We have a NAT'ed firewall between two networks on our campus - the license manager sits on a server that is in the untrusted side along with most the clients that use the software. We have a few clients that need to use the software on the trust side though - this is normally achieved via port mapping. The problem we have is that the clients are trying to contact the server on high ports, usually 50,000+, so the connections get blocked at the firewall. Example of what we see:
Source: 164.58.xxx.xxx Port: 53891 UDP
Destination: 192.168.xxx.xxx Port: 5093 UDP
Is there a way to remedy this? Opening up all high level ports is not an option. Most license managers we use listen on the same port that the clients are trying to contact them on, so this has never been a problem.