QUEST INTEGRATION GUIDE
PRODUCTS & DEVICES
All Tapin2 Devices require an outbound connection to the Tapin2 Cloud.
KIOSK
Kiosks connect via ethernet or WIFI. IP address does not have any relevance in the way the Kiosks communicate, they can either be Dynamically or Statically assigned IP addresses at the discretion of the Network Administrator.
ORDER TAKER/HAWKER
Order Taker & Hawker devices require a WIFI connection. The devices are also capable of connecting via LTE. SIM Cards for LTE are furnished by the client. When the devices are disconnected from WIFI they will fail over to the LTE cellular data. The IP address does not have any relevance in the way the devices communicate, they can either be Dynamically or Statically assigned IP addresses at the discretion of the Network Administrator.
PRINTING
LOCAL PRINTING – Local Printers are only used in conjunction with the Kiosk Product. Local Printers are locally connected to the Kiosk via a USB-B cable.
NETOWORK PRINTING – Network Printers require a WIFI or LAN Connection. Network Printers are not required to be on the same VLAN as the Tapin2 Order Devices. The IP address does not have any relevance in the way the Printers communicate, they can either be Dynamically or Statically assigned IP addresses at the discretion of the Network Administrator.
KITCHEN DISPLAY SYSTEM (KDS)
The Tapin2 KDS is web based. The KDS screens require a WIFI or LAN Connection. They are IP agnostic i.e. no order routing is done via IP Addresses. KDS Devices can either be Dynamically or Statically assigned IP addresses at the discretion of the Network Administrator.
VLAN REQUIREMENTS
VLANs FOR Tapin2 only require an internet connection. It does not make a difference if Tapin2 devices are on the same VLAN as everything is communicated through the cloud.
-------------------------------------------------------------------------------------------------------------------
QUEST INTEGRATION REQUIREMENTS
Quest Version must be 2.30.4 or higher to integrate with Tapin2. Reverse Proxy Solution applicable to v2.30.8 or higher. DMZ Solution is required for Quest v2.30.7 or lower.
VLAN
- Tapin2 cannot reside on the same VLAN as Quest as the Quest VLAN does not have outbound access.
IP ADDRESSES
- The Tapin2 IP Addresses listed above will all need to be whitelisted for inbound access to the DMZ.
- When implementing the DMZ Integration the External IP address of the DMZ server will need to be sent to Tapin2. The external IP of the DMZ Server is plugged into the web service call in the Tapin2 Cloud which facilitates the communication to the DMZ server.
PORTS
- The decision for HTTP or HTTPS communication is at the discretion of the client. However, Tapin2 recommends HTTPS for the most secure communication.
- When communicating via HTTP Tapin2 uses port 80 by default but can use any port is specified.
- When communicating via HTTPS Tapin2 uses port 443 by default but can use any port specified.
QUEST v2.30.8~Higher
REVERSE PROXY SERVICE
To use the Reverse Proxy Service solution for Integration with Quest, Quest must be on v2.30.8 or above. This solution allows Quest to make a call out to the Tapin2 Cloud as opposed to the Tapin2 Cloud making calls to the Quest Web Service.
Reverse Proxy Service Implementation Process:
- Tapin2 IP and FQDN need to be allowed by Customer IT for bi-directional communication with Quest:
- Tapin2 Configures Proxy Setup for Venue in Tapin2 Cloud and sends unique venue Proxy URL to NCR
- Tapin2 IP: 138.91.79.52
- Tapin2 FQDN: https://quest.tapin2proxy.co/Tpn2_QuestMenuProxy/{VENUE NAME}/Services/QuestMenu.asmx
- NCR accesses Quest server to:
- Install Quest Web Service
- Configure Proxy and verify local connectivity to Quest Database
- Client to creates Tapin2 Web Service Terminals, Locations, and Keypads in Quest Venue Manager
- Client sends Tapin2 the Web Service Terminal IDs denoting which Locations are assigned to each one
- Sync is initiated by Tapin2 to confirm validity of Quest Integration
- Tapin2 Configures Proxy Setup for Venue in Tapin2 Cloud and sends unique venue Proxy URL to NCR
QUEST v2.30.4~2.30.7
DMZ SERVER – REQUIRED FOR SECURE COMMUNICATION BETWEEN TAPIN2 CLOUD AND QUEST DATABASE
For PCI Compliance a DMZ VLAN is needed for the Tapin2 IIS Server to reside on. This server acts as a buffer between the Tapin2 Cloud and the Quest Environment. The Quest Web Service is installed on this server. Tapin2 devices send transactions to the Tapin2 cloud. From there the Tapin2 Cloud calls the Quest Web Service and sends the sales data. The Quest Environment then communicates with the DMZ Server over SQL Port 1433 to securely receive the data.
DMZ Server Specifications – DMZ Server can either be VM or small form factor PC with the following specs:
- 4 Cores, 2.8-3.0 GHz each (2.8 GHz minimum speed)
- 2 GB RAM per core
- Standard hard drive, 100 GB free
- Ethernet Network connectivity
- Any Supported version of Windows or Windows Server
DMZ Server Implementation Process:
- DMZ VLAN Created
- IF communicating via HTTPS an SSL Certificate will need to be provided and installed by Customer IT. Self-signed Certs are not recommended. Tapin2 uses the following DNS naming scheme but this is also at the discretion of the client if they have their own naming convention:
- Https://tp2{site name}.{Customer Domain}.com
- Port 443 Need to be opened to allow communication between the Tapin2 cloud and the IIS Server on the DMZ VLAN
- Port 1433 SQL need to be opened to allow communication from the DMZ Server to Quest
- The following new IPs need to be whitelisted:
- Primary App server
- 13.77.176.66
- 138.91.79.52
- Outbound App IPs
- 13.77.162.15
- 13.66.163.227
- 13.66.158.57
- 13.66.165.49
- 13.66.175.2
- 13.66.163.18
- 13.77.161.12
- 13.77.160.237
- Primary App server
- DMZ Server Installed by Client
- NCR Enables/Configures IIS on DMZ Server
- NCR Installs Quest Web Service on DMZ Server
- NCR confirms Local Communication from DMZ Server to Quest DB over SQL Port 1433
- External Address of DMZ Server sent to Tapin2 by Client or NCR
- The external IP provided will be used in the following URL to facilitate the communication necessary for Tapin2 and Quest to sync:
- Web Service Terminals, Locations, and Keypads built in Quest Venue Manager. Web Service Terminal IDs sent to Tapin2 by Client or Quest
- Sync is initiated by Tapin2 to confirm validity of Quest Integration
- IF communicating via HTTPS an SSL Certificate will need to be provided and installed by Customer IT. Self-signed Certs are not recommended. Tapin2 uses the following DNS naming scheme but this is also at the discretion of the client if they have their own naming convention: