If you are using a CardPointe Integrated Terminal device in a highly-restricted network environment, you might need to allow outbound traffic between your network and ours to ensure that your environment can connect to the CardPointe Gateway and CardPointe Integrated Terminal servers.
If your network configuration includes firewall rules to restrict traffic, ensure that you allow outbound traffic to the following IP address ranges:
- 198.62.138.0/24
- 206.201.63.0/24
The following topics describe the addresses used by each CardPointe Integrated Terminal and CardPointe Gateway resource in greater detail.
All application configurations should only reference the fully-qualified domain name (FQDN) of the CardPointe Integrated Terminal or CardPointe Gateway services, instead of hard-coding IP addresses. This will mitigate the need for changes when services migrate between data center locations.
The following table applies to all CardPointe Integrated Terminal users, including those using an integrated CardPointe Integrated Terminal solution as well as merchants using CardPointe Integrated Terminal devices with the CardPointe Virtual Terminal.
| Destination Name | Destination Addresses | Port | Description | Environment | Protocol |
|---|---|---|---|---|---|
| bolt.cardpointe.com |
| 443 | CardPointe Integrated Terminal API Connection | PROD | TCP |
| bolt-terminal.cardpointe.com |
| 443 | CardPointe Integrated Terminal Gateway Connection | PROD | TCP |
| bolt-uat.cardpointe.com |
| 443 | CardPointe Integrated Terminal API Connection | UAT | TCP |
| bolt-terminal-uat.cardpointe.com |
| 443 | CardPointe Integrated Terminal Gateway Connection | UAT | TCP |
CardPointe Gateway IP Addresses (used by CardPointe Integrated Terminal)
The following table provides the CardPointe Gateway IP addresses used by CardPointe Integrated Terminal.
For merchants integrated to the CardPointe Integrated Terminal solution, your connection is configured for a particular Gateway site for example, "fts" or "boltgw." Refer to the exact URL that you were provided by our Integration Delivery Team or software vendor to ensure that you are whitelisting the correct network information.
In the following table, <sitename> refers to the host parameter of the URL that you connect to (for example, fts.cardconnect.com, or boltgw.cardconnect.com).
| Destination Name | Destination Address | Port | Description | Environment | Protocol |
|---|---|---|---|---|---|
| <sitename>-uat.cardconnect.com |
| 443 | CardPointe Gateway | UAT | TCP |
| <sitename>.cardconnect.com |
| 443 | CardPointe Gateway | PROD | TCP |
| tms.cardconnect.com |
| 443 | TMS | PROD | TCP |
Why do I need to allow these connections?
Most firewalls block or restrict traffic to limit access to only necessary users and services. If you restrict traffic in your environment, you must add the IP address ranges in this guide to your list of trusted IP addresses to allow traffic to and from the required services.
What is a firewall?
A firewall is a part of a computer or network that is designed to block unauthorized access while permitting outward communication
What is ingress and egress traffic?
- Ingress traffic originates outside of a business' routers and travels to a destination inside of the business' network
- Example: An ingress email originates outside of a business' computer network, is passed over the internet and then enters the business' network before it's delivered to the recipient
- Egress traffic begins inside of a business' network and travels through its routers to a destination outside of the network
- Example: An egress email email travels from a user's computer and passes through a business' network routers before it is delivered to the internet to travel to a final destination