Setting up the Windows Firewall

Installation > Installing Integrity Modeler > Server Only Installation > Post-Server Only Installation Tasks > Setting up the Windows Firewall

The Windows firewall on the Modeler server computer will prevent Modeler clients from accessing the server's databases. To overcome this problem, set up the Windows firewall to allow access to the Modeler applications.

When a Windows server is added to a domain, ping is blocked by default. You must enable ping on the Windows server. For more information, see I cannot connect to the server.

If you are using Windows Server, verify that the Windows firewall rule named File and Printer Sharing (Echo Request — ICMPv4–In) is enabled by performing the following steps:

1. On the Windows Start menu, click Administrative Tools, and then click Windows Firewall with Advanced Security.

2. In the left pane, click Inbound Rules.

3. In the rules list, find the File and Printer Sharing (Echo Request - ICMPv4–In) rule for the Domain profile.

4. Check that the Enabled column is set to Yes for the rule name.

◦ A gray icon indicates that a rule is disabled.

5. If the Enabled column is set to No, right-click the rule name, and then click Enable Rule to enable the rule.

6. Close the Windows Firewall with Advanced Security window.

The following files need to be set up as exceptions. In each case, the path shown is for a Modeler installation to the default locations.

For 64-bit versions of Windows:

• C:\Program Files (x86)\PTC Integrity Modeler\License Manager\lmgrd.exe (for Floating License Server)

• C:\Program Files (x86)\PTC Integrity Modeler\License Manager\artsansw.exe (for Floating License Server)

• C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.MODELER\MSSQL\Binn\sqlservr.exe (Allow inbound connections to SQL Server)

For 32-bit versions of Windows:

• C:\Program Files\PTC Integrity Modeler\License Manager\lmgrd.exe (for Floating License Server)

• C:\Program Files\PTC Integrity Modeler\License Manager\artsansw.exe (for Floating License Server)

• C:\Program Files\Microsoft SQL Server\MSSQL12.MODELER\MSSQL\Binn\sqlservr.exe (Allow inbound connections to SQL Server)

The firewall must allow use of the following ports:

Port number	Port type	Used by
1433	TCP	SQL Server instance, sqlservr.exe
1434	UDP	Microsoft SQL Server Browser service, sqlbrowser.exe
15777	TCP	Modeler generated application to send notification calls to Modeler (this can be changed to 4242 if Modeler has been upgraded)
27000	TCP	PTC Integrity Modeler License Server service (lmgrd.exe). This port number can be changed by adding a new port number to the end of the SERVER line in the floating license file. It is necessary to define not only the TCP port that lmgrd will use, but also the port each vendor daemon will use. Each vendor daemon’s exe file should be allowed through by the firewall. The vendor daemon port is random, but can be explicitly specified on the DAEMON line. The PORT= entry on the DAEMON line allows explicit selection of both externally available ports. 27001 is the TCP port reserved for use by the lmgrd process while 27002 is the port used by the vendor daemon process idl_lmgrd. Both port numbers must be unused by other processes. For example: DAEMON ARTSANSW PORT=27002.
57850	TCP	Web Interface. Used with port https by default. If you configure the Web Interface to use with http, then the port to use is 57851.
62344	TCP	Model Manager

For more information about the ports that Modeler uses, see Executables that use ports and their protocols in Integrity Modeler on the PTC eSupport.