Here is an overview of the system requirements for Consignor including ports, webservices and IP addresses used.

• Consignor system requirements
• Consignor Portal and Drop Zone requirements
• Scan App requirements
• Date and time
• Label size
• Network requirements and ports
• Secure data transfer
• SPF record
• Folder security
• Printer requirements
• Portal DNS Servers to be whitelisted
• Consignor webservices and URLs

Consignor system requirements 

It is possible to install Consignor on a shared server but we recommend using a dedicated server for Consignor. This will ensure a more stable performance. We also do not recommend installing Consignor on a domain controller. 

Consignor Portal, Consignor Ticket and Drop Zone requirements

Scan App requirements

Scan App is available for Android and iOS. It runs on iOS 9 or later or Android 4.1 or later. It is recommended to always keep the app updated to the latest version. 

• Download Scan App for iPhone here
• Download Scan App for Android here

IP addresses used by Scan App

Use these IP addresses if you need to use a fixed IP address for Scan App:

• 108.128.248.209
• 99.81.216.63
• 54.194.215.197

Date and time

Date and time must be set correctly on your system to ensure the best performance. Incorrect date and time on your server may cause performance degrade and missing or invalid data in Consignor Portal. It is also important to use correct date and time if you are using our APIs to make sure security tokens are valid.

Check current date and time on www.timeanddate.com. If your system is in sync within a 5 minute margin of the time on this page it should be correct. 

Label size

Labels in Consignor are optimized for themal labels sized 100x192 mm (EU+international) or 4x6 inch (US). Larger sized labels will also do but please note that if you are using smaller sized labels, only the labels from selected carriers will be printed correctly. 

Network requirements and ports

Ports in use by Consignor externally:

TCP 80/443 (HTTP/HTTPS - Consignor uses a handful of webservices, read more in this section: Consignor webservices and URLs.
TCP 21 (FTP/FTPS - Consignor may be configured to use FTP/FTPS, if you are uncertain about your configuration please contact your local Customer Service department)
TCP 9999 (SFTP - Consignor may be configured to use SFTP, if you are uncertain about your configuration please contact your local Customer Service department-)
TCP 25 (SMTP - Consignor may be configured to use SMTP (Mail), if you are uncertain about your configuration please contact your local Customer Service department.)

Local ports in use by Consignor:

52346 (In use by client to connect to Consignor server).
52345 (In use by clients when fetching updates from Consignor server).
52347 (In use by Consignor server for a local process "import.exe" running an integration module).
52348 (In use by Consignor server for a local process "JobExecutor.exe" running multiple tasks).
Note: These local ports can be configured, contact your local Customer Service department if this is needed.

Note that Consignor is a software that uses MS SQL Server for its database, the database communication is done by both CONSIGNOR server and CONSIGNOR client. See Microsoft's site for details on network requirements: https://support.microsoft.com/en-us/kb/287932.

Secure data transfer

Web Services
We have secure data transfer (HTTPS) between all Consignor internal web services.
Exceptions are 3^rd party web services, which does not support secure connections, i.e. transmit of data to carriers (EDI).

Consignor On-premises
All web services called from Consignor On-premises can use HTTPS if the option is activated in Consignor On-premises settings. FTP depends on configuration. We support FTP, FTPS and SFTP.
SMTP depends on configuration (e.g. mailback). 

Consignor Ticket/Shipment Server API 
The communication protocol is HTTPS (port 443). 

Data upload to Consignor Portal
The communication protocol is HTTP (port 80).
HTTPS is not yet supported on this (work in progress).

Drop Zone
Drop Zone always uses port 80 and 443 or 8089. It is a configuration choice to use either port 443 with SSL/TLS protocol, or port 8089 without. Port 8089 may be configured to another number.

Consignor Portal API (data web services)
Available both with HTTP (port 80) and HTTPS (port 443).

http://customer-api.consignorportal.com/PortalData/PortalData.svc

https://customer-api.consignorportal.com/PortalData/PortalData.svc 

SPF record

Some customers are using Consignor’s SMTP server along with their own email server on their own domain. It is mandatory to add an SPF record to your domain, to avoid emails sent through Consignor’s SMTP server being classified as spam.

An SPF record is a txt record added to your domain’s DNS and is specific for each domain.

Example of a SPF record including Consignor’s SMTP servers:
v=spf1 mx include:spf.protection.outlook.com include:_spf.consignor.com ~all

You MUST include the "include:_spf.consignor.com" if you are sending e-mails from our solution.

