I have many systems on internal corporate networks.
We have purchased many enterprise RHN subscriptions and
for many of these servers on reserved subnet are NATTED,
hence no problem connection to the RHN site.
I have also specified useNoSSLForPackages in the
/etc/sysconfig/rhn/up2date config file and have configured one
server with a squid proxy with a large cache size.
This way all the RPM's fetched via http get cached the first
time they are hit and the other servers just get it from the
internal proxy server.
The packages are all checked with GPG anyway, so I am not
very worried about it.
Now I have a seperate problem... Some of the servers are on
subnets that are do not have natted addresses. I can poke
a hole specifically through the firewall to the squid proxy
server, but much of the command protocol for up2date is done
through SSL.
Is there a way that I can get around this problem?
Other than buying an RHN Satellite Server?
Just interested to hear other peoples thoughts.
-Ben.
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
