Search

Are you looking for test card numbers?

Would you like to contact support?

Point-of-sale icon

Network configuration

Recommendations for configuring your network.

When you make a point of sale transaction, your cash register, terminal, and Adyen will need to be able to communicate with one another. The flow of this communication depends on whether your integration uses local or cloud communications. To enable this communication, you need to configure your network to allow access to specific ports and addresses.

Network communications flow

When you make a transaction, your integration uses one of the following communications flows:

Local communications

Cloud communications

Configuring your network

To configure your network for point of sale communications:

  1. If you need to whitelist IP addresses, add Adyen's domains to your firewall's whitelist.
    Configure your firewall to allow outgoing HTTPS traffic from the IP addresses of your cash registers and terminals to:

    • *.adyen.com
    • *.adyenpayments.com

    Whitelisting should be based on the DNS name of these URLs. Your firewall should dynamically check for IP address updates, at least every 60 seconds.

    Do not hard-code Adyen's IP addresses, as these can change over time. We do not share a list of our IP addresses publicly.

  2. Open the ports:

    • tcp/443 to the internet.
    • tcp/8443 on your LAN.

  3. If your integration uses local communications:
    • Ensure that your terminal and cash register are connected to the same local network.
    • Protect the communications between your cash register and terminal.
  4. If you are using a legacy setup where the cash register and terminal communicate over a serial connection, use hardware flow control.

Configuring the terminal IP address

To send payments for online authorisation, a terminal must have a valid IP address configuration. There are two ways to assign an IP address to a terminal:

  • Dynamic IP: Your DHCP server assigns an IP address to the terminal.
  • Static IP: You enter the IP address and other configuration details manually on the terminal.

It is not possible to have a mix of terminals with dynamic IPs and terminals with static IPs. It's also not possible to configure an IP address from the Customer Area.

By default, DHCP is enabled on the payment terminal. With this setting, your DHCP server assigns an IP address to the terminal. If you are not able to use a DHCP server, you need to disable DHCP and define a static IP address for the terminal:

To configure a static terminal IP address:

  1. On the connected terminal, go to the Admin menu:
    1. Select 9 and then Confirm. (On some models, it is Confirm and then 9.)
    2. Enter the Admin PIN code and select the Confirm button.
      Where do I find the Admin PIN?
  2. Select Network and then, depending on your connection type:

    Connection type Select
    Wired Ethernet.
    Wireless WiFi > select your Wi-Fi network > IP Settings.
    Bluetooth Bluetooth > IP Settings.
  3. In IP Settings, clear the Use DHCP check box.
  4. Enter your network details. To type a period (.), press 1 twice. Enter the IP address, the Subnet mask, the Default gateway, the Preferred DNS, and the Alternate DNS.

    The static IP address must be unique in the network and, if you have more than one terminal, unique for each terminal.

  5. Select Apply.

General networking recommendations

To prevent network issues from interfering with your point of sale transactions, we recommend that you:

  • Use a segmented network, dedicated to point of sale communications.
  • Use a DHCP server to define unique static IP addresses for your terminals.
    If you are not able to use a DHCP server, define static IP addresses for your terminals on your local network.
  • Make a DNS server accessible from your local network. This should be able to resolve *.adyen.com and *.adyenpayments.com.

    If you use a caching name-server, the Time to live (TTL) set by Adyen must be honored (60 seconds for Disaster Recovery).

  • If you use intrusion detection (IDS) and prevention systems (IPS), ensure they are using up to date firmware and signatures. If these are out of date, the encrypted communications used by your integration may be disrupted.
  • Connect your cash registers and terminals to an uninterrupted power supply (UPS).
  • Use a cellular backup connection by:

    • Having an automatic cellular failover on your main router.
    • Using terminals that have a built-in cellular connection, such as a Portable or Mobile terminal.

  • If the network connection is fine but you are noticing issues with terminals and payments that seem to point to network connection problems, refer to Dropped network packets when the internet connection is available.

If you need more information on configuring your network, contact our POS Support Team.

Wi-Fi recommendations

To connect your Adyen terminals over Wi-Fi, your access point needs to support:

  • WPA/WPA2-Enterprise encryption, or WPA/WPA2-Personal encryption.
  • 2.4Ghz or 5Ghz frequencies.

    If you use Verifone e285 terminals, your Access Point must support 2.4Ghz channels.

In addition, we recommend that you:

  • Configure a remote Wi-Fi profile from your Customer Area, under Point of sale > Terminal settings > Connectivity.

    To use Enterprise encryption, using a remote Wi-Fi profile is mandatory.

  • Use a dedicated private wireless network.
  • If your integration uses local communications, disable the Wireless Isolation, AP Isolation, Client Isolation, or other similar features on your access point.

Using a proxy

Adyen terminals do not support proxy connections. If your network uses a proxy, allow your terminals to bypass the proxy and connect directly to the Adyen payments platform.

Handling loss of internet connectivity

When a transaction is declined because of a network connection issue, the error condition you receive for the transaction is UnreachableHost.

There are several ways you can continue making transactions when your primary internet connection is unavailable. These are:

  • Use a 3G/4G failover connection. When your primary internet connection fails, transactions are processed using the cellular connection.
  • Enable offline transactions. This will allow you to continue processing transactions when your store has no internet connection.

    Offline transactions are only available for integrations that use local communications.
    You are fully liable for the risk of failed captures, chargebacks, and disputes related to payments that you process offline.

Using 3G/4G failover

To use a cellular connection as a backup, you can either:

Using 3G/4G terminals

The Verifone V400m and e285 terminals have built-in 3G/4G hardware and pre-installed SIM cards. If your primary internet connection drops, these terminals will automatically switch to processing payments using their cellular 3G or 4G connection. They will also switch back to using your primary internet connection once this is available again.

To enable a 3G/4G terminal connection, contact our POS Support Team. There is an additional monthly cost for using this service.

Many European mobile network operators will discontinue support for 3G from 2020 onwards. If you're located in Europe, you may want to use 4G terminals instead of 3G terminals.

Using a 3G/4G router

If your terminals don't have built-in cellular hardware, we recommend installing a router with 3G/4G network failover. To ensure you get the best cellular reception, you should also install external 3G/4G antennas.

See also