Purpose
This document aims to assist in selecting the correct network requirements sheet needed for your kiosk based on the POS software and network equipment installed. This document will continue to be updated with the most up-to-date network requirements for CK.
Please contact Company Kitchen Support at (877) 280-7373, option 3 if you have any questions related to this document.
To view more network requirements for our various products, see the List of Network Requirements.
IMPORTANT NOTE
The attached network requirements will be found in the attachments of this article, as well as below. Please complete the required information and return the form to your contact.
Aeris
The Aeris POS will look similar to the following images:
Network Requirements - CK Aeris (Legacy)
| Type | IP Range | Port |
|---|---|---|
| Company Kitchen Servers | 3.138.91.217 18.218.186.204 3.129.236.128 3.13.249.20 3.133.56.45 3.140.160.88 3.140.60.11 3.142.129.215 3.142.138.27 3.142.17.236 |
80, 22, 443, 4505, 4506, 13377 UDP: 1196, 123 |
| Heartland Payment Systems (Credit Transactions) | 65.118.49.0/24 | 443 |
| LogMeIn for Maintenance | 64.74.103.0/24 64.94.18.0/24 212.118.234.0/24 64.94.46.0/23 63.251.34.0/24 63.251.46.0/23 64.74.17.0/24 64.74.18.0/23 64.95.128.0/23 66.150.108.0/24 67.217.80.0/23 69.25.20.0/23 69.25.247.0/24 95.172.70.0/24 111.221.57.0/24 |
80, 443 |
| Google DNS (If None Provided) | 8.8.8.8 8.8.4.4 |
53 |
Blaster
Kiosks that run Blaster (Café or Market) can have variations in the network equipment and thus have different requirements.
Blaster POS will look similar to the following images:
Unifi
If your kiosk has an Unifi router that looks like this:
Use the following network requirements. These network requirements apply whether you have the floor model or the desktop. There is a PDF attachment in this article for both floor model and desktop, which list the same ports, but have different diagrams for each type.
Network Requirements - CK Unifi Router
| Type | IP Range | Port |
|---|---|---|
| Company Kitchen Servers | 3.138.91.217 18.218.186.204 3.129.236.128 3.13.249.20 3.133.56.45 3.140.160.88 3.140.60.11 3.142.129.215 3.142.138.27 3.142.17.236 |
80, 22, 443, 4505, 4506 UDP: 123 |
| Kiosk Updates & Security | mirrors.digitalocean.com | 80 |
| s3.us-west-2.amazonaws.com s3.us-east-2.amazonaws.com repo.companykitchen.com |
443 | |
| *.amp.cisco.com | 80, 443 | |
| UniFi | 52.10.133.244 | 8080, UDP: 3478 |
| OpenVPN | 52.24.142.25 | UDP: 1194 |
| Heartland Payment Systems (Credit Transactions) | 65.118.49.0/24 dev-relay-mqtt.365rm.us 35.211.11.79 365retailmarkets.castlestech.net http://castles-broker.365rm.us |
443, 8883 UDP: 8883, 18732 |
| LogMeIn for Maintenance | 64.74.103.0/24 64.94.18.0/24 212.118.234.0/24 64.94.46.0/23 63.251.34.0/24 63.251.46.0/23 64.74.17.0/24 64.74.18.0/23 64.95.128.0/23 66.150.108.0/24 67.217.80.0/23 69.25.20.0/23 69.25.247.0/24 95.172.70.0/24 111.221.57.0/24 |
443 |
| Google DNS (If None Provided) | 8.8.8.8 8.8.4.4 |
53 |
Meraki
If your kiosk has a Meraki router that looks like this, use the following network requirements. 
CK Network Requirements: Meraki Router
| Type | IP Range | Port |
| Company Kitchen Servers | 3.138.91.217 18.218.186.204 3.129.236.128 3.13.249.20 3.133.56.45 3.140.160.88 3.140.60.11 3.142.129.215 3.142.138.27 3.142.17.236 |
80, 22, 443, 4505, 4506 UDP: 1196, 123 |
| Kiosk Updates & Security | mirrors.digitalocean.com | 80 |
| s3.us-west-2.amazonaws.com s3.us-east-2.amazonaws.com repo.companykitchen.com |
443 | |
| *.amp.cisco.com | 80, 443 | |
| Cisco Meraki | 64.62.142.12/32 158.115.128.0/19 209.206.48.0/20 216.157.128.0/20 api.meraki.com |
UDP: 7351, 9350-9381 TCP: 80, 443 |
| ICMP access is also needed on the above Meraki addresses | ICMP | |
| Heartland Payment Systems (Credit Transactions) | 65.118.49.0/24 dev-relay-mqtt.365rm.us 35.211.11.79 365retailmarkets.castlestech.net http://castles-broker.365rm.us |
443, 8883 UDP: 8883, 18732 |
| LogMeIn for Maintenance | 64.74.103.0/24 64.94.18.0/24 212.118.234.0/24 64.94.46.0/23 63.251.34.0/24 63.251.46.0/23 64.74.17.0/24 64.74.18.0/23 64.95.128.0/23 66.150.108.0/24 67.217.80.0/23 69.25.20.0/23 69.25.247.0/24 95.172.70.0/24 111.221.57.0/24 |
443 |
| Google DNS (If None Provided) | 8.8.8.8 8.8.4.4 |
53 |
Other
If the router used in your kiosk is neither Unifi nor Meraki, then it's most likely a Netgear. These routers will not be cloud managed by CK.
