Page Comparison

RetailNext operates two separate services: a global service based in the United States (denoted as Global Cloud Service) and a separate service operated entirely within China (denoted as China Cloud Service). This page details the comprehensive network requirements for these services.

For a quick reference guide to the Basic Network Requirements, click here.

Store Network

RetailNext Cloud Service

Admin Access

Initial setup (HTTP): TCP 80 →

Discovery (mDNS): UDP 5353 →

Discovery (UPnP): TCP 1900 →

IP Cameras

Video (RTP/RTSP): TCP 554 ←, UDP →

Video (HTTP): TCP 80 ←

In-store Video Playback

Video (WebRTC) UDP 8443 →

Store Appliance

Image Modified

Cloud Service

Management: TCP 8278 →

Required Hosts (Global):

104.154.145.235

China: Static IP addresses are not used. Connections will be made to hosts with the retailnextchina.net domain.

Note: all devices require access to public DNS (TCP/UDP 53 →)

Admin Access

Initial setup (HTTP): TCP 80 →

Discovery (mDNS): UDP 5353 →

Discovery (UPnP): TCP 1900 →

Power

IEEE 802.3af PoE at 15.4W

Aurora

Image Modified

Cloud Service

Management: TCP 8278 →

Required Hosts (Global):

104.154.145.235

China: Static IP addresses are not used. Connections will be made to hosts with the retailnextchina.net domain.

Note: all devices require access to public DNS (TCP/UDP 53 →)

Admin Access

Initial setup (HTTP): TCP 80/443 →

Stereo Sensors

Image Modified

Cloud Service

Data delivery (HTTPS): TCP 443 →

Required Hosts (Global):

35.244.170.41 (*.camera.ops.retailnext.net)

NTP: UDP 123 →
Xovis mgmt.: TCP 80/443 → 34.102.240.84

Audit video (SFTP): TCP 22 → transfers.retailnext.net

Brickstream mgmt.: TCP 2375 → 35.239.184.87

Audit video (FTP) TCP 21 → transfers

Brickstream 3D Gen2 audit video (HTTPS): TCP 443 → *.brk-audit.ops.retailnext.net
Brickstream old models audit video (HTTPS) TCP 443 → *.legacy-brk-audit.ops.retailnext.net

China: these devices are not used

Note: all devices require access to public DNS (TCP/UDP 53 →)

Admin Access

Initial setup (HTTP): TCP 80/443 →

Open-Mesh Switches

Image Modified

Cloud Service

Management: TCP 80/443 →

Required Hosts (Global):

cloud-switch.cloudtrax.com
connkeeper.cloudtrax.com
files.cloudtrax.com
dev.cloudtrax.com
54.245.115.10
35.163.125.115
If allowed, wildcard *.cloudtrax.com is preferred

China: these devices are not used

Note: all devices require access to public DNS (TCP/UDP 53 →)

Admin Access

Initial setup (HTTP):

TCP 80/443 → https://portal.arubainstanton.com

Aruba Instant On Switches

Image Modified

Cloud Service

Onboarding URL used by non-configured Instant On device to reach the cloud: https://onboarding.portal.arubainstanton.com

Cloud Connect URL used by configured Instant On devices to send data to the cloud: https://iot.portal.arubainstanton.com

Software Upgrade URL is used by Instant On devices to get their firmware: https://downloads.portal.arubainstanton.com

Admin Access

Initial setup (HTTP):

TCP 80/443 → retailnext.unmsapp.com

Ubiquiti UniFi and UISP switches

Image Modified

Cloud Service

UISP devices: TCP 80/443 →

retailnext.unmsapp.com

UniFi devices: TCP 8883/8080/443 →

*.ui.com

China: these devices are not used

Note: all devices require access to public DNS (TCP/UDP 53 →) and NTP (TCP/UDP 123)

Aurora & Store Appliances

...

Aurora & Store Appliance Network Summary

Service	Protocol	Port	Direction	Destination	Notes
Sensor control and data delivery	Proprietary	TCP 8278	Outbound	RetailNext cloud service	Requires public DNS
Administrative interface	HTTP/HTTPS	TCP 80/443	Inbound	-
Video retrieval over RTSP	RTSP	TCP 554	Outbound	IP video cameras/encoders	Ports may vary by product
Video retrieval over HTTP	HTTP	TCP 80	Outbound	IP video cameras/encoders	Ports may vary by product
In-store video playback	WS over WebRTC	UDP 8443	Inbound	-
Legacy video retrieval	RTP	UDP high ports	Inbound	-
Discovery	UPnP	UDP 1900	Inbound	-
Discovery	mDNS	UDP 5353	Inbound	-

User Access & Data Integration

All connections for the China Cloud Service will be made to hosts with the retailnextchina.net domain.

End User Access	Protocol	Port	Direction	Destination (Global)	Notes
Browser-based UI	HTTPS	TCP 443	👤 → ☁	*.cloud.retailnext.net	For load balancing, capacity expansion, and high availability, we do not have a static list of the IP addresses for these services. Customers will need to allow Internet access on 443.
Video playback	WS	TCP 443	👤 → ☁	*.cloud.retailnext.net
In-store video playback	WS over WebRTC Data Channel	UDP 8443	👤 → Store network	Store Appliance	Store appliance must have Internet access to communicate with the cloud to check user permissions, etc.
Email	Email	-	☁ → 👤	-	Reports, notifications, and user account management Customers will need to allow mail from `retailnext.net` delivered via `mg.retailnext.net`.
Mobile Application Push Notifications		TCP 443 or 5223	👤 → ☁	-
Data Integration	Protocol	Port	Direction	Destination	Notes
Query API	HTTPS	TCP 443	→ ☁	*.api.retailnext.net	For load balancing, capacity expansion, and high availability, we do not have a static list of the IP addresses for this service.
POS, staffing, store hours, and other file uploads	HTTPS SFTP	TCP 443 TCP 2022	→ ☁	*.upload.ops.retailnext.net sftp.ops.retailnext.net	HTTPS uploads are preferred over SFTP HTTPS: 35.244.192.136, 35.244.228.205 SFTP: 34.68.22.227, 35.244.228.100
Custom exports	HTTPS SFTP	TCP 443 TCP 2022	☁ → 👤	*.api.retailnext.net sftp.ops.retailnext.net	API (HTTPS) downloads are preferred over SFTP SFTP: 34.68.22.227, 35.244.228.100 See /wiki/spaces/KB/pages/3906863105 for more information.
Security events		TCP 443	→ ☁	*.security-events.ops.retailnext.net	35.244.170.41
Health monitoring alerts	Email	-	☁ →	-	Customers will need to allow mail from `retailnext.net` delivered via `mg.retailnext.net`.
POS Integration	Protocol	Port	Direction	Destination	Notes
Lightspeed, Vend, Shopify, Square	API	-	☁ → ☁	-	Requires OAuth setup

Versions Compared

Old Version 40

New Version Current

Key

Aurora & Store Appliances

Aurora & Store Appliance Network Summary

User Access & Data Integration