The PushCoin Point of Sale (POS) systems need access to the following web Internet resources on TCP ports 80 and 443:
- api.pushcoin.com (AWS cloud, see below)
- webdns.pushcoin.com
- pos.pushcoin.com
- fdroid.pushcoin.com
- fdroid.org
- guardianproject.info
AWS cloud IP ranges
PushCoin makes use of the AWS cloud to ensure high availability. The following regions are to be allowed through as specified in this document https://docs.aws.amazon.com/quicksight/latest/user/regions.html
- US East (Ohio) (us-east-2)
- US East (N. Virginia) (us-east-1)
- US West (Oregon) (us-west-2)
Network time sync over NTP
Android devices synchronize its clocks through access to NTP servers at pool.ntp.org and all sub-computers under *.pool.ntp.org like 0.pool.ntp.org
NTP is a UDP-based service using a well-known port 123. We recommend opening traffic on UDP/123 to any remote host.
Google Play
A stock Android device such as a tablet or a smartphone contacts Google Play servers for checking internet connectivity, push notifications and software updates. These services will fail to operate if the Google Play ports TCP and UDP 5228 are blocked.
You can refer to connectivity requirements page on Google Play Help for more information.
Best practices
Due to overall complexity of the system, we recommend that the PushCoin POS terminals run in a dedicated VLAN and a customized set of firewall rules. That way it will be easier to isolate the “PushCoin traffic” without unnecessarily exposing other components of your network.