTP). By default, up2date uses SSL only. For this reason, users should ensure that their firewalls allow connections over port 443. To bypass SSL, change the protocol for serverURL from https to http in /etc/sysconfig/rhn/up2date. Similarly, to use RHN's Monitoring feature and probes requiring the Red Hat Network Monitoring Daemon, note that client systems must allow connections on port 4545 (or port 22, if using sshd instead).
By default, the Red Hat Network Registration Client and the Red Hat Update Agent refer to the main Red Hat Network Servers. Users must reconfigure client systems to refer to their RHN Satellite Server or RHN Proxy Server.
Note that the latest versions of the Red Hat Update Agent can be configured to accommodate several RHN Servers, thereby providing failover protection in case the primary server is inaccessible. Refer to Section 2.2.4, “Implementing Server Failover” for instructions on enabling this feature.
The next sections describe three methods of configuring the client systems to access your RHN Satellite Server or RHN Proxy Server: using an Activation Key, up2date --configure, and manually updating the configuration files.( To see how virtually all reconfiguration can be scripted, see Chapter 6, Manually Scripting the Configuration.)