Showing results for 
Search instead for 
Did you mean: 
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Help us improve the PTC Community by taking this short Community Survey! X

License though Firewall


License though Firewall

Anyone have more detailed instruction than are in tpi 35508?


Obtaining a License of Pro/ENGINEER Through a Firewall.


Additional Information

Description ----------- What is required to obtain a license of Pro/ENGINEER Release 20.0 or greater if the FLEXlm server and client are on opposite sides of a firewall? Alternate Technique ------------------- See Resolution Below. Resolution ---------- The lmgrd is listening on a particular port, say 7788, as defined on the SERVER line in the license file. Each vendor daemon is listening on a unique port. Therefore, ptc_d is listening on a different port than lmgrd. In general, in a non-firewall case, a client uses the port number of the lmgrd to contact it. The lmgrd then communicates back to the client the appropriate port number of the appropriate vendor daemon. The client then is able to contact and do business with the vendor daemon via the daemon's port. In a firewall case, there are additional constraints imposed by the firewall. The firewall restricts outside access to a server host by having only a limited number of ports available for outside access. So both port numbers, the server port and the daemon port, must be ones that the administrator has enabled on the server host for outside access. The port "randomly" assigned to the daemon may not be one that has outside access. For that reason, FLEXlm provides the ability to hardcode in the license file the port number to be used by the daemon. Therefore, the firewall administrator can ensure that a visible port is always used. For example, the license.dat file may be edited to add an open port to the end of the DAEMON line as follows: DAEMON ptc_d [daemon_path] [[options=]path to ptc.opt file [[port=]] [portnum] For additional information, please review

What more details are you looking for? The TPI seems pretty clear?

request: ProE @7788 ---> firewall ---> server
reply: server @??? ---> firewall ---> Pro/E client

If you don't like the question marks, specify the reply port in the
DAEMON line of the license file on the server.

I don't think it is needed, because most companies use a Windows
firewall, and then you can simply specify that a certain program is
always allowed to pierce the firewall to the outside world. On Unix you
can usually specify that replies to requests are allowed through the
firewall, so there you don't need it either.

But I suppose it depends on the software you use, and your company
policy on firewalling.

Best regards,
Patrick Asselman

NEW Creo+ Topics: PTC Control Center and Creo+ Portal