Published by Henry Frankland – Latest update: 31/08/2022
Relevant product(s): All FlexNet licensed products
Operating systems: Linux RHEL 7 and above
Versions affected: All
Relevant area(s): Licensing
Normally licensing and clients are in the same LAN as each other. Sometimes it can be necessary to access a license server that is on a WAN network. When connecting to the licensing server, as shown in Figure 1, over WAN connection attention is needed to the ports used.
The license server comprises of two daemons, the LMGRD daemon and MGCLD daemon. Typically the LMGRD daemon for the Mentor Graphics tools will use port 1717, then unless set in the server license file (PORT=) a random port for MGCLD.
Standard practice for connecting to license servers is to reference the lmgrd port, typically 1717. Doing so while connecting to a license server over WAN will trigger the client to use the wrong IP when it then contacts the mgcld daemon in subsequent communication. In this configuration, the client will get passed the internal network IP for the server machine rather than the ip of the WAN network, as such no traffic can be routed to the AWS network, as shown in Figure 2.
Configure a VPN to the remote network so that you appear on the same network as the server machine. This avoids problems with network namespace problems. But this might not be advisable if you want to give the connecting access to the entire network the license server sits in and the machines on that network.
Solution2 (point to mgcld port):
The problem with incorrect happens only when specifying the LMGRD port first. It is also possible to use the license port of the vendor daemon. Typically the vendor daemon will not be fixed to a specific IP unless forced to in the license server file as highlighted in Figure 3.
Once the vendor daemon port is set on the server machine, ensure to restart or reread the license server file:
|Options 1: Re reading license|
|Options 2: restart the licensing service|
|None service based restart example:||Service based restart: |
Finally use the license pointer with the mgcld daemon port with the following syntax 1718@<WAN_IP>
Solution3 (iptables NAT):
As the only effected software is Linux based a option on the client side machines is to set a iptables NAT translation that routes outbound traffic from the incorrect IP to the correct external IP. This can be done with the command shown in:
sudo iptables -t nat -A OUTPUT -p tcp -d 172.31.2.56 --dport 1718 -j DNAT --to-destination 126.96.36.199:1718
 Henry Frankland, “Licensing as a service (systemd) on Linux,” Fareham, Feb. 2022. Accessed: Aug. 31, 2022. [Online]. Available: https://www.eda-solutions.com/tn028/