HelpCenter

Avanti - Network Requirements Documentation 1.92
Updated

Purpose

The purpose of this article is to outline the required network configurations for release 1.92.


Overview
 

Access can be thru a customer's network, dedicated wired Internet (cable or DSL), or cellular modem. The kiosk supports a connection using a standard CAT5/6 cable, WiFi connections and USB cellular modems are not supported. When using an internet connection where all outbound traffic is allowed no special configuration is usually required. If the following requirements are not met the kiosk may have poor performance or not work at all. It is strongly recommended that if the kiosk is being placed on a customer's network that it be placed on a segregated vLAN or in a DMZ where it will not have access to other resources on the network. 

  

Minimum Bandwidth and Data Transfer Requirement 

A symmetric .5Mbps connection is sufficient for daily kiosk operations. It is important to note that this is the actual bandwidth available, to achieve this with a dedicated internet connection the advertised speed must usually be 2Mbps down and 1Mbps up. 

Under normal operations the kiosk will use less than 1GB of data a month, however Avanti Markets may at times need to use additional data to meet business needs. 

 

IP Address and DNS Assignment 

Avanti kiosks can be assigned IP addresses and DNS servers using DHCP. Using DHCP is the preferred method. If necessary a static IP and specific DNS servers can be specified. If specific DNS servers are not specified Avanti will utilize 8.8.8.8 and 8.8.4.4 

 

Minimum Internet Access 

The kiosk must be able to communicate with resources on the following domains and ports. It is assumed that the DNS servers will be able to resolve the following URLs.  

Domain 

Protocol 

Port 

Direction 

Note 

kiosk.mykioskworld.com 

TCP 

443 

Outbound 

Avanti kiosk asynchronous service. 

dishout.mykioskworld.com 

TCP 

443 

Outbound 

Avanti kiosks synchronous service. 

dsc.mykioskworld.com 

TCP 

443 

Outbound 

Desired State Configuration server. 

support.mykioskworld.com 

TCP 

443 

Outbound 

Remote access and management for Avanti Support. 

time.nist.gov 

NTP / UDP 

123 

Outbound 

Time synchronization 

prod.dw.us.fdcnet.biz 

TCP 

443 

Outbound 

Payment gateway for credit and debit payment. 

hercules.usconnectme.com 

TCP 

443 

Outbound 

USConnect Gateway if kiosk is USConnect enabled 

40.112.142.148

TCP

443

Outbound

Data Candy

 

Additional Recommended Internet Access  

Domain 

Protocol 

Port 

Direction 

Note 

*.mykioskworld.com 

TCP / UDP 

TBD 

Outbound 

Top level Avanti domain. Additional services and infrastructure may be made available as our services continue to evolve in this name space. It is Avanti Markets' preference that this entire space be white listed. Avanti Markets will update our market operators when this occurs. 

 

Remote Camera and DVR Access 

The following requirements must be met to enable the market operator to remotely view the cameras and DVR recordings. If the requirement is not fully met the market operator may not be able to remotely access the DVR and cameras at all or performance may be very poor. Data usage will increase if remote DVR access is being utilized. Connection speed must be at minimum 1Mbps down and 1Mbps up. Additional bandwidth up may be required to achieve optimal remote viewing. 

Domain Protocol Port Direction Note

*.hamachi.cc 

*.logmein.com 

TCP

UDP

12975 

32976 

17771 

Outbound

UDP hole punching 

LogMeIn Hamachi VPN attempts to create point to point connections between the kiosk and the market operator's PC running DVR client software. This point to point connection utilizes UPD hole punching. If this is not successful then a connections is made via the Hamachi relay server via UDP or TCP. 

 

Emails 

 Web Access and the email receipt function from the kiosk will send the market users emails from our email service. The following email address may need to be white listed on the customer mail server if the market users are permitted to use their company email address. 

no-reply=avantimarkets.com@avanti.mykioskworld.com on behalf of no-reply@avantimarkets.com 

 

Datawire Integration 

The following requirements apply only to locations using Datawire stored value solutions.  

