Printing between remote IPSEC networks

Posted on 2007-03-31
Medium Priority
Last Modified: 2013-11-21
I have 2 networks physically located in 2 cities, they are connected together with IPSEC devices that have been configured to allow unfettered access between the 2 networks.  Each network has an Win2003 SBS.  One network use 172.16.6.x the other 10.0.0.x.  Currently we are using RDP to allow access to machines between the networks.  IE from the 172 network, logged into the winXP machine named "Test" at, I connect to the "Test2" machine at  Running MSWord on the "Test2" machine I attempt to print to the "Test" machine an am unable to.

I have turned on the the printer flag within the RDP configuration without success.  I have created entries in the HOSTS file without success, I have attempted to add another zone in the DNS server with a host record created for the remote machine again without success.

Any help would be appreciated. Thanks
Question by:FIFBA
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
LVL 77

Expert Comment

by:Rob Williams
ID: 18828833
To set up printing with remote desktop:
-On the users workstation when they start the remote desktop connection client, click the options button, and then go to the local resources tab. Check the box for printers and save.
-the drivers for the printer have to be installed on the computer to which you are connecting, assuming they are not native to the operating system. Do not install the printer on the computer to which you are connecting but rather; on the "server" computer, open printers and faxes, on the menu bar go to file, server properties, add, and point to the diver .inf file. You will have to download the drivers first to a temporary folder. If you do this remotely, you should log off and back on before trying to print
-if still having problems, again on the computer to which you are connecting, go to printers and faxes, on the menu bar go to file, server properties, ports. Look at the port type. If it is a Dot4, you will need to use the following Microsoft fix: http://support.microsoft.com/default.aspx?scid=kb;en-us;q302361
-if it is an option, often connecting the printer to another local computer and sharing it, then connecting to the share rather than having it attached locally, often resolves the problem. If you are using a VPN client this is not always possible, due to routing issues.
-if you are using a USB printer, though it usually works (some multi-function units do not), Microsoft does not officially support USB printing through remote desktop sessions. Vista is supposed to resolve this, though it doesn't help you now.
-avoid PCL6 drivers with terminal services
-Microsoft has released an updated version of the Remote desktop Connection (ver 6) which should be more compatible with USB printers. Certainly offers more USB options, assuming these are compatible with existing O/S's.

Expert Comment

ID: 18830849
If you want to go another router you can port tunnel to your printer on TCP 9100 and print directly to it across the internet.  You can also do the same with IPP (internet printing protocol) on TCP 631.

The client machine running the Remote Desktop Client can have those remote printers installed as local printers but the ports are remote ports.

Now the above would only be possible if the target printers are networked printers - meaning they have a network interface.

However, seeing that you have a 2003 SBS, you can use the print server function on the server and it will host LPR or IPP for the printers for you.

Author Comment

ID: 18884713
Virtually all of the remote desktop methods have failed.  between the combination of printers that are being used (multipurpose) and porte being used (USB).  I wen thtrough each of the stes detailed in the first recommended solutions and followed the Microsoft rocesess to their ends without success.

Can I get some more information on the TCP 9100 solution?  is this secure when postng files to the printer?

Kevin Gibson
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!


Expert Comment

ID: 18884761
"Can I get some more information on the TCP 9100 solution?  is this secure when postng files to the printer?"

It is possible that some random individual could discover TCP 9100 open and print garbage to your printer.  Other than that, I cannot think of anything.

On your SBS network, make sure that TCP 9100 is forwarded to your laser printer.  At the remote site, add the printer as if it were local, except you are going to create a new TCP/IP Printer Port.  When prompted for the address of the printer port, input the external ip of your SBS network.

If you would like step-by-step details I will provide them.
LVL 77

Expert Comment

by:Rob Williams
ID: 18884913
As a first step troubleshooting, directly after starting a remote desktop session, go to the event viewer and look for errors with source of Print and Event ID 1111. This will tell you if the printer is even being recognized.

Must say multi-function USB printers are likely the worst ones to get to work with Remote Desktop.

Author Comment

ID: 18919563
I have 2 networks ( and (  There is an IPSec tunnel that exists between the 2 there is no restriction with respect to port traffic between the 2.  shouldn't I be able to send the 9100 traffic between the 2 without going to the internet?

i guess I'm a little slow, is there an instruction that I can step through.

thanks for all your help.

Kevin Gibson

Accepted Solution

manicsquirrel earned 1500 total points
ID: 18919747
Try this:

1. If you are in the 10.x network you can open the Printers and Faxes control panel.
2. From the File menu, select Server Properties
3. When the dialog box appears, click on the Ports tab, and then click Add Port
4. From the Printer Ports dialog box that appears, select Standard TCP/IP Port
5. Click New Port
6. When advancing through the wizard, when prompted for the ip address of the port, assuming the printer is on the 172.x network, you would type in the 172.x.x.x address of the printer.

Now that the port is added, try adding the printer as you would add an other printer, but do not have the printer auto-detect.  Select a Local Port, and when you are prompted to pick the port, change it from LPT1 to the port you had just created.

Of course, I don't know which network is your origin and which is your destination, but I should think that this would be enough info to print directly to the printer from where you are.

Featured Post

Supports up to 4K resolution!

The VS192 2-Port 4K DisplayPort Splitter is perfect for anyone who needs to send one source of DisplayPort high definition video to two or four DisplayPort displays. The VS192 can split and also expand DisplayPort audio/video signal on two or four DisplayPort monitors.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question