This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- FlexNet Publisher
- :
- FlexNet Publisher Forum
- :
- Checking out licenses from vendor deamon tcp port
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Jul 26, 2018
12:45 AM
Checking out licenses from vendor deamon tcp port
I'm running lmgrd and a vendor daemon and can check out licenses from a tcp port specified on SERVER line (e.g. 27000).
But I can also check out licenses from vendor tcp port which is chosen by OS by default on starting the license daemon.
Here a question. Is this an expected behavior?
If it is an expected one then can we avoid this feature rather than closing the port by firewall?
The version is Windows v11.13.
But I can also check out licenses from vendor tcp port which is chosen by OS by default on starting the license daemon.
Here a question. Is this an expected behavior?
If it is an expected one then can we avoid this feature rather than closing the port by firewall?
The version is Windows v11.13.
(5) Replies
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Jul 26, 2018
02:24 AM
Hi,
lmgrd - the license manager as the name indicates has a major purpose to manage the license communication (along with other as well). When a client sends the communication handshake to lmgrd, in response lmgrd asks the client to try on another port to fetch the license (i.e. the VD port). Now in your case, you are directly accessing the VD port, hence the lmgrd channel is given a pass and checkout succeeds.
This is an expected observation. Could you elaborate on what you meant by "If it is an expected one then can we avoid this feature rather than closing the port by firewall?"
Regards,
Abhay
lmgrd - the license manager as the name indicates has a major purpose to manage the license communication (along with other as well). When a client sends the communication handshake to lmgrd, in response lmgrd asks the client to try on another port to fetch the license (i.e. the VD port). Now in your case, you are directly accessing the VD port, hence the lmgrd channel is given a pass and checkout succeeds.
This is an expected observation. Could you elaborate on what you meant by "If it is an expected one then can we avoid this feature rather than closing the port by firewall?"
Regards,
Abhay
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Jul 26, 2018
02:45 AM
Hi Abhay,
Thanks for the replay. I understand that it is an expected behavior.
> Could you elaborate on what you meant by "If it is an expected one then can we avoid this feature rather than closing the port by firewall?"
I have been assuming that user should checkout from tcp port on specified in SERVER line and the VD port is just for inter daemon communication.
So I wanted to avoid user from checking out via the VD port for security point of view.
But now it sounds making no sense to close the VD port because user client eventually checkouts from the VD port.
Then I have to keep opening the two SERVER and VD port, correct?
Thanks for the replay. I understand that it is an expected behavior.
> Could you elaborate on what you meant by "If it is an expected one then can we avoid this feature rather than closing the port by firewall?"
I have been assuming that user should checkout from tcp port on specified in SERVER line and the VD port is just for inter daemon communication.
So I wanted to avoid user from checking out via the VD port for security point of view.
But now it sounds making no sense to close the VD port because user client eventually checkouts from the VD port.
Then I have to keep opening the two SERVER and VD port, correct?
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Jul 26, 2018
02:56 AM
That's absolutely correct.
For security reasons (from direct attack on VD), lmgrd kind of acts like the cover unit, hence it is in best practice to keep both the ports open. And also share only the lmgrd port to the end users to connect and fetch the licenses.
Regards,
Abhay
For security reasons (from direct attack on VD), lmgrd kind of acts like the cover unit, hence it is in best practice to keep both the ports open. And also share only the lmgrd port to the end users to connect and fetch the licenses.
Regards,
Abhay
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Jul 26, 2018
02:59 AM
Thanks a lot for the quick response. I understood:)
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
‎Nov 20, 2018
12:41 AM
Great news...... Happy to help.
Regards,
AP
Regards,
AP