Networking and connectivity details for the Connect+ Series

Use these network requirements to prepare your IT and local network environment for connecting your franking machine to the internet.
Products affected: Connect+® 500W, Connect+® 1000, Connect+® 2000, Connect+® 3000

If you have extensive network security restrictions, your IT or network administrator may need these specifications to prepare for the installation.

URL Information

It is strongly recommended that the firewall reference the URL rather than IP address, which can change over time. The following URLs must be accessible from the Connect+, SendPro P system, without any obstructions.

If IP addresses must be referenced, it is suggested to keep open the block of IP addresses below:

  • 199.231.32.0 to 199.231.47.255
  • 152.144.128.0 to 152.144.128.255
  • 209.85.128.0 to 209.85.255.255
  • 193.242.234.1 to 193.242.234.255
  • 74.125.230.80 to 74.125.230.84
  • 130.57.1.88
  • 31.193.129.122
  • 104.91.38.137

Required URLs

  • Network Test - Built in tool that pings select PB servers for connectivity testing. Used by PB Service (Resides on Linux Desktop).
    • Network Test URLs:
      • http://www.google.com
      • http:// www.l.google.com
      • http://www.novell.com
    • Network Test IP Addresses:
      • 74.125.230.80, 74.125.230.81
      • 74.125.230.82, 74.125.230.83
      • 74.125.230.84
  • SUSE Linux Proxy Test
    • SUSE Linux Proxy Test URLs:
      • ftp.novell.com
      • http://www.l.google.com
  • SUSE Linux Proxy Test IP Addresses:
    • 74.125.230.80
    • 74.125.230.81
    • 74.125.230.82
    • 74.125.230.83
    • 74.125.230.84
    • 130.57.1.88
  • Distributor - Main PB Server that authenticates machine for access to other PB web services.
  • Funds (Funds Management & Refills) - Funds are managed through a separate Funds Server system.
    • Domain:
      • distservp1.pb.com
    • Distributor and Funds URLs:
      • http://distservp1.pb.com (Port 80)
      • https://distservp1.pb.com (Port 443)
      • http://comet2.ct.pb.com (Port 80)
      • https://comet2.ct.pb.com (Port 443)
    • Distributor and Funds IP Addresses:
      • 199.231.45.46
      • 199.231.44.31
  • Rates and Updates (Download Services) - Downloads, new software, graphics, rate price data etc.
    • Domains:
      • pbgdspp1.pb.com
      • clamserver.pb.com
      • pbdlsp1.pb.com
      • MyMS1Configuration.pb.com
      • SMT.pb.com
      • pbgdspp1.pb.com
    • Misc. Data Upload URL:
      • https://pbgdspp1.pb.com/MS1ConfigurationUpload/MS1ProductConfigurationUpload.svc
    • Misc. Data Upload IP Addresses:
      • 199.231.44.148
      • 199.231.44.222
      • 199.231.45.35
      • 199.231.45.41
    • ClamAV URL:
      • http://clamserver.pb.com
    • ClamAV IP Addresses:
      • 199.231.33.54
      • 199.231.35.165
      • 199.231.44.54
      • 199.231.45.165
    • Error log upload URL:
      • http://pbdlsp1.pb.com
    • Error log upload IP Addresses:
      • 199.231.44.30
      • 199.231.45.38
    • Configuration web page URL:
      • https://MyMS1Configuration.pb.com
    • Configuration web page IP Address:
      • 199.231.44.166
    • OS Updates URL:
      • https://SMT.pb.com
    • OS Updates IP Addresses:
      • 199.231.35.165
      • 199.231.44.54
    • File Updates URL:
      • https://pbgdspp1.pb.com/MS1/DlaService.svc
    • File Updates IP Address:
      • 199.231.44.222
    • Orders (CCD) URL:
      • https://pbgdspp1.pb.com/MS1CCD/DlaCCDService.svc
    • Orders (CCD) IP Address:
      • 199.231.44.222
  • Manage Accounts (Accounting) - Separate PB Server that manages Accounting including Account Creation, Reports etc.
    • Domain:
      • ms1app.pb.com
    • Domain:
      • ms1appalm-kdc.pb.com
    • Accounting Web Application URL:
      • https://ms1app.pb.com
    • Accounting Web Application IP Addresses:
      • 199.231.32.67
      • 199.231.35.4
    • Accounting Web Services URL:
      • https://ms1app.pb.com/ms1atweb/services/
    • Accounting Web Services IP Address:
      • 199.231.32.47
  • On Line Help - This is the online support website.
    • On Line Help URLs:
      • http://eureka.pitneybowes.com/sendpro-p-series/en-ie/sdh008-help-ie/Default.htm
    • On Line Help IP Addresses vary due to using Amazon Web Services.
  • Health Data Update - Machine Health Information upload
    • Domain:
      • pb.com
    • Health Data Update URL:
      • https://cplus-logs-fusion.pb.com/api/v1/uploads
    • Health Data Update IP Addresses:
      • 199.231.33.6
      • 199.231.44.12

