Skip to main content
Sign in
Deutsch (Deutschland) Español Français (Canada) Italiano Português do Brasil
Menu

Antivirus Exceptions for LP360

LP360 Support
  • Updated

LP360_Banner.png

đź“Ś Problem

When running LP360, some antivirus, firewall, and other defender style software may interfere with processing and cause processing exceptions or slow license check in, or processing times.

âś… Probable Resolutions

  1. Ensure adequate permissions and communication

It is recommended to provide exceptions for programs located in the following folders:

Note: In restricted or government-managed networks, endpoint allowlisting is also required. See the LP360 Online section below for full network requirements.

LP360

  • %CommonProgramFiles%\LP360 (read/execute)
  • %ProgramFiles%\LP360\
  • %ProgramData%\LP360\ (modify/read/execute/write)
  • %ProgramData%\Reprise\ (modify/read/execute/write, if using perpetual licenses)
  • %AppData%\LP360\ (Full control)
  • %ProgramFiles%\Applanix\ (read/execute)
  • %CommonProgramFiles%\Applanix\ (read/execute)
  • %AppData%\POSPacCloud\ (modify/read/execute/write)  *deprecated as of v2025.1
  • %ProgramFiles(x86)%\GeoCue Group\ (only if TrueView EVO is installed)  *deprecated as of v2022.1
  • %ProgramFiles(x86)%\Common Files\LP360\ (if LP360 for ArcMap is also installed)  *deprecated as of v2021.1
  • %ProgramFiles(x86)%\LP360\ (if LP360 for ArcMap is also installed)  *deprecated as of v2021.1

Applanix POSPacCloud

*deprecated as of v2025.2

POSPacCloud should always be installed with LP360 to support a growing list of tools, so include exceptions for:

  • %ProgramFiles%\Applanix
  • %CommonProgramFiles%\Applanix
  • %AppData%\POSPacCloud

POSPacCloud does need to be able to communicate through any firewalls with the following domains (different subdomains):

*.pospaccloud.com

*.trimble.com

*.trimblepaas.com

“%Program Files%\Applanix\POSPac Cloud\POSPacCloud.exe” needs to be able to communicate both inbound and outbound through any firewalls.

Applanix POSPac

If POSPac Complete, POSPac UAV, or POSPac MMS desktop is installed, also include exceptions for:

  • %ProgramFiles%\Applanix\ (read/execute)
  • %CommonProgramFiles%\Applanix\ (read/execute)
  • %ProgramFiles(x86)%\Applanix\ (read/execute)
  • %ProgramFiles(x86)%\SafeNet Sentinel\ (read/execute)
  • %ProgramData%\Applanix\ (modify/read/execute/write)
  • %AppData%\Applanix\ (modify/read/execute/write)
  • Exceptions will also need to be made to allow for the download of the ephemerides through the firewall to communicate with the services list in the %ProgramFiles%\Applanix\ POSPac UAV x.x\ EphemDataServices.ini file.
  • In the Windows Defender Firewall Advanced settings add the following Outbound rules:
    • Allow the program “C:\Program Files (x86)\Applanix\SoftwareLicenseUtility\Applanix.SoftwareLicenseUtility.exe”
    • Allow TCP port 5093
    • Allow UDP port 5093
  • In the Windows Defender Firewall Advanced settings add the following inbound rules:
    • Allow the program “C:\Program Files (x86)\Applanix\SoftwareLicenseUtility\Applanix.SoftwareLicenseUtility.exe”
    • Allow TCP port 5093
    • Allow UDP port 5093

Strip Align

*Deprecated in v2025.2.

If Strip Align is licensed, also include exceptions for:

  • %LocalAppData%\StripAlign\ (Full Control)
  • LP360 Strip Align licensing also requires an open HTTPS port (443) to ls65.rlmcloud.com [52.9.236.200] to complete the license validation unless an offline activation has been provided.

3D Photo Engine and Agisoft Ortho Mapping

In LP360 v2026.1 and newer, 3D Photo Engine and Agisoft Metashape console (node‑locked) license activation use HTTPS via GeoCue’s license activation service at https://license-activation.online.lp360.com/photoengine. Direct access to activate.agisoft.com is not required.

Legacy (LP360 v2025.2 and earlier): Activation required HTTPS access to activate.agisoft.com (51.250.32.188). This does not apply to v2026.1+.

TrueView Reckon

The backend payload management is done via communication with TrueView Reckon for maintaining calibrations and analyzing Cycle and system logs. If your payload is managed by Reckon, also include exceptions for:

  • airgon.net [54.172.67.168]

LP360 Online

If LP360 subscription or Trial licenses, or LP360 Online is in use, LP360 Online uses dynamic IPs that can change at any time. These services rely on multiple cloud-hosted endpoints for authentication, licensing, APIs, and data services.

Important: LP360 Online utilizes a distributed cloud architecture.
Authentication, licensing, and processing services are handled by separate endpoints and APIs. 
Allowing only a subset of endpoints (such as portal or cloud) is not sufficient. Blocking any required service may result in login failures, license validation issues, or partial functionality.

