Bidirectional or Unidirectional Connectivity for Ports 22 and 5985 in Ansible AWX?

Hi Ansible community,

I’m working with Ansible AWX, and I need to understand the connectivity requirements for ports 22 and 5985. Specifically, I want to know if these ports need to be enabled bidirectionally (both from worker nodes to endpoints and vice versa) or if unidirectional connectivity is sufficient.

Could someone please clarify this for me? Any insights or best practices would be greatly appreciated!

Thanks in advance!

Regards,
Manish Singh

Ansible works by using a control host to connect to the remote host, as opposed to other things (like puppet) which use agents on the remote host to connect back to the control host.

The connection is unidirectional. control host → remote host. So your control host needs to allow 22 or 5985 outbound and the remote host needs to allow 22 or 5985 inbound (at least from the control host)

Port 22 is for SSH connections. Port 5985 is for unecrypted WinRM (windows). Port 5986 is for encrypted WinRM. All of these are configurable if needed