Domain 

Protocol 

Port 

Direction 

Note 

https://vxn.datawire.net 

TCP 

443 

Outbound 

Active Service Provider 

https://vxn1.datawire.net 

TCP 

443 

Outbound 

Alternate Active Service Provider 

https://vxn2.datawire.net 

TCP 

443 

Outbound 

Alternate Active Service Provider 

https://vxn3.datawire.net 

TCP 

443 

Outbound 

Alternate Active Service Provider 

https://vxn4.datawire.net 

TCP 

443 

Outbound 

Alternate Active Service Provider 

https://support.datawire.net 

TCP 

443 

Outbound 

Instance registration server 

 

Network Requirements Supplemental Information

IP Ranges and Ports 

Some firewalls do not support the white listing of the URLs provided in the network requirements. Some IT departments will also have this as a policy. The IP addresses in the below section are fairly stable but always "Subject to change without notification." Avanti Markets will notify operators of any planned changes to the IP addresses under Avanti Markets control. Emergency changes may be necessary in some cases and may not be communicated in advance. IP address not controlled by Avanti Markets may be changed without notification, Avanti Markets will notify our market operators when we become aware of changes to these IP addresses. Avanti Markets recommends white listing the URLs provided rather than the IP addresses to enhance resilience and reliability. 

 

Credit and Debit Card Processor - Prod.dw.us.fdcnet.biz  

The credit and debit transactions are passed directly to our processor on port 443 (TCP) at 216.66.222.254 and 208.72.254.254 

 

Kiosk Asynchronous Service - kiosk.mykioskworld.com 

The application asynchronously communicates on port 443 (TCP) and the IP address it connects to is 104.45.215.218 

 

Kiosk Synchronous Service - dishout.mykioskworld.com 

The application synchronously communicates on port 443 (TCP) and the IP address it connects to is 13.83.25.65 

 

Desired State Configuration - dsc.mykioskworld.com 

Configuration management communicates on port 443 (TCP) and the IP address it connects to is 13.91.108.167 

 

Remote Management and Support - support.mykioskworld.com 

Remote support appliance for remote access. Communicates on port 443 (TCP) and the IP address it connects to is 13.93.196.142 

 

Time Synchronization - time.nist.gov 

Time servers communication will be using NTP/UDP on port 123. A complete list of IP addresses can be found at: https://tf.nist.gov/tf-cgi/servers. cgi 

 

Remote Camera and DVR Access - *.hamachi.cc 

This allows the market operator to remotely view the DVR recordings and live footage from the market. The market operator only has access to the DVR. The Hamachi VPN client will use the following ports 443, 12975, 17771, and 32976 when it is is communicating with the Hamachi servers. The Hamachi servers are operated out of the same pool of addresses as other LogMeIn infrastructure. 

Allow List:

https://support.logmeininc.com/hamachi/help/allowlisting-and-goto

For optimal bandwidth Hamachi attempts to negotiate a point to point connection via UDP hole punching with the market operator's PC running the Hamachi client. This will result in UDP traffic on unspecified ports from the market operator's IP address in addition to the address rages listed above. If the point to point connection fails the connection will be relayed through a Hamachi relay server. 

 

USConnect Gateway if kiosk is USConnect enabled - hercules.usconnectme.com 

Communicates on port 443 (TCP) 
54.175.223.2 
52.7.29.74 
34.196.157.67 
52.54.158.222 
34.236.207.68 
54.236.168.80 
34.239.50.172 
54.173.38.227 
34.232.246.252
52.5.154.83
184.73.218.134
35.171.0.114

52.223.46.63
35.71.139.175

 

 

Datawire Integration - *.datawire.net 

The following requirements apply only to locations using Datawire stored value solutions. 
216.220.36.75 
129.33.160.116 
64.243.142.36 
206.112.91.167 
66.241.131.100 
69.46.100.78