How pos terminal work
Hypercom Optimum T4220 POS Credit Card Terminal Fails ISP Test With Successful DHCP lease from a pfsense Netgate Appliance with static IP DSL WAN
This has been an ongoing issue for a couple of weeks. The credit card terminal will lose the ability to connect to the processor server over SSL.
The IP config looks correct, the DHCP lease looks legit and it appears to
have connectivity to the Internet,
When the transaction is attempted I can see:
Ethernet Session Error
In the error log I see that the Debug Buffer states
VfyCertChain: NOT Verified! Reason 2 (CERT_SIGNATURE_FAILURE) VfyCertChain: NOT Verified! Reason 1 (UNABLE_TO_GET_ISSUER_CERT) VerifyDataBundle ERROR 112 Bus App Signer VerifyDDLSysSig: ERROR NOT TCMS Bundle
This was working yesterday, but today it does not work. This happened twice before in the past two weeks and never previously for 2+ years behind a lousy consumer router.
I don't see any blocked traffic in the pf logs that matches either the processor host IP or the terminal IP.
So it appears to be an issue with SSL Cert issuer verification but if I plug into my consumer router at home I have no issues completing transactions.
I can easily renew the IP address on the terminal and it always reports connectivity.
This particular model includes an IP
Diagnostics utility which runs four tests:
- LAN Connection - Tests that Ethernet connection exists.
- Gateway Test - Tests that the GW is responsive(?)
- ISP Test - If there were a PPP connection directly involved, I might know what this tests exactly, as it stands no one can tell me what exactly is happening under the hood?
- Host Test - Tests that the connection to the processor server is successful(?)
I have restored the pfsense config to a previously known-good point but this did not clear the card terminal issue.
So my question is:
Does anyone have any experience resolving a similar situation?
Some other thoughts I had were that I was too hasty in configuring a local instance of BIND or that I have misconfigured pfsense (DHCP Server possibly). I am pretty new to pfsense and credit card terminals.
I am about to deploy another nameserver in this workgroup environment of
16 total clients (mostly XP & Windows 7) in the hopes that I just got something wrong there.
I am pretty desperate for fresh insight into this issue. This should be a non-issue in 7-10 days when we go to a different processing system, but until then the retail area is without a card reader and that makes small business owners very sad.Source: serverfault.com