PFsense and Xerox VersaLink Multi Funcion Printer



  • Hey

    We are starting to use PFsense in our environment. We recently purchased a Xerox Versa Link C505 multi function printer to use in our Microsoft 365 Business environment. The printer is connected directly to the data VLAN port, the goal is to only allow users to scan to email (to internal only email addresses) and the associated One Drive account tied to this printer for Scan to Folder.

    When I try to use Option 2 from the Microsoft website and try to scan to an internal email address, it says successful but does not reach the internal email addresses (Inbox or Spam folder).

    Does the printer require to get a static IPvia DHCP reservation?
    My PFSense box currently has 2 NIC (one for WAN and the other for LAN). Do I need a static IP for the Printer? TELUS our ISP has a weird MAC to static IP association policy. If we were to go with a static IP do I need to connect another NIC?

    Thoughts? Thanks



  • @roney-s-mathews I would put a static LAN IP address and that wouldn't have anything to do with your ISP...not sure I understand the scan to email...couldn't scan to PDF? If you're using a website to scan to email address, the firewall might block. Are the email addresses hosted by Microsoft?


  • Netgate Administrator

    Looks to be entirely in the office365/printer config. pfSense merely routes that traffic.

    I see no reason to put a public IP on the printer, it only needs to use a static external IP for outgoing traffic, which will be the case if the pfSense WAN is static.

    Steve



  • Thanks I used DHCP reservation for the printer on pfsense and was able to scan to email within the organization. However the mailbox moved the mail item to the spam folder in Microsoft 365.

    I believe I read something about having that IP whitelisted in the domain config page.


  • Netgate Administrator

    Did you add the SPF record as shown in the doc?



  • Will be adding the spf record in an hour. Would you be able to tell me if I need to enter the internal printer static IP or the external static IP of the PFsense box?

    Thanks


  • Netgate Administrator

    The external IP is what I expect to see there. That's what the main servers will see.

    Steve



  • I entered my external IPv4 address on my domain web providers spf TXT record. The emails that originates from the printer still shows up as SpAm within the organization internal mailboxes.


  • Netgate Administrator

    Hmm, well I'd be asking Microsoft then if you've done everything in their instructions.



  • Thanks. Yup I've reached out to Microsoft on Technet. Hopefully we get a response from them. Thanks this issue can be resolved.



  • Is there any service that I can enable on pfsense to help easily detect printers in my VLAN? The Xerox printer at times are visible to workstations and at other times it's no longer available.

    Thoughts?


  • Netgate Administrator

    It depends how they are being 'detected'. If they are entered into hosts by IP, the best way IMO, they should always be visible.
    If they dependent on some broadcast domain style detection protocol then you would need something to proxy/bridge that between subnet. So Avahi for mDNS or IGMPproxy / PIMD for SSDP.
    If they seen by your DC you may not need any of that of course.

    Steve


Log in to reply