Purpose

This article outlines all of the networking requirements that are needed to accommodate a PicoCooler, PicoMarket, or NanoMarket kiosk.

Please note that there are no network requirements for PicoCooler Breeze, as the PicoCooler Breeze has to use a cellular connection.
A PicoCooler may use either a wireless or cellular connection.

Please contact 365 Support at 888-365-6282 or support@365rm.com if you have any questions related to this document.

To view more network requirements for our various products, see the Network Requirements tagged articles.

Network Requirements

All of the following Fully Qualified Domain Names (FQDN) listed below are required for the PicoCooler and NanoMarket kiosk to function correctly.
All connections are initiated from the PicoCooler or NanoMarket kiosk. The FQDN and ports below need to be open for outgoing bidirectional communication.

Description	FQDN	Ports
Images, style JSON	https://static.readytouchpos.com	TCP: 443
Android/Google Services	commondatastorage.googleapis.com google.com	TCP: 443, 80
Android/Google Services	gcm.googleapis.com	TCP/UDP: 5228-5230
Auth0 Login Security	https://prod-365.us.auth0.com/	TCP: 443
Pushy Service	.pushy.me .pushy.io	TCP: 1883, 443
Tally/Security	https://tally.prod.365rm.us/	TCP: 443
Captive Portal Detection	*.google.com	TCP: 443, 80
Logging, Artifact Storage, Update Delivery	https://nanomarketblobs.blob.core.windows.net/ http://nanomarketcdn.azureedge.net	TCP: 443
Logging (If a Pico is not updating logs, on local IT or third-party wireless, make sure these are whitelisted)	*.instana.io	TCP: 443
INTERNATIONAL LOCATIONS ONLY: International credit card processing	.adyen.com .adyenpayments.com prodamq.vct.vibbek.com	TCP: 443, 8443, 61613, 61617

Sensor Swarm Temperature Sensors (NanoMarket only)

Sensor Swarm temperature sensors are for NanoMarkets only. They are used to remotely monitor the temperatures in coolers & freezers within the market.

FQDN	Port
swarmdata.sensor-swarm.com	TCP/UDP: 80, 443
host.sensor-swarm.com	TCP/UDP: 80, 443
54.214.42.80	TCP/UDP: 80, 443
time.nist.gov	TCP/UDP: 123
<Access Point Gateway IP>	TCP/UDP: 53

Meraki Router Requirements

Should the Pico/NanoMarket device utilize a Meraki Router, Meraki Cloud and Registry addresses will have to be whitelisted, as well as any above sections/requirements.

Service	FQDN/IP	Ports
Meraki Cloud Communication and VPN Registry	64.62.142.12/32 158.115.128.0/19 209.206.48.0/20 216.157.128.0/20 api.meraki.com	UDP: 7351, 9350-9381 (Outbound/Established) TCP: 80, 443 (Outbound/Established)
IPsec VPN	69.39.84.205/32 69.39.84.206/32	UDP: 32768 through 61000
Continuous Router Uplink Status Checks	8.8.8.8 8.8.4.4	UDP: 53 ICMP
Cisco Umbrella DNS for Meraki Router DHCP assignments	208.67.222.222 208.67.220.220	UDP: 53

Pronto Router Network Requirements

The Pronto router is optimized for a direct cellular connection using the onboard SIM.
The following are the network requirements for using the wired uplink, or wired uplink with onboard cellular failover.

Pronto Router.png

Description	FQDN	Ports
Cloud Connectivity	live-hb.wavespot.ai fallbacklive.wavespot.ai	TCP: 443, 80
Cloud Connectivity	live-ohb.wavespot.ai live-hb.wavespot.ai	UDP: 8888
GEO IP Details	ip-api.com	TCP: 443, 80
NTP	0.openwrt.pool.npt.org 1.openwrt.pool.npt.org 2.openwrt.pool.npt.org	UDP: 123
DNS Resolution	8.8.8.8 8.8.4.4 Or IPS provider or as configured on the network	UDP: 53

Wireless Network

If you are creating your own wireless network or connecting to a client’s network, you must follow the latest PCI DSS guidelines for wireless network security. Consult your QSA or https://www.pcisecuritystandards.org/ for more information.

Our PicoCooler/Market or NanoMarket kiosks require a passphrase-secured, non-Guest WiFi SSID. In addition to this, they cannot operate on a WiFi network with a captive portal or login page.

NOTE: If you are not comfortable creating a WiFi network with PCI DSS or cannot validate that the client’s WiFi network follows PCI DSS, 365 Retail Markets offers several solutions to assist with network connectivity. Contact your account manager for more information.

Wired Network

If you are creating your own wired network or connecting to a client’s network, you still must follow the latest PCI DSS guidelines for network security. Consult your QSA or https://www.pcisecuritystandards.org/ for more information.

NOTE: If you are not comfortable creating a network with PCI DSS, or cannot validate that the client’s network follows PCI DSS, 365 Retail Markets offers several solutions to assist with network connectivity for your PicoMarket or NanoMarket. Contact your account manager for more information.

Cellular Network

If you plan to utilize SIM cards to access the internet via a cellular network, the above Network Requirements do NOT need to be whitelisted. Cellular Network providers include Optconnect and Max Aware devices.

365 currently offers SIM cards with AT&T or Verizon as carriers.

OptConnect Max vs Meraki Router

The following is a table of feature and components that will function with a Cellular Max Aware device vs. a Meraki Router.

Features & Devices	Meraki	OptConnect Max
Remote Access to Kiosk	Yes	Yes
Templates/Profiles	Yes	Yes* - With assistance from OptConnect
Dashweb Support	Yes	Yes
Kiosk/Provisioning	Yes	Yes
WiFi	Yes	Yes
Remote Reboot	Yes	Yes
US/CA Castles Readers	Yes	No
Wallee Castles Readers	Yes	No
Adyen UX410 Readers	Yes	No
Connected Devices/Clients visibility	Yes
Client/Device Static Settings	Yes	Yes* - With assistance from OptConnect
Packet Capture	Yes

Change Log

Date	Author	Notes
11/13/2025	BM	Changed Logging, Artifact Storage, Update Delivery Section, Removed: api.mobile.azure.com
10/1/2025	BM	Added: Pronto Router Network Requirements
9/25/2025	BM	Added: Captive Portal Detection, .google.com, TCP: 443, 80* Changed Logging, Artifact Storage, Update Delivery Section, Added: http://nanomarketcdn.azureedge.net/
9/11/2025	CL	Changed INTERNATIONAL LOCATIONS ONLY: International credit card processing Section, Added: .adyen.com .adyenpayments.com TCP: 443, 8443,