Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
How to connect to Wifi connected printer on other LAN network?
« previous
next »
Print
Pages: [
1
]
Author
Topic: How to connect to Wifi connected printer on other LAN network? (Read 714 times)
slcoleman
Newbie
Posts: 2
Karma: 0
How to connect to Wifi connected printer on other LAN network?
«
on:
February 11, 2024, 06:13:58 pm »
I have a Protectli 4 port running OPNSense where LAN1 (192.168.10.1/24) is a collection of I0T and other untrusted devices including a TP-Link AX5400 WiFi router (192.168.10.2/24) with an attached WiFi enabled printer (192.168.1.13). I am trying to print from trusted devices attached to the LAN2 interface (192.168.20.1/24) and nothing I have tried as far as firewall rules has worked. Ideally I want all LAN2 devices to be able to connect to any LAN1 device but not the other way around. There is obviously something I am missing here and I was hoping somebody might give me a clue what I need to do to make this happen.
I have logging for everything turned on but I don't see any indication as to where any specific rule denials are happening so I am thinking there might be a routing problem but don't know where in the OPNSense UI to enable something like that. It seems that the packets just don't go anywhere and no default denial rules are being triggered.
Is there a NAT problem on the TP-Link?
A missing interface route igb2->igb1 config?
What else am I possibly missing here?
WAN1 igb0 dhcp
LAN1 igb1 192.168.10.1/24 untrusted network
Wifi device 192.16810.2
WiFi printer at 192.168.1.13
LAN2 igb2 192.168.20.1/24 trusted network
thanks!
Logged
yourfriendarmando
Full Member
Posts: 103
Karma: 8
Re: How to connect to Wifi connected printer on other LAN network?
«
Reply #1 on:
February 12, 2024, 02:42:57 am »
That's a good question, check on your TP link that it is not creating another NAT, and not handing out DHCP. Set a reserved IP on Opn so the host name is easy to resolve. Create an alias you can refer to in rules.
Rule on LAN2
Allow source Lan2 Net destination to printer alias, limit to just ports used by printer, or the whole host via ipv4
«
Last Edit: February 12, 2024, 02:45:47 am by yourfriendarmando
»
Logged
CJ
Hero Member
Posts: 832
Karma: 30
Re: How to connect to Wifi connected printer on other LAN network?
«
Reply #2 on:
February 13, 2024, 06:15:37 pm »
Double NAT is exactly what's happening here.
Unless there's a reason that I'm unaware of, you want the TPLink configured as an AP, not a router. Move the cable from the WAN port on the TPLink to one of the LAN ports and disable the DHCP server on it. There may be a few other tweaks needed but I don't recall offhand. After that, the TPLink and printer should both have 192.168.10.x addresses.
Double check your firewall rules, as the first LAN created will automatically have rules allowing it access to anything. You want to make sure that's your trusted network (LAN2 in your case, I believe). Right now it's unclear as to who has access to what. If you post your rules we can help make sure they're correct.
One thing to keep in mind is that some devices and services don't work well when not on a flat network. They expect everything in one subnet. There are usually ways to get them working, but it can add additionally complexity that you might not be prepared for.
Logged
Have Answer, Will Blog
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
How to connect to Wifi connected printer on other LAN network?