Hi there, Please keep in mind that global Layer3 and Layer7 firewall tables on MX run independently. If traffic is allowed through one feature but denied on another, the traffic will still be denied. With that being said, even if you figure out what IP, port, and protocol POS system is using to communicate with cloud server, there is no way to make it work because even if we explicitly allow that traffic under Layer 3, it is still entitled to get blocked under Layer 7 rules. I will recommend manually whitelisting POS devices from clients list if POS systems are configured to communicate only with that cloud server. I can also help you in determining which IP MX is blocking when POS tries to communicate with cloud server, so let me know if you would like to know how to do that. Best Regards, Gaurav Gupta
... View more