FlexiPOS - Firewall and Port Requirements for Landi Devices
Overview
This article outlines the network firewall and outbound connectivity requirements for environments using Landi Global devices and services.
To ensure successful device provisioning, communication, remote assistance, firmware downloads, and portal access, IT and network security teams must allow outbound access to the domains and ports listed below.
| Service / Purpose | Hostname (FQDN) | Port(s) | Protocol | Notes |
|---|---|---|---|---|
| Web Portal | connect.landiglobal.com |
443 |
HTTPS | Standard HTTPS access for the management portal. |
| Device Gateway (HTTP) | connect.landiglobal.net |
443 |
HTTPS | Requires Two-way TLS (mTLS) for device communication. |
| Device Gateway (HTTP) | connect.landiglobal.net |
1443 |
HTTPS | Supports One-way TLS for device communication. |
| Device Gateway (TCP) | connect.landiglobal.net |
8443, 6443 |
TCP/TLS | Requires Two-way TLS (mTLS) for direct TCP connections. |
| Device Gateway (TCP) | connect.landiglobal.net |
3443, 2443 |
TCP/TLS | Supports One-way TLS for direct TCP connections. |
| Device Gateway (MQTT) | mqtt.landiglobal.net |
8883 |
MQTT over TLS | Used for real-time messaging and telemetry. |
| File Download Service | landiconnectfiles.s3.ap-southeast-1.amazonaws.com |
443 |
HTTPS | Used for firmware, software, and configuration file downloads hosted on AWS S3. |
| Remote Assistance Service | remote-control.landiglobal.net |
443 |
HTTPS/TCP | Establishes a relay between the master controller and slave controller in TCP mode. Also serves as a backup login port for the controlled endpoint. |
| Remote Assistance Service | remote-control.landiglobal.net |
4118 |
UDP | Establishes a relay between the master controller and slave controller in UDP mode. Also serves as the primary login port for the controlled endpoint. |
| Remote Assistance Session | *.remote-control.landiglobal.net |
Any |
Dynamic | Required for active remote-control session connectivity. Wildcard domain access is recommended. |