Automatic Thermal Printers on CLOUD Server with VPN

Automatic Thermal Printers on CLOUD Server with VPN

As of August 2024 we have implemented a new printing system called "CloudPRNT" thanks to a new partnership with the STAR company. See https://help.novohit.com/portal/en/kb/articles/recommended-printers-and-print-servers
With the new STAR CloudPRNT printers it is no longer necessary to implement the previous scheme with VPN between Router and Cloud or between Workstation and Cloud. See: https://help.novohit.com/portal/en/kb/articles/recommended-printers-and-print-servers

Legacy Recommendations (for reference only, do not implement)

Previously, for Cloud clients or clients with multiple geographic locations, the following was required: a special VPN connection is required. This is because Novohit is "outside" of your company's LAN and in order for Novohit to print automatic Point of Sale or Bank Draft printing orders, the orders must be sent from a local network, either real or virtual.

There are two ways for Novohit in the cloud to send orders on the local network:

Method A: VPN connection to the LAN Router: In this configuration, the Novohit cloud server acts as a client of a VPN network whose VPN server is the Router or active computer on your network. Thus, the cloud server would be available on the VLAN as if it were physically on the LAN (e.g. 192.168.X.X).
Method A is always the most recommended as it allows all possible printing configurations and is easier to maintain, but it requires an advanced configuration of your router: your router has to have OPENVPN Server capability and to route all traffic to and from Novohit through the VPN. The Mikrotik routers we recommend have this capability. Method A may not be compatible with Satellite or cellular connections.
Method B: direct VPN connection to a PC in your LAN: In this configuration the Novohit server acts as an OpenVPN server and a PC in your local network connects as a client. In this case, the server can send all print orders to this PC. The PC in question would act as a "print server" since the printers would be registered there.
Method B has certain limitations, for example, it requires a VPN for each Workstation Printer and is more difficult to maintain. In general, we only use 2 VPN connections in this method.


Method A: VPN Connection to the LAN Router

This method is highly recommended and will always be the first method, as it involves a single point of contact, facilitating monitoring, tracking, backup scheme and security.
In this configuration, the Novohit cloud server acts as a client of the VPN network as if it were physically in the same LAN IP (e.g., 192.168.X.X), so routing to that network must be enabled.

The NS/DNS of your active LAN equipment must be configured as indicated here so that all calls made on the work LAN to mycompany.novohit.com are mapped to the server's VLAN IP (e.g., 192.168.X.X) instead of the calls going out to the WAN (internet network).

This method requires a joint collaboration of your network or system consultant and the Novohit Support Team. So, for this configuration place a ticket. Have the following items handy:
  1. The characteristics of your Router/Modem must be among those required by Novohit (see specifications). In particular, the Router must have VPN functionality.
  2. Have at hand the administrator access credentials to the Router.
  3. Prepare the LAN Printers according to the instructions in this link, making sure to fill out the form for each printer to be connected. The IP to provide is the LAN IP.
  4. Configure the active Router or Device as indicated in this guide: https://help.novohit.com/portal/en/kb/articles/port-forwarding-and-dns-router-configuration-for-wan-access
  5. Your active network equipment must have included routing to the VLAN created by the VPN.

Method B: Connection to Each PC (Only Recommended for up to 2 Stand-Alone Printers)

This method will only be implemented by our staff under specific circumstances.
In conjunction with your network and hardware consultant, correctly configure the parameters described in the following steps:

Install OpenVPN Client on Windows

  1. Download the OpenVPN GUI client from any of these links: 
    1. https://build.openvpn.net/downloads/releases/openvpn-install-2.4.11-I601-Win10.exe 
    2. https://drive.novohit.com/file/eiz5b6212b206c26b479f8494ec56ee8be2a9
  2. Install the OpenVPN GUI client, if you have any doubts about the installation process, see the official guide: https://openvpn.net/community-resources/how-to-install-the-openvpn-gui-on-windows/
  3. Copy the .crt, .key and .ovpn files provided by our staff via ticket.
  4. Configure the VPN to connect automatically at Windows startup by following these instructions: https://help.novohit.com/portal/en/kb/articles/openvpn-gui-client-connection-on-windows-terminal-workstation
It is the client's responsibility to back up VPN configuration files. All configuration and re-configuration is subject to charge according to Technical Support SLA.

If a Firewall is Installed:
  1. Add in green list (so that the firewall does NOT block) the following ports: 137/139 TCP, 445 TCP.
  2. Enable the ICMP PING Requests
  3. Enable connections through the VPN IP ranges.
  4. In the advanced settings of the Windows firewall, under domain, public and private, disable control over the Network interface (TAP) that virtually creates the VPN, usually named "Local Area Network 2".
  5. On the internal router, open port 1194 UDP, the complete list of Open Ports can be found here.
  6. Disable or properly configure any anti-virus so that it does not interfere with VPN print commands.

It is the responsibility of the client to allow the data exchange flow as defined in the above instructions.
In case our staff performs the installation, you agree that the windows firewall will be disabled and Avast will be configured with special parameters to allow connections. However. we are not responsible for the security of your computers.

On Mac

Download the Client https://tunnelblick.net 
Follow the Tunnelblick instructions to set up a VPN network with the .ovpn file sent by our staff.

Special Cases Method B

For these configurations you will receive more details from the Novohit Support team.
For Workstation Printers one of either of these two configurations may be required:
  1. A new VPN for each printer per Workstation.
  2. Reuse an existing VPN and configure the Workstation.
In either case, for the Novohit server to detect that the print order is coming from a specific Workstation, one of these two configurations will be required:
  1. That all calls to the Novohit server go through the VPN of the Workstation, this is usually done by modifying the /etc/hosts file.
  2. That all calls to the server are identified with the X-Forwarded-For header with a Local IP, this is normally done by adding a Plugin to the browser.

Printer Information

Communicate via ticket the information requested in the following link.

If Instructed by our Staff, Download and Install Novohit Assist in Administrator Mode.

Download and Install Novohit Assist as instructed in the ticket by our Support staff.

Recommended Print Servers



General Printers Diagram

    • Related Articles

    • Types of thermal POS printers by function

      In Novohit POS, three types of documents can be printed: Account or Ticket, when the customer requests the account in a restaurant or when a retail sale is made. This ticket is not valid for tax purposes in countries where electronic invoicing is ...
    • CUPS Printer Architecture at Novohit

      The connection model or flow is as follows: NOVOHIT APPLICATION > CUPS (OS service) > HOST > PRINTER Novohit uses CUPS (Computer Operating System Print Service), in turn, CUPS sends the command either to the print server via LPD with the print ...
    • General Information Automatic Printers

      Novohit allows the automation of printing processes, whether for Bank Check Printers, POS Orders in Restaurants with thermal printers, Production Printers and Work Orders in Retail warehouses with thermal printers, Electronic Boletas with thermal ...
    • Technical Features, Security and Continuity of the Novohit Cloud Managed Cloud Service

      Definitions Go to: https://help.novohit.com/portal/en/kb/articles/universal-commercial-terms-novohit Introduction The Novohit Managed Cloud has the following features, which are an additional layer to the Novohit General Security and Continuity ...
    • Recommended Printers

      Novohit has recently implemented a new printing system called "CloudPRNT" thanks to a new partnership with STAR. See the CloudPRNT STAR section below for more details. New CloudPRNT STAR POS Thermal Printers All CloudPRNT compatible printers are ...