Network Requirements - V5 MicroMarket Kiosks
Updated
Print

Table of Contents:

 

Purpose

This article outlines all of the networking requirements that are needed to accommodate a V5 MicroMarket kiosk or a ReadyTouch kiosk that utilizes a Meraki Z1/Z3 router.

Please contact 365 Support at 888-365-6282 or support@365smartshop.com if you have any questions related to this document.

To view more network requirements for our various products, click here.

 

V5 Network Requirements

All 365 kiosks require:

  • A persistent internet connection
    • A “persistent” network connection is always on. This can be the local network of the business where the kiosk is located or, dedicated DSL line, or any other “always on” type connection

  • A minimum speed of 1 Mbps upload and 2 Mbps download

  • Firewall exceptions to allow both inbound and outbound connections

V5 Network Configuration

A V5 kiosk can function with or without a hardware VPN. There are different network requirements depending on the router enclosed in the kiosk base:

  • Meraki routers facilitate the VPN connection

  • Cisco RV110w, RV130, RV215w and similar model routers do not use a VPN
    • V5 kiosks will utilize these models if it was a legacy kiosk converted to V5

 

V5 Kiosks on Meraki Routers (VPN)

Typically, all new V5 kiosks have a Meraki Z3 router which facilitates the VPN connection. There will also be the prior model, the Meraki Z1, in the field on existing V5 kiosks.

  • In Canada, some V5 kiosks will utilize our older Cisco RV router. Please confirm the type of router that the kiosk is utilizing before making any changes to your firewall.

 

 

Meraki Z3 Router:

z3_final.png

Meraki Z1 Router:

meraki_final.png

 

The Meraki router creates a secure network connection between the devices plugged into the router and the 365 server. This connection is called a “VPN tunnel” (Virtual Private Network) and uses a communication protocol called IPsec with IKE in order to create a private connection over public data pathways. The data is encrypted with two complex ciphers known as AES and 3DES.

 

The majority of our traffic traverses over the VPN. However, certain traffic will still be sent over WAN straight to the internet. If you do not want to whitelist everything required, we offer a full-tunnel VPN option so that only whitelisting the VPN is necessary. Please contact 365 at 888-365-6282 or support@365smartshop.com if you would like a Meraki router set to full-tunnel.

 

White List Addresses - Meraki Routers

Service FQDN/IP Ports
Meraki Cloud Communication
  • 108.161.147.0/24

  • 199.231.78.0/24

  • 64.62.142.12/32

  • 54.193.207.248/32

  • 209.206.48.0/20
UDP: 7351
Meraki VPN Registry
  • 199.231.78.0/24

  • 64.156.192.245/32

  • 108.161.147.0/24

  • 209.206.48.0/20
UDP: 9350
IPsec VPN
  • 69.39.84.205/32

  • 69.39.84.206/32
UDP: 32768 through 61000
Credit Card Servers

UDP/TCP: 11079, 11099

Identity Server  
Identity Server Monitor  
TeamViewer

UDP: 5938 

TCP: 5938,
443, 80

Messaging Queue Gateway
  • ssl://b-46fc5d10-881e-459c-bcc6-ad3299fae303-1.mq.us-east-2.amazonaws.com

  • ssl://b-46fc5d10-881e-459c-bcc6-ad3299fae303-2.mq.us-east-2.amazonaws.com

  • ssl://mq1-prod.365rm.com

  • ssl://mq2-prod.365rm.com
TCP/UDP: 61617
Required Websites  
Continuous Router Uplink Status Checks
  • 8.8.8.8

  • 8.8.4.4
 
iMonnit & Monnit Temperature Sensors (Optional Service)

TCP: 3000

UDP: 3000

 

V5 Kiosks on Cisco RV Routers (No VPN)

Legacy kiosks that have been upgraded to V5 will not have a hardware VPN from a Meraki router. Instead, they will use the existing Cisco RV110w router and rely on the MQTT communication protocol.

We also carry RV130 and RV215w Cisco routers which look very similar to the RV110w shown below.

 

Cisco RV110w Router:

cisco_final.png

 

White List Addresses - Cisco RV Routers

Service FQDN/IP Ports
Credit Card Servers  
App Update Server (API Server)  
Identity Server  
Identity Server Monitor  
Messaging Queue Gateway
  • ssl://b-46fc5d10-881e-459c-bcc6-ad3299fae303-1.mq.us-east-2.amazonaws.com

  • ssl://b-46fc5d10-881e-459c-bcc6-ad3299fae303-2.mq.us-east-2.amazonaws.com

  • ssl://mq1-prod.365rm.com

  • ssl://mq2-prod.365rm.com
TCP/UDP: 61617
Contents Server  
Time Server  
Suggested DNS
  • 8.8.8.8 Primary

  • 1.1.1.1 Secondary
 
TeamViewer TCP: 5938,
443, 80

UDP: 5938 
Application Services Gateway  
Required Websites  
iMonnit & Monnit Temperature Sensors (Optional Service)

TCP: 3000

UDP: 3000

 

Change Log

Date Author Notes
8-26-2021 MS Created article & verified accuracy.