Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Printer different segment

Follow
Avatar
Daniel

How can I access a printer on a different segment?

My printer is on IOT VLAN and I need to print from my default LAN.

I tried to create an allow rule from LAN to printer IP, but no luck

0

Comments

6 comments

Sort by Date Votes
  • Avatar
    Michael Bierman

    No problem. 

    By default you can talk between network segments. You may already have created a block from the IoT segment > default LAN or both ways? 

    You need a rule to allow access from default LAN > IoT VLAN. One way to do that is also to allow traffic from default LAN on the IoT segment. 

    You may also need to turn on mDNS if you are using some protocols like AirPrint. 

    0
    Comment actions Permalink
  • Avatar
    Daniel

    I’ve added a block outbound from IOT to any other network.
    Then I’ve added allow from LAN to the IP of the printer. And also enabled mDNS.

    But no luck.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Can you ping the IP of the printer? How is the printer configured on the client? by name? IP? If the printer moved from one network to another after being set up on a computer you may need to remove it and re-add it. 

    0
    Comment actions Permalink
  • Avatar
    Daniel

    No, ping doesn’t work. I use the HP app on my phone to see the printer. 
    Might be that it’s isolated by the AP. 

    But I think I’ll just move it, opening between the network kind of defeats the segmentation purpose. 

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Not at all. Devices need to be able to see the printer. The printer does not need to see devices. I like having the printer and other devices separate. 

    If ping isn't working it sounds like either 1) the printer doesn't allow ping (seems unlikely to me) or 2) the rules are not correct. Maybe you have an extra set of blocks going on? etc. Often people have conflicting rules that they don't realize that gets in the way. 

    0
    Comment actions Permalink
  • Avatar
    Daniel

    But the allow rule is bidirectional, or should I make it outbound only from LAN to printer?

    No other rules really.
    You don’t think client and network isolation on the AP interferes?
    Also the Wi-Fi where source is is VLAN 1 which Firewalla doesn’t recognize. So it’s LAN to VLAN if that matters.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post