Setup guide – Salto Space

Background:
Because there are many components in motion, we've compiled a list outlining requirements, clarifications, and areas of responsibility to ensure the seamless integration between Inlet and the lock system.

Read more about the security principals for Inlet and the connections to locks here.

Practical and Technical Requirements:

1. The locksmith installs the locks, installs Salto Space on the server, and configures the locks in Salto Space.
2. Ensure that a license with SPACE-OPT-0e018 (SHIP interface) has been ordered.
3. If it is an existing installation, make sure the version is at least 6.4.4.0.
   • A new version can be downloaded here: https://softwarearea.saltosystems.com/
     • The username can be found by clicking on the (i) in the top right corner inside Pro Access Space.
4. The locksmith ensures that Salto Space has SHIP enabled under “General options” and configured as follows:
   • HTTPS should be set to: Authentication Custom
     
   • The locksmith fills in the Salto-SHIP-Key: {{ RANDOM 32 LETTERS and NUMBERS }} and sends it to Inlet.
   • Also, check that HTTPS is enabled in the ProAccess Space configurator.
     
5. The IT provider delivers a server where the locklsmith/installer can install the Salto Space server and secures the server with a firewall and access control.
6. The IT provider and the installer/locksmith installs an SSL certificate for secure connection on the Salto server.
7. NB. Remember to also whitelist the firewall in windows not only in the network firewall.
8. The IT provider ensures to whitelist IP addresses and set up port forwarding from the external port to the internal port on the server so that we can access the API. See the bottom of this page for IP addresses and ports.
9. The IT provider sends the public server address and port number to Inlet. Usually, TCP port 8100.
10. The IT provider opens the firewall on the Windows machine where Salto is installed so that traffic from Inlet is not blocked anywhere along the way.
11. The IT provider can then access the public IP on port 8100 and should be able to connect directly to the Salto server and see the following image:
    
12. Inlet needs receive the following to email support@inlet.tech:
    
    • Customer Name
    • Information on what locks and lock groups Inlet should set up.
    • Salto SHIP KEY
    • Public IP, or a proxy address that responds to HTTPS.
13. Inlet retrieves IDs for the locks to configure Inlet with the locking system.
14. Inlet provides information to the main system/booking system for testing.
15. Inlet requires a minimum of 2 weeks of testing with the main system/booking system after the installer has completed all the steps above.

IP addresses that need to be whitelisted:
Required: 52.164.185.179
Optional: 79.160.124.141 (for debugging and support)

Ports that need to be mapped:
External TCP port 8100 to internal TCP port 8100 on the Server.