Configure ArcGIS License Manager to work through a firewall

Many of today's networks use a firewall for enhanced security from outside threats. Because the license manager uses the TCP/IP protocols, implementing such a firewall can pose problems between the license manager server and the clients connecting to it.

The problem is caused by the firewall often closing or blocking access to the ports the license manager uses to communicate. By default, the lmgrd daemon starts on port 27000 if the port is available, or it will start on the next open port within the range 27000–27009. The ARCGIS daemon, on the second line of the file, is not confined to a particular port range. It is dynamic, meaning that it can listen on any available port.

To secure the license management environment and allow you to implement a firewall, you can lock the ARCGIS daemon to a specific port. You can also change the lmgrd daemon from the default 27000 to another port between 27000 and 27009. This range was prespecified for license manager use because of the low traffic in that range.

Procedure

The steps provided require that you briefly stop the license manager. During this time, connections to the license manager may be lost.

  1. Click Start > Programs > ArcGIS > License Manager > License Server Administrator.
  2. Click Start/Stop License Server in the table of contents and click Stop.
  3. Open Windows Explorer and navigate to your license manager installation location (C:\Program Files\ArcGIS\License10.2\bin by default), in which you will see a service.txt file.

    The file should look similar to this:

SERVER this_host ANY
VENDOR ARCGIS
INCREMENT ACT ARCGIS 1 permanent 1 7ED49106D630
vendor_info=864uskn8gfslpxe9t872

At the end of the SERVER line, you can choose to specify a port number immediately after ANY.

On the VENDOR line, add PORT=####, where #### is a specific port number designated by you, to lock the vendor daemon to that specific port (for example, 1234). After making the changes, your service.txt file should look something like this:

SERVER this_host ANY 27000		
VENDOR ARCGIS PORT=1234
INCREMENT ACT ARCGIS 1 permanent 1 7ED49106D630
vendor_info=864uskn8gfslpxe9t872

  1. Save the .txt file.
  2. From License Server Administrator, click Start.

    The vendor daemon is now static, locked to the port specified.

  3. These ports can now be saved as exceptions in the firewall to allow communication between the license server and the client.
4/14/2014