Cannot print to printer from laptop on same vlan

I am enjoying my SOHO it’s helping me to secure my network without being impossible to understand, there’s lots of good instructions and information out there although I’m stuck yet again.

I cannot talk to my wireless printer even though I am on the same vlan think it’s layer 2 isolation, am I correct in thinking need a internal rule, appreciate if someone could point me in the right direction.

Vlan A
Printer has static ip
Laptop has static ip

Tried to create an internal rule but doesn’t work.

If you have this enabled then yes it is that.

No not quite. Firewall rules work between the WAN and LAN and between different LANs (inc remote access VPN ‘LANs’) but not between devices on the same network segment / LAN.

If you want wireless devices on the same LAN to talk to each other you can’t have Layer 2 Isolation enabled. What you could do is add another VLAN, add a SSID for that VLAN connect your printer to that instead then setup firewall rules between your existing wireless clients and the printer.

Thanks for the reply Martin I have removed Layer 2 isolation and can now talk to the printer. I quite like the security of Layer 2 isolation, if I put the printer on it’s own vlan which firewall rules do I use to allow wireless clients in a different vlan to talk to it. There are only 4 ip addresses that need to use the printer, is it possible to specify a range?
Please could you give me an example as I am struggling to understand firewall rules.
Print Vlan printer ip
Wifi Vlan ip 10.25.11.*

Appreciate your help.

Use two rules - one that blocks access to the printer, the other that allows access to selected devices and put the one that allows access above the one that denies it.

Allow access to printer from whole of client network:

Block access to printer.

Then change the allow access rule above to a single IP address instead of the whole network if you want to lock it down further, add duplicate rules for additional single IPs.


Thanks Martin for your help, I get the two rules you mentioned, spent several hours trying to work out why I cannot print. The printer is on a seperate wireless vlan, I cannot connect to it from my wireless vlan, any suggestions for troubleshooting?

Do you have inter vlan routing disabled (unchecked) on either vlan?

Thanks Martin inter vlan routing was unchecked now enabled and I can print :slight_smile: appreciate the help, now all I have to do is work out why I cannot access the internet when plugged into a netgear smart switch.

