Connect to a printer in DMZ
-
In the company network on PfSense there are Interfaces for WAN, LAN, DMZ, VoIP. There is no communication between them but I want to enable some computers from LAN (10.0.0.x) to be able to use one printer in the DMZ (192.168.30.x).
I have tried to make one rule in LAN that would go from LAN to the specific IP address of the printer with port 9100, but this rule didn't work. Apparently I didn't do something right.Rules in The LAN are by default 1) allow LAN to any 2) one rule any to LAN address with opened ports 443,80,22
In DMZ one rule that opens everything except toward the LAN. These rules were set up when I came so they told me it should not be changed.
I need a help for rule that well allow to connect some computers with the printer. -
@paun Or what is common with printers, is they do not have a gateway.. Without a gateway you can not talk to them from another network.
You would either need to setup a gateway on the printer, and or do source natting.
9100 is a common printer port.. But its possible your printer is using something else, there are other printing protocols on different ports.
I take it you edited the default lan rule of any any - or if your printer had a gateway you would be able to talk to it on any port. Other thing might be if your forcing traffic out a gateway on your lan rules.
-
So you think I should NAT the printer's address on one network (inside) to the other IP on the second network (outside)? No idea. Maybe al just speaking stupidities
-
@paun if your printer doesn't have a gateway, then you can either add a gateway to the printer - or you can source nat it. This would be an outbound nat on your printers interface. destination would be the printers IP/32 and source would be either all of lan, or just the people IPs you want to be able to print to that printer.
That is if your rule is any any on your lan, or you sure your using 9100 on your printer? Or your not forcing traffic out some gateway like your wan dhcp or vpn, etc.