Purpose
This article outlines all the networking requirements that are needed to accommodate an international V5 MicroMarket kiosk in Australia.
Please contact 365 Support at 888-365-6282 or support@365smartshop.com if you have any questions related to this document.
All 365 Kiosks Require
- A persistent internet connection
- A "persistent" network connection is always on. This can be the local network of the business where the kiosk is located, a dedicated DSL line, or any other "always-on" type connection.
- With a minimum speed of 1 Mbps up and 2 Mbps down
- And firewall exceptions to allow both inbound and outbound connections
The router creates a secure network connection between the devices plugged into the router and the 365 server. All traffic initiated from the kiosks travels through this secure, private connection.
This connection is called a "VPN tunnel" (Virtual Private Network) and uses a communication protocol called IPSec with IKE to create a private connection over public data pathways. The data is encrypted with two complex ciphers known as 3DES and AES.
Meraki Z1 Router
The 365 equipment comes pre-configured to connect to your DHCP network. If you prefer to assign static IP settings, contact the 365 Support Team
The Meraki routers each have four ports for devices to connect. LAN1, LAN2, and LAN3 are for kiosks and POS devices only. LAN4 is for Impact Printers and DVRs.
If you need additional ports, use a switch to extend LAN4.
The steps on the next page describe how to install your Meraki router to ensure that your kiosks' network connection is private and secure.
- Connect an Ethernet cable from your Internet source to the Internet port of the Meraki Z1 router.
- Connect an Ethernet cable from the port labeled LAN 1 of the Meraki Z1 to the Ethernet port of the ELO Touchscreen POS computer.
- Verify that UDP Port 7351 is open to the Meraki Cloud servers listed in the "White List Addresses" table below.
- Verify that UDP Port 9350 is open to the Meraki VPN Registry servers listed in the table below.
- Verify that UDP Ports 32768 – 61000 are open to the IPSEC VPN server listed in the table below.
- Verify that UDP Port 9001 and TCP ports 9000, 5000, 26520 are open to the credit card servers listed in the table below.
Wiring and Network Diagram
Testing
After setup, run the following tests and email the results to implementation@365smartshop.com
Test | Requirements |
http://www.speedtest.net/ | 2Mbps download 1Mbps upload |
http://www.pingtest.net/ | Grade B |
White List Addresses - Meraki Routers
Service | FQDN/IP | Ports |
---|---|---|
Meraki Cloud Communication | 108.161.147.0/24 199.231.78.0/24 64.62.142.12/32 209.206.48.0/20 216.157.128.0/20 158.115.128.0/19 |
UDP: 7351 |
Meraki VPN Registry | 199.231.78.0/24 108.161.147.0/24 209.206.48.0/20 |
UDP: 9350 |
IPsec VPN | 69.39.84.205/32 69.39.84.206/32 |
UDP: 32768 through 65535 |
Continuous Router Uplink Status Checks | 8.8.8.8 8.8.4.4 |
|
Cisco Umbrella DNS for Meraki Router DHCP assignments | 208.67.222.222 208.67.220.220 |
|
Credit Card Servers | 63.241.142.183 63.241.142.205 64.255.204.170 api.apriva.com https://api2.heartlandportico.com/Hps.Exchange.PosGateway/PosGatewayService.asmx
|
TCP/UDP: 11079, 11099 |
App Update Server(API Server) | https://smartshop365.jfrog.io/smartshop365 | |
Identity Server | https://365pos.365smartshop.com/identityserver/.well-known/openid-configuration | |
Identity Server Monitor | https://365pos.365smartshop.com/365PosApi/api/Pos/isonline | |
TeamViewer | *.teamviewer.com | UDP: 5938 TCP: 5938, 443, 80 |
Time Server | ntp.ubuntu.com *ubuntu.pool.ntp.org *centos.pool.ntp.org |
UDP:123 |
Messaging Queue Gateway | b-46fc5d10-881e-459c-bcc6-ad3299fae303-1.mq.us-east-2.amazonaws.com b-46fc5d10-881e-459c-bcc6-ad3299fae303-2.mq.us-east-2.amazonaws.com mq1-prod.365retailmarkets.com mq2-prod.365retailmarkets.com mq.prod.365rm.us *.prod.365rm.us mq1.prod.365rm.us mq2.prod.365rm.us mq3.prod.365rm.us mq4.prod.365rm.us |
TCP/UDP: 61617, 8155 |
OS Security & Package Repos |
https://prodrepo.365smartshop.com http://ca.archive.ubuntu.com http://security.ubuntu.com |
TCP: 443, 80 |
Required Websites |
https://readytouchpos.com https://adm.365retailmarkets.com https://adm.365retailmarkets.co.uk https://365mobileinventory.com |
|
iMonnit & Monnit Temperature Sensors (Optional Service) |
sensorsgateway.com t1.sensorsgateway.com t2.sensorsgateway.com u1.sensorsgateway.com u2.sensorsgateway.com 192.41.25.11 192.41.25.12 |
TCP: 3000 UDP: 3000 |
Adyen | *.adyenpayments.com *.adyen.com |
TCP/443 TCP/8443 |
Application Services Gateway | https://tally.prod.365rm.us/ |