To ensure full functionality, your network must allow outbound HTTPS (TCP ports 443 and, in some cases, 80 for standard web traffic) access to the following:

Core LP360 Services

  • portal.lp360.com
  • cloud.lp360.com
  • checkout.lp360.com
  • store.lp360.com
  • lp360.com

LP360 Online / API Services

  • powersearch.online.lp360.com
  • psc-api.online.lp360.com
  • accounting.online.lp360.com
  • license-activation.online.lp360.com

Backend Service Infrastructure

  • backend-dot-lp360-cloud.uc.r.appspot.com
  • backend-dot-lp360-shop.uc.r.appspot.com

Microdrones Integration Services

  • api.microdrones.com
  • microdrones.com
  • *.microdrones.com

Wildcard Domains (Required)

  • *.lp360.com
  • *.online.lp360.com

Network Limitation

LP360 is not proxy-aware. The following configurations can prevent successful communication:

  • Authenticated proxy enforcement
  • SSL/TLS inspection or certificate substitution
  • Traffic rewriting or deep packet inspection altering HTTPS sessions

If these controls are present, they must be bypassed for the domains listed above to allow proper authentication and license validation.

IT Validation (Connectivity + SSL Inspection)

1. Connectivity Test:
Command Prompt / curl:
curl -I https://portal.lp360.com && curl -I https://psc-api.online.lp360.com 

PowerShell:
Test-NetConnection portal.lp360.com -Port 443
Test-NetConnection psc-api.online.lp360.com -Port 443 

2. SSL Inspection Test:
Command Prompt / curl:
curl -v https://portal.lp360.com 

PowerShell:
Invoke-WebRequest https://portal.lp360.com -UseBasicParsing 

Expected Results:

  • Connectivity: Successful TCP connection (PowerShell shows TcpTestSucceeded : True) or HTTP response (200/302).
  • SSL: Certificate should be issued by a public CA (e.g., Amazon, DigiCert, Google).

Failure Indicators:

  • Connection timeout or TcpTestSucceeded : False → Firewall or proxy blocking
  • Certificate issued by internal/security appliance → SSL inspection is active

Note: These tests validate representative LP360 Online services. If any test fails, additional required endpoints may also be blocked or intercepted.

Common Failure Signatures (LP360 Online Connectivity)

Use this table to quickly identify the root cause based on observed behavior and test results.

Observed Behavior Likely Cause Validation Signal Required Action
LP360 cannot log in / spins indefinitely Blocked API or authentication endpoint curl/Test-NetConnection fails for portal or API endpoint Allow all required *.lp360.com and *.online.lp360.com domains
Login works but license not available Partial allowlist (API/backend blocked) portal works but psc-api.online.lp360.com fails Allow full endpoint list (not just portal/cloud)
Intermittent failures / inconsistent behavior Dynamic endpoints partially blocked Some endpoints succeed, others fail Allow wildcard domains (*.lp360.com, *.online.lp360.com)
Connection succeeds but features fail silently Backend service (GCP/AWS) blocked backend-dot-* endpoints unreachable Allow backend-dot-lp360-* endpoints
curl works but LP360 still fails SSL inspection / TLS interception curl -v shows internal/corporate certificate issuer Bypass SSL inspection for LP360 domains
Certificate warnings or trust errors Certificate substitution by security appliance Issuer is not public CA (Amazon, DigiCert, Google) Disable SSL inspection for affected domains
Immediate connection failure / timeout Firewall or proxy blocking outbound HTTPS Test-NetConnection shows TcpTestSucceeded : False Allow outbound TCP 443 to required domains
Works on hotspot but not corporate network Enterprise proxy or inspection policy All tests succeed off-network, fail on-network Review proxy, SSL inspection, and endpoint policies
Microdrones-related features fail Microdrones endpoints blocked api.microdrones.com unreachable Allow *.microdrones.com domains

LP360 Email Notifications

For jobs in the Job Manager, and a few other functions in LP360, email notifications are sent from LP360Notification@geocue.com to the notification email address configured in Project Settings → Global → LP360 Email Notification Settings using the SMTP service SMTP2GO.

SMTP2GO uses dynamic IP addresses, so outbound firewall rules must allow access to the following domains:

*.smtp2go.com
*.linodeusercontent.com

In addition to domain allow-listing, the SMTP port configured for SMTP2GO must also be permitted through the firewall. A mismatch between the configured SMTP port and allowed outbound ports can prevent email notifications from being sent and may cause certain jobs to remain in an InProgress state without producing an explicit error.

SMTP2GO outbound SMTP ports:

  • 2525 (hardcoded)

If outbound SMTP traffic is restricted, verify with IT that the SMTP2GO port in use is explicitly allowed by the firewall.

📬 Need Help?

If you're still stuck, please Contact Support for assistance.

Related to

Related articles

Comments

0 comments

Please sign in to leave a comment.