When installing Symantec Identity Governance and Administration (IGA) v15 on Red Hat Enterprise Linux (RHEL), specific network ports must be open to ensure the application and its internal load balancer function correctly. Is port 80 and 443 required?

CA Identity Suite: 15.0

Symantec IGA v15 uses an internal HAProxy balancer service that listens on TCP ports 80 and 443. This service is essential for IGA services and utilities to connect with each other. If these ports are blocked by a firewall or restricted by system policies, the application will not function as expected.

1. Verify Balancer Requirements: According to official documentation, the balancer service must not be stopped. It is critical for inter-service communication within the IGA environment. 

2. Firewall Configuration: Ensure that TCP 80 and TCP 443 are not blocked by the local Linux firewall (firewalld or iptables) or any network-level firewalls.

3. To verify the ports are being used by the balancer service and ensure they are open post installation:

    

   Check Port Status Run the following commands on the Linux deployment machine to confirm the HAProxy service is listening:

   sudo ss -tlnp | grep :80sudo ss -tlnp | grep :443

   • • Expected Output for Port 80: LISTEN 0 200 [IP_ADDRESS]:80 [IP_ADDRESS]:* users:(("haproxy",pid=xxxx,fd=x))
     • Expected Output for Port 443: LISTEN 0 200 * :443 *:* users:(("haproxy",pid=xxxx,fd=x))

For more detailed information on external balancer configurations, refer to the Symantec Techdocs - External Balancer