When you add more than one NIC to the Satellite be aware that Satellite is acting as a linux end host. As you may already know a host does not know how to route. When you add 2 network-interfaces you have to make sure you configure it just right or else connectivity to the Satellite will be lost.
As shown in the picture below, the interface to outside world in this case Cisco.com. You set the firewalld domain to "DMZ" and default-gateway set . Or you other choice is to have specific routes added to reach swapi.cisco.com:443 and cloudsso.cisco.com:443 as well as api.cisco.com:443
to add static route , you login to CLI and do " sudo ip route add 173.37.144.211/32 via 10.200.1.1 dev ens160" as an example where 10.100.1.1 is the gateway out .
To add a specific static route that will survive a reboot do this.
sudo -s
add a file called route-ens160 in /etc/sysconfig/network-scripts directory and add the following in to the body of the file .. "173.37.144.211/32 via 10.200.1.1 dev ens160", afteward do "
service network restart
Or enable Default-gateway, but you can only do this for one of the interfaces not both.
Inside interface..
And for the second Interface ( ens192) you select a firewall role " PUBLIC"
Add static route to reach your devices and allow access to admin-portal. As shown above we selected "Default-Gateway" for interface ens160 . So we should not enable default-gateway for interface ens192
to check the routing table on CLI ,
ssh to Satellite
sudo -s
route
to see all the interface ..
ip a