HelpCenter

Explore
Avanti - Network Requirements Documentation 1.92
Updated

Purpose

The purpose of this article is to outline the required network configurations for release 1.92.

  

Overview

Access can be through a customer's network, dedicated wired Internet (cable or DSL), or cellular modem. The kiosk supports a connection using a standard CAT5/6 cable, WiFi connections and USB cellular modems are not supported. When using an internet connection where all outbound traffic is allowed, no special configuration is usually required. If the following requirements are not met, the kiosk may have poor performance or not work at all. It is strongly recommended that if the kiosk is being placed on a customer's network that it be placed on a segregated vLAN or in a DMZ where it will not have access to other resources on the network. 

  

Minimum Bandwidth and Data Transfer Requirement 

A symmetric .5Mbps connection is sufficient for daily kiosk operations. It is important to note that this is the actual bandwidth available, to achieve this with a dedicated internet connection the advertised speed must usually be 2Mbps down and 1Mbps up. 

Under normal operations the kiosk will use less than 1GB of data a month, however Avanti Markets may at times need to use additional data to meet business needs. 

 

IP Address and DNS Assignment 

Avanti kiosks can be assigned IP addresses and DNS servers using DHCP. Using DHCP is the preferred method. If necessary, a static IP and specific DNS servers can be specified. If specific DNS servers are not specified, Avanti will utilize 8.8.8.8 and 8.8.4.4 

 

Minimum Internet Access 

The kiosk must be able to communicate with resources on the following domains and ports. It is assumed that the DNS servers will be able to resolve the following URLs.  

 

Avanti - Minimum Internet Access Network Requirements

Domain  Protocol  Port  Direction  Note 
kiosk.mykioskworld.com  TCP  443  Outbound  Avanti kiosk asynchronous service. 
dishout.mykioskworld.com  TCP  443  Outbound  Avanti kiosks synchronous service. 
dsc.mykioskworld.com  TCP  443  Outbound  Desired State Configuration server. 
support.mykioskworld.com  TCP  443  Outbound  Remote access and management for Avanti Support. 
time.nist.gov  NTP / UDP  123  Outbound  Time synchronization 
prod.dw.us.fdcnet.biz  TCP  443  Outbound  Payment gateway for credit and debit payment. 
hercules.usconnectme.com  TCP  443  Outbound  USConnect Gateway if kiosk is USConnect enabled 
40.112.142.148
TCP 443 Outbound Data Candy

Additional Recommended Internet Access  

Domain  Protocol  Port  Direction  Note 
*.mykioskworld.com  TCP / UDP  TBD  Outbound  Top level Avanti domain. Additional services and infrastructure may be made available as our services continue to evolve in this name space. It is Avanti Markets' preference that this entire space be white listed. Avanti Markets will update our market operators when this occurs.

Remote Camera and DVR Access 

Domain Protocol Port Direction Note
*.hamachi.cc  
*.logmein.com  
 
TCP 
UDP 
 
12975  
32976  
17771  
 
Outbound 
UDP hole punching  
 
LogMeIn Hamachi VPN attempts to create point to point connections between the kiosk and the market operator's PC running DVR client software. This point-to-point connection utilizes UPD hole punching. If this is not successful, then a connection is made via the Hamachi relay server via UDP or TCP.

The requirements above must be met to enable the market operator to remotely view the cameras and DVR recordings. If the requirement is not fully met, the market operator may not be able to remotely access the DVR and cameras at all or performance may be very poor. Data usage will increase if remote DVR access is being utilized. Connection speed must be at minimum 1Mbps down and 1Mbps up. Additional bandwidth up may be required to achieve optimal remote viewing. 

 

Emails 

 Web Access and the email receipt function from the kiosk will send the market users emails from our email service. The following email address may need to be whitelisted on the customer mail server if the market users are permitted to use their company email address. 

no-reply=avantimarkets.com@avanti.mykioskworld.com on behalf of no-reply@avantimarkets.com 

 

Network Requirements - Avanti - Datawire Integration

The following requirements apply only to locations using Datawire stored value solutions.  

