Networking and connectivity details

If you have extensive network security restrictions, your IT or network administrator may need these specifications to prepare for the installation.

URL Information

These URLs must be accessible from the device, without any obstructions. This includes being free of any SSL packet inspection, web filtering devices or software monitoring.

Required URLs

  • Distributor - main PB Server that authenticates machine for access to other PB web services
  •  Funds (Funds Management & Refills) - funds are managed through a separate Funds Server
    • http://distservp1.pb.com (Port 80)
    • https://distservp1.pb.com (Port 443)
    • http://comet2.ct.pb.com (Port 80)
    • https://comet2.ct.pb.com (Port 443)
    • 199.231.45.46
    • 199.231.44.31
  • Rates and Updates (Download Services) - Downloads new software
    • Main Download Services entry
      • https://dlsdlp1.pb.com (Port 443)
      • https://dlsdlp1b.pb.com (Port 443)
    •  File Processing
      •  https://pbdlsp1.pb.com (Port 443)
      • https://pbdlsp1t.pb.com (Port 443)
      • https://pbdlsp1k.pb.com (Port 443)
      • https://pbdlsp1b.pb.com (Port 443)
      • https://pbdlsp1z.pb.com (Port 443)
    • OS Updates
      • https://pb-ota.redbend.com (Port 443)
  • Health Data Update - machine health Information upload
    • https://*.s3.amazonaws.com (Port 443)
  • Transactions List
    • https://csd-indiataxmeter-transaction.s3.ap-south-1.amazonaws.com.*
  • Network Connectivity Test Site - used by tablet's Android O/S to confirm connectivity
    • http://connectivitycheck.gstatic.com/generate_204 (Port 80)

Recommended URLs

We recommend these URLs are left open, but if this presents a security issue, they can remain blocked. They are enabled by default.

  • Device Management(uses Port 443 or 80 unless otherwise stated).
    • https://csd-indiataxmeter-transaction.s3.ap-south-1.amazonaws.com
    • a21iywh40b72eh-ats.iot.us-west-2.amazonaws.com
    • cognito-identity.-1.amazonaws.com
    • csd-error-logs.s3.amazonaws.com
    • csd-error-logs.s3-us-west-1.amazonaws.com
    • csd-launcher.s3.amazonaws.com
    • csd-launcher.s3-us-west-1.amazonaws.com
    • csd-mailing.s3.amazonaws.com
    • csd-remote-config.s3.amazonaws.com
    • *.ntp.org
    • www.pitneybowes.com

Remote Access

TeamViewer is an application that lets Pitney Bowes Service access your device remotely, when you authorise it. (A TeamViewer session can only be initiated by someone on your end, therefore the system cannot be accessed without your knowledge.) There are two ways to unblock TeamViewer:

  • General unblocking of Port 5938 TCP for outgoing connections (recommended). Port 5938 is only used by a few applications and therefore there is no security risk. This traffic should be filtered or cached.
  • Unblocking URLs of the following formats (to any server) GET:
    • /din.aspx?s=…&client=DynGate…GET
    • /dout.aspx?s=…&client=DynGate…POST
    • /dout.aspx?s=…&client=DynGate…

Regardless of which method you choose to unblock TeamViewer, verify there are no content filters or anything similar blocking one of these URLs:

  • *.TeamViewer.com
  • *.dyngate.com

Communications

The B700 Version 2.0 connection uses these ports and protocols. The system will require access through your network and firewall.

  • All communication is initiated from the system via ports 80 (HTTP) and 443 (TLS).
  • All communications from the system to the back end system are in the form of XML messages.

Ports

Port 80 (HTTP)

  • Web Services
  • TeamViewer (remote access software)

Port 443 (TLS)

  • B700 Version 2.0 sends requests to refill or audit its PSD (Postal Security Device) when the user requests it or an inspection is required. Audits occur if the PSD inspection date has expired.
  • Transaction records from the B700 Version 2.0 are automatically uploaded when a user message appears (within three days of the mail being generated).
  • O/S updates and PB Application Software and Rates Data updates.

Port 53

  • DNS lookup

Important: If your IT department uses a rules-based method for allowing specific ports to pass traffic on their network for port 53, you must allow both UDP and TCP traffic to this port.

Advanced Network Requirements

B700 Version 2.0 initiates all communication (via HTTP or TLS), so it can safely sit behind most corporate firewalls.

  • High-speed network connection
  • B700 Version 2.0 supports 802.11n WiFi WPA, WPA-2 PSK, WPA-802.1x (LEAP) protocols.
  • Due to security issues, WEP Wireless Security Protocol is not supported.
  • Both 2.4 and 5 GHz frequency band wireless is supported.
  • B700 Version 2.0 communicates to external web services via HTTP over Port 80
  • B700 Version 2.0 communicates to PB secure server(s) via TLS over port 443
  • B700 Version 2.0 uses Port 53 for DNS lookup
  • Pitney Bowes requires a minimum network bandwidth of 384 kbps (upstream and downstream) to operate, but we recommend 1 Mbit/sec for best performance
  • Pitney Bowes recommends that DSL or cellular devices are not shared across multiple B700 Version 2.0 systems
  • Customer owned web filtering devices or software, as well as SSL packet inspection should be disabled for these ports as they can affect performance or could prevent functionality.
  • B700 Version 2.0 internal base and tablet communication uses a subnet that consists of IPs from the 192.168.10.240 to 192.168.10.255 and 192.168.10.96 to 192.168.10.111 ranges. When the B700 Version 2.0 is connected to a network that has a default gateway which uses any address in these ranges, the B700 Version 2.0 will not be able to communicate on the network because messages can not be routed properly.
  • Wired Ethernet supports 10/100 Mbit speeds.

If you are unable to connect to the internet, ask your IT department or internet provider to check the internet settings before you contact Pitney Bowes.

Related topics