VLANs and network printers
-
I started using pfSense 2 (64-bit). The machine has one WAN, and four LAN ports. I created VLAN 1, 100, 101, 102, 103, and 104 with DHCP.
VLAN1: 192.168.1.0/24
VLAN10: 192.168.10.0/24
VLAN100: 192.168.100.0/24
VLAN102: 192.168.102.0/24
VLAN103: 192.168.103.0/24
VLAN104: 192.168.104.0/24All network printers are located in VLAN1. PING from the other VLAN goes through, but network printer wizard and installation CD do not detect any network printers in VLAN1.
What kind of firewall rules to see network printers in VLAN1 should I make? The following example did not work.
VLAN1 tab: any VLAN104 net –> VLAN1 net allow
VLAN104 tab: any VLAN104 net --> VLAN1 net allowI may be confused, but I also took a look Routing setting, and I realized that Gateway on all VLAN interfaces is None.
ex)
Interfaces --> VLAN104
IP address: 192.168.104.1/24
Gateway: NoneInternet connection from VLANs are fine, but it I set Gateway to 192.168.104.1 (above example), it stops working.
I want to put all network printers into one VLAN, and allow the others to print. May I have some advices to make it happens?
Thank you very much.
-
First, most "install" programs send out a broadcast to find the printers. Broadcast packets do not cross a firewall or router.
Second, unless it is a typo, your VLAN1 rule needs to be reversed, as in: any VLAN1 net/any -> VLAN4 net/any allow. I would almost do an any to any until it works for you.
The Gateway on each LAN and VLAN should be none unless you are using policy routing (used mostly in multiwan setups).