Domain  Protocol  Port  Direction  Note 
https://vxn.datawire.net  TCP  443  Outbound  Active Service Provider 
https://vxn1.datawire.net  TCP  443  Outbound  Alternate Active Service Provider 
https://vxn2.datawire.net  TCP  443  Outbound  Alternate Active Service Provider 
https://vxn3.datawire.net  TCP  443  Outbound  Alternate Active Service Provider 
https://vxn4.datawire.net  TCP  443  Outbound  Alternate Active Service Provider 
https://support.datawire.net  TCP  443  Outbound  Instance registration server 

 

Network Requirements Supplemental Information

IP Ranges and Ports 

Some firewalls do not support the white-listing of the URLs provided in the network requirements. Some IT departments will also have this as a policy. The IP addresses in the below section are fairly stable, but always "Subject to change without notification." Avanti Markets will notify operators of any planned changes to the IP addresses under Avanti Markets control. Emergency changes may be necessary in some cases and may not be communicated in advance. IP address not controlled by Avanti Markets may be changed without notification, Avanti Markets will notify our market operators when we become aware of changes to these IP addresses. Avanti Markets recommends white listing the URLs provided rather than the IP addresses to enhance resilience and reliability. 

 

Credit and Debit Card Processor - Prod.dw.us.fdcnet.biz  

The credit and debit transactions are passed directly to our processor on port 443 (TCP) at 216.66.222.254 and 208.72.254.254 

 

Kiosk Asynchronous Service - kiosk.mykioskworld.com 

The application asynchronously communicates on port 443 (TCP) and the IP address it connects to is 104.45.215.218 

 

Kiosk Synchronous Service - dishout.mykioskworld.com 

The application synchronously communicates on port 443 (TCP) and the IP address it connects to is 13.83.25.65 

 

Desired State Configuration - dsc.mykioskworld.com 

Configuration management communicates on port 443 (TCP) and the IP address it connects to is 13.91.108.167 

 

Remote Management and Support - support.mykioskworld.com 

Remote support appliance for remote access. Communicates on port 443 (TCP) and the IP address it connects to is 13.93.196.142 

 

Time Synchronization - time.nist.gov 

Time servers communication will be using NTP/UDP on port 123. A complete list of IP addresses can be found at: https://tf.nist.gov/tf-cgi/servers.cgi 

 

Remote Camera and DVR Access - *.hamachi.cc 

This allows the market operator to remotely view the DVR recordings and live footage from the market. The market operator only has access to the DVR. The Hamachi VPN client will use the following ports 443, 12975, 17771, and 32976 when it is communicating with the Hamachi servers. The Hamachi servers are operated out of the same pool of addresses as other LogMeIn infrastructure. 

Allow List:

https://support.logmeininc.com/hamachi/help/allowlisting-and-goto

For optimal bandwidth, Hamachi attempts to negotiate a point to point connection via UDP hole punching with the market operator's PC running the Hamachi client. This will result in UDP traffic on unspecified ports from the market operator's IP address in addition to the address rages listed above. If the point-to-point connection fails, the connection will be relayed through a Hamachi relay server. 

 

Network Requirements - Avanti - Other

USConnect Gateway 
if kiosk is USConnect enabled 
- hercules.usconnectme.com
54.175.223.2
52.7.29.74
34.196.157.67
52.54.158.222
34.236.207.68
54.236.168.80
34.239.50.172
54.173.38.227
34.232.246.252
52.5.154.83
184.73.218.134
35.171.0.114
52.223.46.63
35.71.139.175
Communicates on port 443 (TCP)
Datawire Integration - *.datawire.net 
The following requirements apply only to 
locations using Datawire stored value solutions.
216.220.36.75
129.33.160.116
64.243.142.36
206.112.91.167
66.241.131.100
69.46.100.78