If you have extensive network security restrictions, your IT or network administrator may need these specifications to prepare for the installation.
It is strongly recommended that the firewall reference the URL rather than IP address, which can change over time. The following URLs must be accessible from the Connect+, SendPro P system, without any obstructions.
If IP addresses must be referenced, it is suggested to keep open the block of IP addresses below:
- 18.104.22.168 to 22.214.171.124
- 126.96.36.199 to 188.8.131.52
- 184.108.40.206 to 220.127.116.11
- 18.104.22.168 to 22.214.171.124
- 126.96.36.199 to 188.8.131.52
- Network Test - Built in tool that pings select PB servers for connectivity testing. Used by PB Service (Resides on Linux Desktop).
- Network Test URLs:
- http:// www.l.google.com
- Network Test IP Addresses:
- 184.108.40.206, 220.127.116.11
- 18.104.22.168, 22.214.171.124
- SUSE Linux Proxy Test
- SUSE Linux Proxy Test URLs:
- SUSE Linux Proxy Test IP Addresses:
- Distributor - Main PB Server that authenticates machine for access to other PB web services.
- Distributor URLs:
- Distributor IP Addresses:
- Funds (Funds Management & Refills) - Funds are managed through a separate Funds Server system.
- Funds URLs:
- Funds IP Addresses:
- Rates and Updates (Download Services) - Downloads, new software, graphics, rate price data etc.
- Misc. Data Upload URL:
- Misc. Data Upload IP Addresses:
- ClamAV URL:
- ClamAV IP Addresses:
- Error log upload URL:
- Error log upload IP Addresses:
- Configuration web page URL:
- Configuration web page IP Address:
- OS Updates URL:
- OS Updates IP Addresses:
- File Updates URL:
- File Updates IP Address:
- Orders (CCD) URL:
- Orders (CCD) IP Address:
- Manage Accounts (Accounting) - Separate PB Server that manages Accounting including Account Creation, Reports etc.
- Accounting Web Application URL:
- Accounting Web Application IP Address:
- Accounting Web Services URL:
- Accounting Web Services IP Address:
- On Line Help - This is the online support website.
- On Line Help URLs:
- On Line Help IP Addresses vary due to using Amazon Web Services.
- Health Data Update - Machine Health Information upload
- Health Data Update URL:
- Health Data Update IP Addresses:
Optional Firewall exceptions (enabled by default)
- Connect with PB - Utility website to contact Pitney Bowes
- Connect with PB URL:
- Connect with PB IP Address:
- Apps - Utility website for additional applications and tools.
- Apps URL:
- Apps IP Address:
- Parcels - Utility website for tracking and sending parcels.
- Parcels URL:
- Parcels IP Address:
- Buy Supplies - Utility website to order supplies.
- Buy Supplies URL:
- Buy Supplies IP Address:
- News and Offers - Utility website for promotions and mailing news.
- News and Offers URL:
- News and Offers IP Address:
- Royal Mail - Utility website for Royal Mail links.
- Royal Mail URL:
- Royal Mail IP Address:
Optional firewall exceptions (disabled by default)
- Receive a Package - Receive a Package application.
- Receive a Package URL:
- Receive a Package IP Addresses:
- Shipping application
- Shipping Base URL:
- Login URLs
TeamViewer is used by service and sales for remote diagnostics and training. A TeamViewer session can only be initiated by someone on the customer end and therefore the system cannot be accessed without the customers knowledge. All communication is initiated from the Connect+, SendPro P system via ports 80 (HTTP) and 443 (HTTPS). All communication from the Connect+, SendPro P system to the back end system is in the form of XML messages.
There are two options to unblock Teamviewer:
- General unlocking of Port 5938 TCP for outgoing connections (recommended). Port 5938 is only used by a few programs and therefore is no security risk. This traffic should then neither be filtered or cached.
- Unlocking of URLs of the following formats (to any Server)
- GET /din.aspx?s=…&client=DynGate…
- GET /dout.aspx?s=…&client=DynGate…
- POST /dout.aspx?s=…&client=DynGate…
Regardless of which method is chosen to unblock TeamViewer, also check that no content filter or similar is blocking one of the following URLs:
Port 80 (HTTP)
- All communication is initiated from the Connect+, SendPro P system via ports 80 (HTTP) and 443 (HTTPS).
- All communication from the Connect+, SendPro P system to the back end system is in the form of XML messages.
Port 443 (HTTPS)
- OS Update
- AV Updates
- Web Services
- The Connect+, SendPro P system will send requests to refill or audit its PSD (Postal Security Device) based on a low funds or inspection date. Audits occur if the PSD inspection date has expired.
- Transaction Records from the Connect+, SendPro P system are automatically uploaded when:
- The system goes into Sleep Mode.
- While powering down the system.
- Activating Web Accounting Services.
- Uploading Postal Information.
- On power up the system refreshes the web service (checks for Software, Rates and Graphic Updates. It will also contact Supplies, My Account, Tracking etc.) configuration data.
If your IT department uses a rules-based method for allowing specific ports to pass traffic on their network for port 53, you must allow both UDP and TCP traffic to this port. Port 53 listens for DNS requests and may respond on either protocol, based on the type of request it receives. Short responses should come in over UDP. Longer, more detailed responses on TCP.
Advanced Network Requirements
- The Connect+, SendPro P system will require a high-speed network connection.
- The Connect+, SendPro P system will initiate all communication.
- The Connect+, SendPro P system will initiate all communication (via HTTP or HTTPS), so it can safely sit behind most corporate firewalls.
- The Connect+, SendPro P system will communicate to external Web Services via HTTP over Port 80.
- The Connect+, SendPro P system will communicate to PB secure server(s) via HTTPS over port 443.
- The Connect+, SendPro P system will use Port 53 for DNS lookup.
- Pitney Bowes requires a minimum network bandwidth of 384 kbps (upstream and downstream) to operate, but we recommend 1 Mbit/sec for best performance.
- It is recommended that 3G modem devices are not shared across multiple Connect+, SendPro P systems.
- Customer owned web filtering devices or software, as well as SSL packet inspection should be disabled for these ports as they can affect performance.
If you are unable to connect to the internet, ask your IT department to check the internet settings before you contact Pitney Bowes. If you still need assistance, please use the Contact Us
UPDATED: May 07, 2021