[Freeipa-users] Confirming no extra/special ports need to be opened for replication traffic?
Chris Dagdigian
dag at sonsorol.org
Wed Dec 14 16:50:26 UTC 2016
Been reading various generations of documentation to find out if I need
additional TCP or UDP ports opened for IPA replication between
VPN-connected dataceners.
I think the modern answer is no? We just need the standard IPA ports
open between all of the IPA master/replicas that chat to each other?
TCP Ports:
* 80, 443: HTTP/HTTPS
* 389, 636: LDAP/LDAPS
* 88, 464: kerberos
* 53: bind
UDP Ports:
* 88, 464: kerberos
* 53: bind
* 123: ntp
-Chris
More information about the Freeipa-users
mailing list