• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 642
  • Last Modified:

Sharing 1 physcial Printer across 2 networks

I'm trying to share a ricoh mp 5500 multifunction printer across 2 separate networks.  I think the printer has only one network interface slot.  
0
Lou131
Asked:
Lou131
2 Solutions
 
luc_royCommented:
the fastest way without joining the two networks is the purchase a print server device.
the make both USB and serial ones that will provide the functionality of a second NIC card.
you can get them at most electronic stores.
here is a link
http://www.google.com/products?rlz=1T4GPTB_enUS291US292&q=print+server+usb&um=1&ie=UTF-8&ei=y7CzS5KzC8H7lwfz_uC6BA&sa=X&oi=product_result_group&ct=title&resnum=3&ved=0CDsQrQQwAg
0
 
thompsonwirelessCommented:
If the Ricoh has a routable IP address you can do it.  You've got to be able to see past the firewall/router on the network you are trying to access the printer on.  You may also do port forwarding to an internal IP address for the printer.  Or if the Ricoh has a web server built in and can be seen from outside the DMZ you may be able to access it that way.  In short, two separate networks aren't usually designed to let just any other network or computer have access without being configured properly since security issues are a factor.
0
 
Lou131Author Commented:
Thank you for the recommendations.  I just took over a new client who was sharing an infrastructure with another business.  Not good.  I'm in the process of separating my client from the shared infrastructure.  My only snag was that both businesses still want to share one common multifunction ricoh printer.  Hence, my issue architecting a solution that will work for both but also be secure and separate.
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
thompsonwirelessCommented:
I'm sure Ricoh has something that does broadcasting, or you can assign an external IP (if you have one) or port to where it does to an internal IP for the Ricoh.  There are a few ways to do it, depending on the network.  Good luck!
0
 
tharsternCommented:
You could also connect via usb to a pc on one network and share it from that pc. The network port could then be used for the other network. Ok, you would have to have the pc on all the time, but it would be secure.

0
 
Lou131Author Commented:
Thanks again for the recommendations.  I will post a follow up message when I get it implemented.
0
 
MysidiaCommented:
I am not sure of any special networking requirements of the Ricoh.  There are a number of scenarios you could consider,  there may be some special configuration requirements  to make a Ricoh  work  when there is a router between it and the printer users  (such as manually configuring printer IP addresses on workstations, or setting up login scripts to do so).

Especially, depending on the size of the organization, it is not generally recommended to have users connecting directly to printers, it can cause issues with some types of printers, and normally a Windows print server should be used, and users submit jobs to the print server.

The $100 kludge would probably be to buy a pair of cheapo  WRT54GL consumer routers, and a dumb 5-port switch, flash broadband routers with favorite firmware, permanently kill the DHCP server on both,  turn on NAT,  assign  static LAN ip appropriate from each company's  network to one of the two,  assign static WAN ip on a new network reserved for printers.

Plug the two  el-cheapo routers'  LAN port into the corresponding organization's network (trusted side),  plug the two el-cheapo routers' WAN ports into dumb switch.      Plug printer into dumb switch.

Set a static route on each company's  real routers to  route the printer IP addresses to their  el-cheapo  router's  LAN IP address.

Catch, is the printer will be in for a rough time if it wants internet access.




My general suggestion, the more correct method, would be to create a separate network with a separate subnet and separate IP addressing for the printer and other 'shared' devices.

This way the 'network you are sharing'  is a separate island in and of itself.
Everything in that shared island is accessible from either network, and should therefore be treated as untrusted.

What is feasible depends on what type of network equipment you are using on each network, and in particular, the capabilities of the routers, switches, and firewalls  in place.

I mentioned the possibility of a 'separate network'.   You can do this, if one of the organizations has a manageable switch with VLAN support, and a suitable router.

You would create a separate VLAN for the printer, using an IP address space neither organization is using, place the printer in the VLAN.

Connect both organization's  routers into that VLAN, using a spare router port  (note: not a spare switch port,  consumer routers that are simply 5-port switches are not suitable;   real routers have separate 'router ports'  which can be configured to be on isolated networks).    This allows both organizations to access that network freely.

This makes the most sense if there is a firewall behind the router, or the firewall is the router.   If it is not, then you should do something different, or at least enable NAT on the router and make the printer network an outside network.


Another possibility is to  connect the two organization's routers together using a free router interface on each router  (again: not to be done on consumer-grade routers that are simple switches,  these need to be true Layer 3  router ports, not switchports)

Then create a new network using a new IP address range for  'the interconnection between the two companies',  assign an IP address in that network on each router to that router port.

Then either insert a  switch on that link with the printer plugged into it, or
place the printer on one of the two organization's networks.

Both routers will need rules established to forward traffic to the other organization's router,  if you don't put the printer on that same link.

Again, security considerations above are similar.




If  each organization has free router interfaces on their firewall, and uses a non-overlapping  IP address assignment scheme,  you might consider connecting the two firewalls instead of  two routers.

Even if there are no free physical ports,  you may still be able to do this using a virtual connection (VPN connection) over another network  you have in common.

Place the printer in one of the organization's DMZ's.

Create appropriate rules to route the traffic for the printer's IP address.

Assuming a stateful firewall, Create an allow rule on the 'printer hosting org's' firewall to allow the other organization access to that one IP address.





0
 
cfowlerlock77Commented:
hi there,

you will be able to assign the one ip address to the machine and share it. The machine will print via direct ip only.

The only catch will be that the gateway and dns of the machine will control who gets to scan to folder.

We do it all the time withoout the need for any of the above.

Cam
Ricoh Software Analyst
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now