Networking & Bretford Connect
Proper network communication of the TechGuard Connect locker with the Bretford Connect service requires proper security and handling of communications ports within your network. Every network is different and the following information can help you prepare for proper configuration and troubleshooting any potential network issues you might run into during setup.
TechGuard Connect Gateway
Each TechGuard Connect locker includes a gateway that provides connectivity to the Bretford Connect service. The front of each gateway provides a series of three (3) indicator lights. These lights provide feedback on the status of the locker and its connection with Bretford Connect, and can be helpful when diagnosing connectivity difficulties
||No IP address
||Requesting DHCP address
||Connecting to IoT service
||Received DHCP address and Current Time
||Connected to IoT service
Dynamic Network Addressing
The TechGuard Connect lockers must be able to obtain an IP address automatically from a DHCP server on the local area network. The TechGuard Connect Lockers do not accept incoming connections, but will respond to ICMP requests (ping). This can be helpful when attempting to verify IP address assignment on a local area network.
Network Time Protocol (NTP)
To properly tag and log activities for each TechGuard Connect locker within Bretford Connect, the TechGuard Connect lockers must be able to communicate with an NTP server. When configuring firewalls, network port 123 (UDP) must be set to allow communications. The default time provider is pool.ntp.org. If an alternate NTP server is preferred, traffic redirection via DNS is the recommended approach.
Security & Firewall Port Handling
All connections and bi-directional communications between the TechGuard Connect Lockers and the Bretford Connect IoT Service are initiated using TLS V1.2 mutual authentication with the cipher suite ECDHE-ECDSA-AES128-GCM-SHA256.
When connecting behind a corporate firewall, additional configuration is typically required to achieve connectivity. The following ports must be configured to allow traffic for any subnet where the lockers will be connected:
|Destination Port Number
||Network Time Protocol
Please note: Bretford Connect is a cloud-native web service that utilizes different technologies to distribute traffic across multiple servers based on geographic load. As such, the IP addresses resolved from the fully-qualified domain names in the table above are subject to change frequently and without notice. If you experience difficulties connecting your TechGuard Connect Locker, we recommend whitelisting all destinations for the ports mentioned above.
We understand that customers need confidence that their lockers are only communicating with Bretford Connect in a secure environment. IP whitelisting is one of the most effective methods of ensuring this so we provide a downloadable CSV listing of Bretford Connect IP addresses below for our customers to reference when establishing and maintaining their corporate network. This list is subject to change over time.