Network Requirements - CK - Netgear
| Type | IP Range | Port |
|---|---|---|
| Company Kitchen Servers | 3.138.91.217 18.218.186.204 3.129.236.128 3.13.249.20 3.133.56.45 3.140.160.88 3.140.60.11 3.142.129.215 3.142.138.27 3.142.17.236 |
80, 22, 443, 4505, 4506 UDP: 1196, 123 |
| Kiosk Updates & Security | mirrors.digitalocean.com | 80 |
| s3.us-west-2.amazonaws.com s3.us-east-2.amazonaws.com repo.companykitchen.com contracts.canonical.com/ esm.ubuntu.com/* |
443 | |
| *.amp.cisco.com | 80, 443 | |
| Heartland Payment Systems (Credit Transactions) | 65.118.49.0/24 dev-relay-mqtt.365rm.us 35.211.11.79 365retailmarkets.castlestech.net http://castles-broker.365rm.us |
443, 8883 UDP: 8883, 18732 |
| LogMeIn for Maintenance | 64.74.103.0/24 64.94.18.0/24 212.118.234.0/24 64.94.46.0/23 63.251.34.0/24 63.251.46.0/23 64.74.17.0/24 64.74.18.0/23 64.95.128.0/23 66.150.108.0/24 67.217.80.0/23 69.25.20.0/23 69.25.247.0/24 95.172.70.0/24 111.221.57.0/24 |
443 |
| Google DNS (If None Provided) | 8.8.8.8 8.8.4.4 |
53 |
White List Addresses - Meraki Routers
| Service | FQDN/IP | Ports |
|---|---|---|
| Meraki Cloud Communication and VPN Registry | 64.62.142.12/32 158.115.128.0/19 209.206.48.0/20 216.157.128.0/20 api.meraki.com |
UDP: 7351, 9350-9381 (Outbound/Established) TCP: 80, 443 (Outbound/Established) |
| IPsec VPN | 69.39.84.205/32 69.39.84.206/32 |
UDP: 32768 through 65535 |
| Continuous Router Uplink Status Checks | 8.8.8.8 8.8.4.4 |
UDP: 53 ICMP |
| Cisco Umbrella DNS for Meraki Router DHCP assignments | 208.67.222.222 208.67.220.220 |
UDP: 53 |
| Credit Card Servers | 63.241.142.183 63.241.142.205 64.255.204.170 api.apriva.com https://api2.heartlandportico.com/Hps.Exchange.PosGateway/PosGatewayService.asmx
|
TCP/UDP: 11079, 11099 |
| App Update Server(API Server) | https://smartshop365.jfrog.io/smartshop365 | |
| Identity Server | https://365pos.365smartshop.com/identityserver/.well-known/openid-configuration | |
| Identity Server Monitor | https://365pos.365smartshop.com/365PosApi/api/Pos/isonline | |
| TeamViewer | *.teamviewer.com | UDP: 5938 TCP: 5938, 443, 80 |
| Time Server | ntp.ubuntu.com *ubuntu.pool.ntp.org *centos.pool.ntp.org |
UDP:123 |
| Messaging Queue Gateway | b-46fc5d10-881e-459c-bcc6-ad3299fae303-1.mq.us-east-2.amazonaws.com b-46fc5d10-881e-459c-bcc6-ad3299fae303-2.mq.us-east-2.amazonaws.com mq1-prod.365retailmarkets.com mq2-prod.365retailmarkets.com mq.prod.365rm.us *.prod.365rm.us mq1.prod.365rm.us mq2.prod.365rm.us mq3.prod.365rm.us mq4.prod.365rm.us |
TCP/UDP: 61617, 8155 |
| OS Security & Package Repos |
https://prodrepo.365smartshop.com http://ca.archive.ubuntu.com http://security.ubuntu.com |
TCP: 443, 80 |
| Required Websites |
https://readytouchpos.com https://adm.365retailmarkets.com https://adm.365retailmarkets.co.uk https://365mobileinventory.com |
|
| iMonnit & Monnit Temperature Sensors (Optional Service) |
sensorsgateway.com t1.sensorsgateway.com t2.sensorsgateway.com u1.sensorsgateway.com u2.sensorsgateway.com 192.41.25.11 192.41.25.12 |
TCP: 3000 UDP: 3000 |
| Adyen | *.adyenpayments.com *.adyen.com |
TCP/443 TCP/8443 |
| Castles Communication | 365retailmarkets.castlestech.net | TCP/UDP: 443 |
| Application Services Gateway | https://tally.prod.365rm.us/ |