Network connectivity guidance

Opening your firewall

In order to interact with our APIs, you will need to ensure you have connectivity to the appropriate endpoints.

The URLs that your integrating system (e.g. your trust integration engine) will need access to are provided on our connectivity page.  The following ports should be permitted on your firewall:
  • Port 7443.  The PKB HL7 endpoint uses port 7443.  This is a non standard port and may need to be added to your firewall rules.
  • HTTPS port 443 must be permitted to allow access to our REST and FHIR APIs.

Whitelisting your production HL7 feed source IP(s) at PKB

PKB requires that all source IP addresses to our production HL7 endpoint are whitelisted on the PKB firewall.  Whitelisting of the source IP is not required for sandbox.

The IP address to be whitelisted will be the IP address as presented to PKB once outside of your internal network.  This is often the IP address once NAT’d.  Please consider any failover IPs that you may need to whitelist also.  Your network team will be able to help you determine the correct IP address.  Please send the IP addresses to be whitelisted to integrations@patientsknowbest.com

NHS trust within the HSCN / N3 network?

If you are an NHS trust within the HSCN / N3 network you will likely be connecting to the PKB HSCN / N3 production end point - https://nww.patientsknowbest.com:7443/services/hl7.

It is likely the IP address you will need to provide to PKB to whitelist will be from the NHS private IP address space; 10.0.0.0 - 10.255.255.255.  If you identify an IP address outside of that address space then this may indicate the IP address is incorrect and should be double checked before passing to PKB.

Testing your firewall access to the HL7 endpoint

URL test

A simple test to determine if your integrating system has access to the PKB HL7 end point is to open an internet browser on your server and enter the HL7 endpoint URL in the address bar.  E.g.
A popup as below usually indicates firewall access.  There is no need to enter any credentials.  If no popup is displayed then this could mean:
  1. Your firewall has not been opened.
  2. Your IP address has not been whitelisted by PKB (only applicable to production endpoint)


Telnet test

If you have telnet installed on your server then you can test connectivity to the HL7 endpoint port.

E.g.

telnet sandbox.patientsknowbest.com 7443
telnet nww.patientsknowbest.com 7443

If it connects successfully it will likely result in a black box with a flashing cursor – anything else would suggest a firewall issue still exists.
Comments