Read more about SPF:

• https://support.google.com/a/answer/33786?hl=en

• https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-spf-in-office-365-to-help-prevent-spoofing

Folder security

Folder security on Consignor On-premises server:
When installing Consignor server, it is required that the user executing the installation package is a local administrator. Following that it is expected that the user (or 'Local System account' running our local service "Consignorserver" have local administrator rights. If the Consignorserver service is not run with local administrator rights not all functionalities will run properly.

Folder security on Consignor On-premises client:
The user logged on to Windows needs to have access to read the local folder where Consignor On-premises client is installed (by default: C:\Program Files (x86)\Consignor client\
Every user that opens up Consignor client will try to create a folder with configuration files under C:\Users\<username>\appdata\roaming\Consignor\Consignor - to be able to create and maintain these configuration files the Windows user account should have proper access here.

NOTE: After an update on Consignor server, Consignor will run the proces UpdateClient.exe (found in the Consignor client installation folder). The user that opens up the client needs to have read and write access to the Consignor client installation folder.

Folder security for Consignor file drop integration:
When using file drop integration it is required that the service Consignorserver have access to read and write to the configured folders.

Printer requirements

Printer requirements on Consignor client:
The user logged on to Windows needs to have the "Print" permission to the printer driver - Consignor by default tries to check printer status which requires the security permission "Manage this printer". This status check can be turned off if needed. 

Printer requirements on Consignor server:
Regular printing requirements on server. This method have the same printer requirements as CONSIGNOR client have.

Automated printing requirements on server:
The automated printing (auto print etc) are executed by the local service 'Consignorserver', and this service needs the proper rights. Read more here: Printer setup in Consignor On-premises.

Portal DNS Servers to be whitelisted

Some customers need to whitelist DNS/IPs in their firewall or FTP. Here's an overview of the IP addresses used:

Portal SmartServer

portalsmartserver.consignorportal.com

Portal Gateway (ReturnData & ExportData)

portalgateway.consignorportal.com (54.229.144.217)

APIs (there will be multiple APIs on this URL)

https://api.consignorportal.com/ (The correct result for this URL is a message saying "403 - Forbidden: Access is denied.")

Consignor webservices and URLs

Consignor uses several webservices, we recommend that the webservices mentioned underneath are whitelisted in firewalls etc.

Our servers runs mainly on these sites for webservices outgoing on port 80 / 443:
http://ws2.consignorsupport.no
http://ws.consignorsupport.no 

Our webservices support TLS 1.2

Adress lookups, drop point validation etc:
http://ws2.consignorsupport.no/AddressLookupWS/Main.asmx


Automatic refill of shipment numbers:
http://ws.consignorsupport.no/BarcodeRefillWS/Barcode.asmx


Consignor updates:
http://ws2.consignorsupport.no/consignorDataUpdate/ConsignorDataUpdate.asmx

EDI file transmit:
http://ws2.consignorsupport.no/SendingEdifacts/SendingEdifacts.asmx
http://ws.consignorsupport.no/SendingEdifacts/SendingEdifacts.asmx

Resource Center for AutoUpdates
http://ws2.consignorsupport.no/ResourceCenter/Gateway.asmx
http://ws.consignorsupport.no/ResourceCenter/Gateway.asmx

Storage Center:
http://wsm-aws.prod.edi-soft.no/StorageCenter/Gateway.svc

Routing Codes:
http://ws2.consignorsupport.no/RoutingCodes/RoutingCodes.asmx
http://ws.consignorsupport.no/RoutingCodes/RoutingCodes.asmx

Subscription Service
IdentityServer: https://www.consignorportal.com
SubscriptionServer: https://api.consignorportal.com (The correct result for this URL is a message saying "403 - Forbidden: Access is denied.")

Upload of shipments to Consignor Portal:
http://ss.consignorportal.com/StandardPortConfigurationReceiver/GatewaySyncProcessing.asmx

Some carriers might also have specific webservices to function properly.
You might also see all our webservices and their functions in the configuration file located at: C:\Consignor\Consignor\LiveUpdate\Config\FactorySettings\WebServerConfiguration.xml

Our webservices might run from both client and server.
See also how to setup Proxy settings here.

How to check connectivity towards our webservices:

1. Open an internet browser
2. Copy one of the URLs into the address bar and hit enter.
3. If one of the screenshots below are shown the webservice should be open.
   
   NB: Even if you can access the webservice through your browser but not Consignor it could be proxy settings in the browser.