We're running License Manager 2020.0 on Windows Server 2016. Our firewall that has recently been reconfigured to allow traffic on ports 27000-27009. Previously, only port 27000 was open.
We started seeing many 5152 Events (The Windows Filtering Platform blocked a packet), which makes sense given that our original license manager configuration was locked to port 27000. The firewall rule triggering the 5152 events is the "Port Scanning Prevention Filter" which usually means that there are no listeners. As we understand it, inbound traffic on ports 27001 to 27009 triggered these events because the license manager was not configured to listen on these ports.
SERVER this_host ANY VENDOR ARCGIS FEATURE ACT ARCGIS 1 permanent 1 7ED49106D630
Is there any other vendor's Flexnet enabled license server installed in the same machine?
"When operating ArcGIS License Manager on the same host server as another vendor's Flexnet enabled license server, each LMGRD daemon should be locked to a different port in the 27000-27009 range to avoid conflicts in serving licenses."
Try Locking License Manager to a specific port in the range 27001-27009 (I am excluding the default port 27000 just to be safe). Steps are available in the above link.
If that doesn't work out, you may want to have a look at Port Scanning Prevention Filter behavior in Windows for a workaround.
My environment: LM 2020.0 x2. Primary and failover on two 2x WinServer 2012R2.
I've both inbound and outbound firewall rules for port range 27000 - 27009. Traffic allowed.
NOTE: I use 27004 but you can choose some other port within the allowable range to suite your use case. Try something like this in your service.txt.
SERVER this_host ANY 27004
VENDOR ARCGIS PORT=27000
FEATURE ACT ARCGIS 1 permanent 1...
In this config your users are connecting to port 27004 while the vendor daemon is using port 27000.