Overview

If you are using a Bolt Terminal device in a highly-restricted network environment, you might need to allow outbound traffic between your network and CardConnect to ensure that your environment can connect to the CardPointe Gateway and Bolt servers.

If your network configuration includes firewall rules to restrict traffic, ensure that you allow outbound traffic to the following IP address ranges:

  • 198.62.138.0/24
  • 206.201.63.0/24

The following topics describe the addresses used by each Bolt and CardPointe Gateway resource in greater detail.

All application configurations should only reference the fully-qualified domain name (FQDN) of the Bolt or CardPointe Gateway services, instead of hard-coding IP addresses. This will mitigate the need for changes when services migrate between data center locations.

Bolt Terminal Traffic Routing

The following table applies to all Bolt users, including those using an integrated Bolt Terminal solution as well as merchants using Bolt Terminal devices with the CardPointe Virtual Terminal. 

Destination NameDestination AddressesPortDescriptionEnvironmentProtocol
bolt.cardpointe.com
  • 198.62.138.0/24
  • 206.201.63.0/24
443Bolt Terminal API Connection
PRODTCP
bolt-terminal.cardpointe.com
  • 198.62.138.0/24
  • 206.201.63.0/24
443Bolt Terminal Gateway Connection
PRODTCP
bolt-uat.cardpointe.com
  • 198.62.138.0/24
  • 206.201.63.0/24

443

Bolt Terminal API Connection
UATTCP
bolt-terminal-uat.cardpointe.com
  • 198.62.138.0/24
  • 206.201.63.0/24
443Bolt Terminal Gateway ConnectionUATTCP

CardPointe Gateway IP Addresses (used by Bolt)

The following table provides the CardPointe Gateway IP addresses used by Bolt. 

For merchants integrated to the Bolt solution, your connection is configured for a particular Gateway site for example, "fts" or "boltgw."  Refer to the exact URL that you were provided by our Integration Delivery Team or software vendor to ensure that you are whitelisting the correct network information. 

In the following table, <sitename> refers to the host parameter of the URL that you connect to (for example, fts.cardconnect.com, or boltgw.cardconnect.com).

Destination NameDestination AddressPortDescriptionEnvironmentProtocol
<sitename>-uat.cardconnect.com
  • 198.62.138.0/24
  • 206.201.63.0/24
443CardPointe Gateway
UATTCP
<sitename>.cardconnect.com
  • 198.62.138.0/24
  • 206.201.63.0/24
443CardPointe Gateway

PROD

TCP
tms.cardconnect.com
  • 198.62.138.0/24
  • 206.201.63.0/24

443

TMS
PRODTCP

Frequently Asked Questions

Why do I need to allow these connections?

Most firewalls block or restrict traffic to limit access to only necessary users and services. If you restrict traffic in your environment, you must add the IP address ranges in this guide to your list of trusted IP addresses to allow traffic to and from the required services.

What is a firewall?

A firewall is a part of a computer or network that is designed to block unauthorized access while permitting outward communication

What is ingress and egress traffic?

  • Ingress traffic originates outside of a business' routers and travels to a destination inside of the business' network
    • Example: An ingress email originates outside of a business' computer network, is passed over the internet and then enters the business' network before it's delivered to the recipient
  • Egress traffic begins inside of a business' network and travels through its routers to a destination outside of the network
    • Example: An egress email email travels from a user's computer and passes through a business' network routers before it is delivered to the internet to travel to a final destination