Sharing printer across VLANs

ReeXNeeX · August 21, 2017, 1:57am

We have 1 LAN + 2 VLANs

LAN: 192.168.8.0
VLAN: 10.0.100.0
VLAN: 10.0.200.0

Windows printers are DHCP reserved and configured on LAN 192.168.8.0. I would like to allow one of the VLANs to access shared printers, keeping communication between VLANs safe. Inter VLAN currently disabled.

Is there a way to keep VLANs separate and allow printer sharing? I have read on a forum that it could be possible to create a 3d VLAN, configure the printers in that VLAN and allow communications between printers VLAN and other LAN/VLANs, keeping each one separated from the rest however I am not sure if this is possible with the Balance series (One)

mldowling · September 19, 2017, 10:34pm

Hello @ReeXNeeX,
Have you created your firewall rules to allow network traffic between the VLANs?

Based on our past experiences with the Peplink Team, you are best to enable Inter VLAN routing and then using these “Internal Network Firewall Rules” to bock the unwanted traffic between the VLANs, you can create firsly the rules for what you do want to allow and then a block rule for the rest.

You can search here in the forum for “firewall rules”, there is lots of good health discussions in the forum on how to do create these,
https://forum.peplink.com/search?expanded=true&q=firewall%20rules
Happy to Help,
Marcus

ReeXNeeX · September 19, 2017, 11:16pm

Thanks Marcus!

I have successfully enabled inter VLAN routing and limited routing traffic only to printers MAC address. I am aware that this is not top security as the MAC address may be spoofed easily, but in our scenario this is sufficient

mldowling · September 20, 2017, 2:58am

Hello @ReeXNeeX,
Glad to hear you got it working with the above. This is a lot easier than having to set up routing tables.

On the MAC spoofing side, VLANs that are setup correctly and connected using network switches that correctly managed VLAN traffic will enforce the VLANs regardless of the spoofed MAC addresses, devices within the VLAN will still be bound to the the VLAN that the device has assigned to via the network switch.

If you find otherwise with the Peplink range, then please let Peplink know through a support ticket as to how you tested and found otherwise, Peplink would be a really keen to know as it would be an issue for a lot of professionals out here.
Happy to Help,
Marcus

riotaylor · September 29, 2018, 2:53am

I am unable to share the printer among VLANS. I am using the Canon Pixma MG3670 Multi-function Wireless Printer. canon printer error b200 How can i solve this issue?

mldowling · September 29, 2018, 2:00pm

Hello @riotaylor,
A couple of things to check:

If you are using a static IP, ensure that the gateway IP address is correct & you have the correct DNS IP also
Check to see that you have Inter VLAN routing enabled between each VLAN
Have a look at your firewall rules to see you have not blocked any the required IP traffic between the VLANs for the printer.

Happy to Help,
Marcus