Installation and Upgrade > Advanced Deployment Considerations > Installing and Configuring a Cluster Windchill Environment > Server Cluster Configuration Overview > Configuring a Typical Server Cluster > Determining the Necessary Ports for Load Balancer or Firewall
  
Determining the Necessary Ports for Load Balancer or Firewall
Client systems typically access a Windchill cluster server environment through a load balancing router. Due to security concerns or limitation of ports, you need to determine which TCP ports and IP ports must be open for the load balancer, when a cluster environment integrates Workgroup managers and Windchill visualization.
The requirements on the communication between client and server are complicated by the many possible communication environments. To simplify the requirement of ports for the communication between client and server, this discussion makes the following assumptions:
There is only one line of communication between the client site and server site.
The client site consists only of HTTP clients and HTTPS clients.
All Windchill server components, such as web server, servlet engine, LDAP, and Oracle are in the server site.
A single load balancer and firewall has been set up between the client and server sites.
If you tunnel RMI over HTTP or HTTPS, then only HTTP or HTTPS ports need to be open on the load balancer. Otherwise, the ports that need to be open depend on the customer environment:
For out-of-the-box core Windchill, the following ports must be open:
HTTP or HTTPs ports
wt.manager.port and wt.method.minPort through wt.method.maxPort defined in wt.properties
For workgroup managers, additional ports need to be open depending on the specific product. The Windchill Workgroup Managers for CADDS5 and CATIA V4 uses a Registry Server (RS) that runs along with Windchill servers. The Registry Server uses 2 ports. Each time the Registry Server is started, it uses the port specified in the registryserver.ini file and a different, random port. Access must be granted on both ports for the Windchill workgroup managers to function.
Use the "registry_port" defined in registryclient.ini and registryserver.ini under <Windchill>/codebase/cfg/site to manually assign the ports.
The unified Workgroup Manager framework, used by the Workgroup Manager for Creo Parametric and most other workgroup managers, is a regular HTTP client. Therefore, the server configurations that apply to all HTTP clients (for example, web browsers) apply to Workgroup Manager for Creo Parametric and most other workgroup managers.
For details on the ports set through the PTC Solution Installer (PSI), see Prerequisite Checklist.