Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Connecting To Printer on VLAN

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 2 Posters 807 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ghostshellG Offline
      ghostshell
      last edited by

      I am having trouble connecting to the web gui of my printer that I connected to my VLAN network while my computers are on the main LAN. I can PING it with no problem, but trying to connect it to my laptop or just trying to access the web gui is a no go. I have tried a few different rules with no luck. FW logs show no blocks from either IP address, laptop(192.168.1.142/24) or the printer(192.168.121.40/24). My tablet is on that VLAN and I can access the web gui for the printer while on the VLAN, just not outside of it. I setup the VLAN for all IOT devices and things like printers, while computers are on the main LAN. My main wifi is 5GHz so the printer wont connect it to or I would just switch it over. A little stuck and could use some help. Here is the state when I try to connect using a web browser:

      192.168.1.142:62446 -> 192.168.121.40:80	FIN_WAIT_2:FIN_WAIT_2	14 / 24	573 B / 1000 B

      If I make a rule on LAN to VLAN i see the state on the LAN network, but shows the above state, when looking at VLAN states I see nothing

      1 Reply Last reply Reply Quote 0
      • ghostshellG Offline
        ghostshell
        last edited by

        I tried the port tester under diagnostics and it showed successful, i did port 80 to the printer IP and chose source as LAN.

        johnpozJ 1 Reply Last reply Reply Quote 0
        • johnpozJ Offline
          johnpoz LAYER 8 Global Moderator @ghostshell
          last edited by

          @ghostshell The state would be only in the direction the traffic was created from.

          Those states are in a closing state FIN, means the connection is closing..

          Default rules on lan are any any - it can talk to anything.. So no special rules would need to be created on lan to talk to some vlan network.

          I suggest you sniff on the iot vlan in pfsense so you can see what the printer is sending back. But FIN means the conversation is being closed by the client or the server via sending FIN..

          Clearly pfsense sent on the connection, or there would no way you could be in in closing state. Only opening state syn sent for example. With no answer back.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 25.07 | Lab VMs 2.8, 25.07

          ghostshellG 1 Reply Last reply Reply Quote 0
          • ghostshellG Offline
            ghostshell @johnpoz
            last edited by

            @johnpoz Thanks for the info and test to do. I dont know the connection lingo well and I thought thats what was happening, but I have been trying for 2 days to figure it out so since I am not an expert I figure it was time to post. I will see what I can figure out. Its just weird I can ping all day long, while trying to connect to the web gui on port 80 is a no go. Oddly since the VLAN is IOT i have my tablet and phone on it so I tried to connect to the IP from my phone and that works so at that point I posted. Was not sure what ya'll needed to help so I posted what I had, I will post again once I can get more info to help you guys help me.

            johnpozJ 1 Reply Last reply Reply Quote 0
            • johnpozJ Offline
              johnpoz LAYER 8 Global Moderator @ghostshell
              last edited by

              @ghostshell said in Connecting To Printer on VLAN:

              while trying to connect to the web gui on port 80 is a no go

              Because its prob sending you a FIN - saying he doesn't want to talk.. Sniff the traffic so you can actually see what is going on.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 25.07 | Lab VMs 2.8, 25.07

              ghostshellG 1 Reply Last reply Reply Quote 0
              • ghostshellG Offline
                ghostshell @johnpoz
                last edited by

                @johnpoz so I did a packet capture when I try to connect to the web gui

                21:02:36.436777 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 0
                21:02:36.458198 IP 192.168.121.40.80 > 192.168.1.142.53204: tcp 0
                21:02:36.460112 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 0
                21:02:36.460613 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 470
                21:02:36.708824 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 470
                21:02:37.017430 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 470
                21:02:37.617359 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 470
                21:02:38.817678 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 470
                21:02:39.646716 IP 192.168.121.40.80 > 192.168.1.142.53204: tcp 0
                21:02:39.647974 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 0
                21:02:41.218083 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 470
                21:02:45.946981 IP 192.168.121.40.80 > 192.168.1.142.53204: tcp 0
                21:02:45.948169 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 0
                21:02:46.026053 IP 192.168.1.142.53204 > 192.168.121.40.80: tcp 470

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.