Product Documentation

Firewall Considerations

Jan 09, 2012

Determine if you need to place a firewall between the license server and any product servers. Citrix recommends that you determine if your products will communicate with the license server through a firewall before installing licensing. Where you install the license server can be impacted by firewall considerations.

The License Server VPX has default ports enabled. To change ports, use the Linux iptables command.

If there is a firewall between your product or Single Sign-on (Password Manager) Agent and the license server, you need to configure port numbers. This configuration process entails:
  • Determine which port numbers you need to change. You can change port numbers during the installation process or afterward.
  • Open up the firewall ports. Open any ports on the firewall that you modified so that traffic can flow. For Windows Server 2008, the license server Version 11.5 or later configures the built-in firewall automatically.
  • Modify the product-side settings. Your Citrix product must be configured with the same port numbers as those in the License Administration Console. If you do not change the port number referenced in the product, the product cannot contact the license server. You can change the product-side settings during and after installation of the product. See your product’s documentation for information about these settings.