OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: Shihatsu on November 22, 2021, 10:04:25 am

Title: Howto use printer in one vlan from a different vlan
Post by: Shihatsu on November 22, 2021, 10:04:25 am
Heya!
I have some issues with my VLAN-setup.
My Setup be the following:
2 Dell PowerEdge R210 with OPNsense 21.7.5-amd64 behind a Fritzbox, Failover with Carp, LAN, WAN, CARP, several VLANs
As Switch a Mikrotik CRS328 is used, as well as a TPlink EAP 660 HD WiFi Accesspoint
A Canon printer works for paperwork and is attached to the network via WiFi.
I have several VLANs, in which I segment groups of devices, for example mobile devices, devices of the kids and so on. Some of these VLANs are also available as different WLANs via the AP.
Until recently I did not yet move my printer into one of the VLANs, it was still in my LAN, and it was accessible from every VLAN that had access via Firewall rules to LAN. Now i moved my printer to a VLAN which has access to the internal VLANS and LAN, but not to the Internet. I cannot access the printer anymore in menas of "printing services", but I can access the web ui of the printer.
I googled a bit and found the MDNS repeater plugin, installed and configured it on both OPNsense instances for all respective networks (LAN and two VLANs, one with the printer in it, the other for mobile devices),  and added the needed firewall rules in the two VLANs (LAN has "access all" default rule:
Pass    IPv4 TCP/UDP    VLANx    5353    224.0.0.251/24
Pass    IPv6 TCP/UDP    VLANx    5353    ff02::fb/64
But I cannout find the printer in any printer dialog from any other network. What should I do for troubleshooting?
Title: Re: Howto use printer in one vlan from a different vlan
Post by: lilsense on November 23, 2021, 06:16:49 pm
Just reading thru this looks like the a typical WiFi feature that disallows other wireless or any other system to communicate with a particular WiFi device. I would recommend checking the AP configuration.

You would seem to have the same issue sharing folders in WiFi with other WiFi and/or users.
Title: Re: Howto use printer in one vlan from a different vlan
Post by: Shihatsu on November 23, 2021, 07:17:42 pm
Uhm, thank you, but what should I look here for? The WiFi is as I said an Omada Controller controlled EAP 660 HD, which fully supports VLANs, and which is fully working for everything else (like sharing Filesystems accross VLANS/LAN, getting access to internet or not, according to the rules of the respective VLAN in the OPNsense Firewall). WiFi is working quite okay, don't know what to check - and I can access the printers WebUI, as mentioned before.
Any suggestion where to check logfiles?