Geocortex Core Ports and Firewall Access

Geocortex Core provides software services that Geocortex applications use. For example, Geocortex Core has a distributed database that Essentials Security uses for the Security Store.

The services provided by Geocortex Core make it possible to build scalable components for Geocortex software. Instant Search is one such component.

Default Ports Used by Geocortex Core

By default, Geocortex Core's services use the TCP network ports listed in the table below. These ports must not be used by any other application on the server, or restricted in any way.

Do not expose any ports other than 80 and 443 to the Internet. Ports reserved for Core are only used internally.

Default TCP Network Ports to Reserve for Geocortex Core

Geocortex Core Service

Ports

Geocortex Core (Internet)

80

Document Store Role and Elasticsearch/Clustering

19201 and 19300

Discovery Role (Installation)

3702

Printing

4731

Web Service Proxy

10080

 

You can use the information in the table below to recreate a Firewall rule that has been deleted in error:

Rule Name

Program or Port

Scope

Profiles

Geocortex Core Discovery

UDP:3702

Any computer

Domain, Private

Geocortex Core Document Store

TCP:19201

Any computer

Domain, Private

Geocortex Core Document Store

TCP:19300

Any computer

Domain, Private

Geocortex Core Web Service Proxy

TCP:10080

Any computer

Domain, Private

If your cluster is on a network that is configured to use a public profile, you need to set the above firewall rules to use a public profile as well.

Change the Data Store's Port

The Geocortex Data Store provides document storage services for Geocortex products. It uses the Document Store role in Core. By default, the Document Store role uses port 19201 to provide HTTP access to your data. Many organizations change this port for security reasons.

If you need to change other ports besides the Data Store's port 19201, contact Geocortex Support at support@geocortex.com.

Before you change the Document Store's 19201 port or any other port, it is your responsibility to ensure that the new port is not being used by another application.

To change the Data Store's default port 19201:

Step 1: Change the Port Number

  1. In Windows Explorer, locate Geocortex Core's Geocortex.Platform.Host.exe.config file.

    If Geocortex Core is installed in the default location, the file can be found at the following location:

    C:\Program Files\Latitude Geographics\Geocortex Core\Bin\Geocortex.Platform.Host.exe.config

  2. Open Geocortex.Platform.Host.exe.config in a text or XML editor as an administrator.

    If you do not have a plain text editor, you can use Notepad, which is built into Windows.

  3. In the file, locate the following line:

    <add key="DocumentStoreUris" value="http://localhost:19201/" />
  4. Change the value for the DocumentStoreUris key to include your preferred port.

    For example, if you wanted to use the port 12345, you would change the default value from http://localhost:19201/ to http://localhost:12345/.

  5. Save and exit the file.

Step 2: Update the Firewall Rule

In addition to changing the port number in the Geocortex.Platform.Host.exe.config file, you must manually change the firewall's inbound rule to match. During installation, Core sets up a rule for the Geocortex Core Document Store to match the software's default configured port, 19201.

You may noticed a second firewall rule with the name Geocortex Core Document Store that uses the local port 19300. This rule is used specifically for clustering in multi-server environments. You do not need to modify this firewall rule to change the Data Store's port.

If you use Windows Firewall, you can use the following instructions to change the firewall's inbound rule for the Geocortex Core Document Store role.

  1. On the server running an instance of Geocortex Core, open Windows's Control Panel.

  2. Open Windows Firewall.

  3. In the side panel, click Advanced settings.

    The Windows Firewall with Advanced Security window opens.

  4. In the side panel, navigate to Inbound Rules.

  5. Locate the Name column, find the Geocortex Core Document Store rule with the Local Port set to 19201.

  6. Right-click the rule and select Properties.

  7. On the Protocols and Ports tab, change the Local port to the port number that you want to use.

  8. Click OK.

Step 3: Restart the Geocortex Core Server

  1. Restart the Geocortex Core server.

    The updated firewall rule takes effect.

Firewall Access for Geocortex Core

Geocortex Core requires access through the firewall. During the Core installation process, the required rules are added to Windows Firewall.

By default, the Geocortex Data Store uses port 19201 to access your Data Store data. Many organizations prefer to change this port for security reasons.

If you use some other firewall besides Windows Firewall, you need to manually set the inbound firewall rules based on the rules set in Widows Firewall.

To see the entire rules, view them in Windows Firewall.

To view the Windows Firewall's inbound rules:

  1. Open Windows Control Panel.

  2. Click Windows Firewall.

  3. In the side panel, click Advanced settings.

  4. In the side panel, click Inbound Rules.