Purpose

This article outlines all of the networking requirements that are needed to accommodate an international V5 MicroMarket kiosk.

Please contact 365 Support by phone (international phone numbers listed in the footer at the bottom of this page) or email (support@365smartshop.com) if you have any questions related to this document.

To view more network requirements for our various products, click here.

All 365 Kiosks Require:

a persistent internet connection
- A “persistent” network connection is always on. This can be the local network of the business where the kiosk is located, a dedicated DSL line, or any other “always-on” type connection.
with a minimum speed of 1 Mbps up and 2 Mbps down
and firewall exceptions to allow both inbound and outbound connections (ports listed below).

The router creates a secure network connection between the devices plugged into the router and the 365 server. All traffic initiated from the kiosks travels through this secure, private connection.

This connection is called a “VPN tunnel” (Virtual Private Network) and uses a communication protocol called IPSec with IKE to create a private connection over public data pathways. The data is encrypted with two complex ciphers known as 3DES and AES.

Meraki Z3 Router

NOTE: Meraki routers support PoE. It is auto-sensing, limited to 1 PoE device, and is 802.3af capable.

Important 1: The 365 equipment comes pre-configured to connect to your DHCP network. If you prefer to assign static IP settings, contact the 365 Support Team!

Important 2: The Meraki routers each have four ports for devices to connect. LAN1, LAN2, and LAN3 are for kiosks and POS devices only. LAN4 is for Impact Printers and DVRs.

If you need additional ports, use a switch to extend LAN4.

The steps on the next page describe how to install your Meraki router to ensure that your kiosk's network connection is private and secure.

Connect an Ethernet cable from your Internet source to the Internet port of the Meraki Z3 router.
Connect an Ethernet cable from the port labeled LAN 1 of the Meraki Z3 to the Ethernet port of the ELO Touchscreen POS computer.
Verify that UDP Port 7351 is open to the Meraki Cloud servers listed in the “White List Addresses” table below.
Verify that UDP Port 9350 is open to the Meraki VPN Registry servers listed in the table below.
Verify that UDP Ports 32768 – 61000 are open to the IPSEC VPN server listed in the table below.
Verify that UDP Port 9001 and TCP ports 9000, 5000, 26520 are open to the credit card servers listed in the table below.

Wiring and Network Diagram

Testing

After setup, run the following tests and email the results to implementation@365smartshop.com.

Test

Requirements

http://www.speedtest.net/

2Mbps download

1Mbps upload

http://www.pingtest.net/

Grade B

Whitelist Addresses

Meraki VPN Registry	108.161.147.0/24
	199.231.78.0/24
	64.62.142.12/32
	54.193.207.248/32
	209.206.48.0/20
Meraki Cloud	199.231.78.0/24
	64.156.192.245/32
	108.161.147.0/24
	209.206.48.0/20
	216.157.128.0/20
	158.115.128.0/19
Cisco Umbrella DNS	208.67.222.222
	208.67.220.220
IPSEC VPN	69.39.84.205/32 69.39.84.206/32
Credit Card Servers	International	US
	82.80.44.34	72.28.118.100
	82.102.172.206	52.49.25.101
	212.179.76.198	52.48.246.133
	77.247.183.162
	77.247.183.163
	72.247.177.10
Nayax DCS URLs	Il1.nayax.net	Global BGP IPs
	Il2.nayax.net
	Il3.nayax.net	185.159.232.24/29
	Il4.nayax.net	185.159.233.24/29
	Backup.nayax.net	185.159.234.24/29
	Dev.nayax.net	185.159.235.24/29
	QA.nayax.net	185.159.232.98/32
	Boot.nayax.net	185.159.233.98/32
Other	*.nayax.com	185.159.234.98/32
	*.nayax.net	185.159.235.98/32
	*.nayaxvend.com	185.159.232.32/29
	s3.amazonaws.com	185.159.233.32/29
	seal.verisign.com	185.159.234.32/29
	www.verisign.com	185.159.235.32/29
	extended-validation-ssl.verisign.com	185.159.232.2/32
	trustsealinfo.verisign.com	185.159.233.2/32
	www.macromedia.com	185.159.234.2/32
	www.mcafeesecure.com	185.159.235.2/32
	images.scanalert.com
	download.macromedia.com