Optional Firewall exceptions (enabled by default)

  • Connect with PB - Utility website to contact Pitney Bowes
    • Connect with PB URL:
      • http://www.pitneybowes.ie/connect-plus/connect-with-pb.shtml
    • Connect with PB IP Address:
      • 199.231.33.6
  • Apps - Utility website for additional applications and tools.
    • Apps URL:
      • http://www.pitneybowes.ie/connect-plus/apps.shtml
    • Apps IP Address:
      • 199.231.33.6
  • Parcels - Utility website for tracking and sending parcels.
    • Parcels URL:
      • http://www.pitneybowes.ie/connect-plus/parcels.shtml
    • Parcels IP Address:
      • 199.231.33.6
  • Buy Supplies - Utility website to order supplies.
    • Buy Supplies URL:
      • https://www.pitneybowes.com/ie/contact-us.html
    • Buy Supplies IP Address:
      • 199.231.33.6
  • An Post - Utility website for An Post.
    • An Post URL:
      • http://www.anpost.ie/AnPost/
    • An Post IP Address:
      • 159.134.187.15

TeamViewer

TeamViewer is used by service and sales for remote diagnostics and training. A TeamViewer session can only be initiated by someone on the customer end and therefore the system cannot be accessed without the customers knowledge. All communication is initiated from the Connect+, SendPro P system via ports 80 (HTTP) and 443 (HTTPS). All communication from the Connect+, SendPro P system to the back end system is in the form of XML messages.

There are two options to unblock Teamviewer:

  1. General unlocking of Port 5938 TCP for outgoing connections (recommended). Port 5938 is only used by a few programs and therefore is no security risk. This traffic should then neither be filtered or cached.
  2. Unlocking of URLs of the following formats (to any Server)
  • GET /din.aspx?s=…&client=DynGate…
  • GET /dout.aspx?s=…&client=DynGate…
  • POST /dout.aspx?s=…&client=DynGate…

Regardless of which method is chosen to unblock TeamViewer, also check that no content filter or similar is blocking one of the following URLs:

  • *.teamviewer.com
  • *.dyngate.com

Communications

  • All communication is initiated from the Connect+ Series system via ports 80 (HTTP) and 443 (HTTPS).
  • All communication from the Connect+ Series system to the back end system is in the form of XML messages.

Port 80 (HTTP)

  • OS Update
  • AV Updates
  • Web Services
  • TeamViewer

Port 443 (HTTPS)

  • The Connect+ Series system will send requests to refill or audit its PSD (Postal Security Device) based on a low funds or inspection date. Audits occur if the PSD inspection date has expired.
  • Transaction Records from the Connect+ Series system are automatically uploaded when:
    • The system goes into sleep mode.
    • While powering down the system.
    • Activating web accounting services.
    • Uploading postal information.
  • On power up the system refreshes the web service (checks for Software, Rates and Graphic Updates. It will also contact Supplies, My Account, Tracking etc.) configuration data.

Port 53

  • DNS lookup

If your IT department uses a rules-based method for allowing specific ports to pass traffic on their network for port 53, you must allow both UDP and TCP traffic to this port. Port 53 listens for DNS requests and may respond on either protocol, based on the type of request it receives. Short responses should come in over UDP. Longer, more detailed responses on TCP.

Advanced Network Requirements

  • The Connect+ Series system will require a high-speed network connection.
  • The Connect+ Series system will initiate all communication.
  • The Connect+ Series system will initiate all communication (via HTTP or HTTPS), so it can safely sit behind most corporate firewalls.
  • The Connect+ Series system will communicate to external Web Services via HTTP over Port 80.
  • The Connect+ Series system will communicate to PB secure server(s) via HTTPS over port 443.
  • The Connect+ Series system will use Port 53 for DNS lookup.
  • Pitney Bowes requires a minimum network bandwidth of 384 kbps (upstream and downstream) to operate, but we recommend 1 Mbit/sec for best performance.
  • It is recommended that 3G modem devices are not shared across multiple Connect+ Series systems.
  • Customer owned web filtering devices or software, as well as SSL packet inspection should be disabled for these ports as they can affect performance.
  • The wired Ethernet port supports 10/100 MBit/sec connections.  If using a GigaBit port, please enable the ability for it to auto-negotiate down to a 10/100 MBit/sec connection.

If you are unable to connect to the internet, ask your IT department or internet provider to check the internet settings.

UPDATED: 21 June 2023