Finding IP address ranges for SUSE Linux Enterprise images to work in Microsoft Azure behind Firewall or NSGs@20aman Mar 26, 2021
For the SUSE Linux Enterprise Server (SLES) images to work in the Microsoft Azure environment, it needs to communicate with the SUSE servers. Specifically, it needs to communicate with the SUSE registration servers and the repository servers. If the VM deployed from SUSE images, is deployed behind a Firewall or NSG then this communication will be blocked by default and will need to be opened up.
So where will we get the IP addresses or URLs for the SUSE server?
The SUSE team publishes the required IP addresses in the below 2 XML files. These are dynamic links that the SUSE team keeps updating and should be referred if any communication is broken.
The URLs for the IP addresses are:
It is recommended to open the IP addresses for the regions where our VMs are deployed. The required communication occurs on Port 443 i.e. HTTPS.
Long term solution
Long term solution is to deploy a SUSE RMT (or Repository Mirroring Tool) server in the environment. For older versions of SLES, you may require SMT instead. It is highly recommended to upgrade and use RMT instead.
"RMT server establishes a proxy system for SUSE Customer Center with repositories and registration targets. This helps you to centrally manage software updates within a firewall on a per-system basis while maintaining your corporate security policies and regulatory compliance."
Here is a guide for configuring the RMT: Repository Mirroring Tool Guide.