For some reason, tech issues seem to swarm. It's like they happen in threes.
Here's one that for some reason, came in one of those little swarms. So I took it as an opportunity to go ahead and blog it.
Firewalls and network licensing and how they work (or specifically don't work) together.
For those of us who aren't sure what network licensing is, it's how software (including, but not exclusive to, Autodesk software) can manage distribution of licenses when multiple users need to share a license pool.
In short, your licenses are maintained on a server, while your software is installed on a client machine. When you start the software, your client sends out a ping to the server. If a license is available, the server issues a license. If not, you'll get a message telling you that a license isn't available.
For example, lets say you have a license pool of five licenses, but you have ten users that need to share the pool (they're only part time users).
If you request a license and one of the licenses is avaiable. You get a license and are on your merry way.
But if you get to work late, and the five license have been used by the five users who beat you to work, you'll get a message indicating no more licenses are available.
You can think of it like checking out a book from the library. If the book is there, you can have it. If not, sorry, have a nice day.
But, what if the only road to the library has be closed because of 'police activity'. You can't get to the library and get your book. It doesn't matter if there's dozens of books on the shelf.
That's what a Firewall can do to the Autodesk Network Licensing Manager (or FlexLM). By no fault of the license manager, it fails to acquire a license.
It can be frustrating for the users and administrators involved. You check your license manger, it's running beautifully. You check the client, everything seems fine. Try to start the software, and 'poof'! An error message. Maybe, just to really confuse things, maybe some of the clients are getting a license, while others are not.
Sometimes, it's as simple as the firewall. For Autodesk software, ports 2080, and ports 27000-27009 have to be open. If not, your hosed (this is the official I.T. term for it).
The licensing daemons (the utilities that pass license packets back and forth) need these ports open to pass their packets. If not, it's like closing the bridge to the library.
By default, Windows Firewall will block these ports (this is the only Firewall I'm personally familiar with, but I'm sure others do as well).
So we know the ports are blocked. How do we open them?
It will vary depending on your version of Windows and your firewall, but this should get most users in the ballpark.
Go to your Windows Control Panel, and choose Windows Firewall.
(click to enlarge)Depending on your version of Windows, the screens may look different. The screen shown here is for Vista. Of course the simplest solution is to just turn the firewall off entirely. Many companies do just this. They have other firewalls between them and the 'rest of the world', and don't need a firewall between clients.
(click to Enlarge)
I'm going to assume that for some reason, we can't, or won't turn off the firewall. So now, we have to open up the individual ports that the license manager needs.
So to do this, we choose the 'Exceptions' tab, then choose 'Add Port'.
(click to enlarge)
A new screen will appear and ask you to name the port, and enter which port you want to open.
(click to enlarge)Give the port a meaningful name (so you know what program the exception affects). The capture above is shown for 2080. The steps will have to be repeated for 27000 through 27009 (that means 27001, 27002, up to 27009).
Once you have that done, you shoud be able to start accessing license (assuming there's no other issues with the licensing environment). Bear in mind, that this may have to be done in multiple places (routers, servers, etc). Anything blocking this ports will prevent the license packets from getting through.
So if you have that 'phantom issue', and run into that case where all the systems can pull a file except for 'that one guy'. There's a good chance this could be the culprit.
When in doubt, check it. If those ports aren't open, everything else is for naught.
Good luck!
For additional information on network licensing, check out KETIV's tech tips here!
No comments:
Post a Comment