Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

printing through the firewall out person able to print inside

Posted on 2012-04-05
2
Medium Priority
?
1,336 Views
Last Modified: 2012-04-13
I have a cisco ASA firewall that is running 8.4 and I would like to allow users to print on a internal printer either using port lpd or 9100.

object network 4250-out
 host 1.1.1.234
object network 4250-in
 host 192.168.2.23
access-list allowin extended permit tcp any host 1.1.1.234 eq 9100
access-list allowin extended permit tcp any host 1.1.1.234 eq lpd

object network 4250-in
 nat (inside,outside) static 4250-out

access-group allowin in interface outside

I have tried a number of configurations based on examples I have seen in books and on the internet but I can not get users to print through the firewall to printers inside

4250-out is the outside address that is setup on the users pc's that needs to be mapped to 4250-in.  I have also created access-list to open up the ports.  

Any info would be appreciated.

jim
0
Comment
Question by:bnjrj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 17

Accepted Solution

by:
TimotiSt earned 2000 total points
ID: 37841490
If I remember correctly, on the ASA platform the DNAT happens before the ACL is checked. So you'll need to refer to the internal address (192.168.2.23) in the ACL.
And make sure there are no "deny" type ACL entries before your "permit" lines.

Tamas
0
 

Author Closing Comment

by:bnjrj
ID: 37843763
Yes that was the problem, the difference between pre 8.3 and post 8.3 versions.  I got it to work.

jim
0

Featured Post

Take our survey for a chance to win!

As a valued customer of Targus, we’d like to ask you a few questions about us. As thanks, you will be automatically entered for a chance to win a $500 VISA gift card. To enter, just complete the survey by September 15, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question