be1ieve1111
asked on
Sharing printer between to VLANs using Netgear ProSecure UTM25
Hello,
I am having issues in sharing a printer used on VLAN1 (Static IP LAN) with VLAN2 (DHCP Wireless mesh network). Both VLANs have intervlan routing enabled as well. Here is the current setup. What am I doing wrong? The printer's IP is 10.0.0.209. I would like wireless users on VLAN2 be able to print to it.
I am having issues in sharing a printer used on VLAN1 (Static IP LAN) with VLAN2 (DHCP Wireless mesh network). Both VLANs have intervlan routing enabled as well. Here is the current setup. What am I doing wrong? The printer's IP is 10.0.0.209. I would like wireless users on VLAN2 be able to print to it.
lruiz52
From looking at the attachement you have both Port 1 and 2 as members of both vlans. that may be your issue.
ASKER
I have since changed the membership for VLAN to port 1 and VLAN2 to port 2 and it still did not make a difference. Thanks for you input!
Hi mate, did you enable InterVLAN routing for your "Wireless" VLAN?
Also, can you do me a favour and try to ping the 10.0.0.254 from any machine in your Wireless VLAN?
Can you also try to ping 10.0.255.255 and 20.0.255.255 in both VLANs. I want to see if you have any problem bridging between these VLANs.
Can you also show us a snapshot of the "edit" action in your VLAN rules tab?
I doubt the VLAN rules policy, it's not looking very right... I would expect it to do filtering based on VLANs rather than IP addresses.
Port the snapshot and I'll tell you what exactly is wrong.
Also, can you do me a favour and try to ping the 10.0.0.254 from any machine in your Wireless VLAN?
Can you also try to ping 10.0.255.255 and 20.0.255.255 in both VLANs. I want to see if you have any problem bridging between these VLANs.
Can you also show us a snapshot of the "edit" action in your VLAN rules tab?
I doubt the VLAN rules policy, it's not looking very right... I would expect it to do filtering based on VLANs rather than IP addresses.
Port the snapshot and I'll tell you what exactly is wrong.
ASKER
pgstephan, Thanks for your response!
I enabled interVLAN routing for both VLANs. (Attached screenshots)
I can ping 10.0.0.254 via CMD without issues on wireless, but I cannot access it via the internet browser while on wireless.
10.0.255.255 and 20.0.255.255 cannot be reached by either VLAN. I don't think there is anything at those addresses?
Also adding the screenshot of the two rules I made for the printer at 10.0.0.209 on VLAN1
Untitled.png
I enabled interVLAN routing for both VLANs. (Attached screenshots)
I can ping 10.0.0.254 via CMD without issues on wireless, but I cannot access it via the internet browser while on wireless.
10.0.255.255 and 20.0.255.255 cannot be reached by either VLAN. I don't think there is anything at those addresses?
Also adding the screenshot of the two rules I made for the printer at 10.0.0.209 on VLAN1
Untitled.png
Hi mate,
That means the problems is solved, since you're able to ping across from the wireless VLAN.
You probably have a proxy set in your web browser that's why you can ping 10.0.0.254 but you can't access it from the browser (try clearing all proxy settings in your browser).
10.0.255.255 and 20.0.255.255 will not be reached anyway (they're both broadcast IP addresses). All I needed was to see if the broadcast domain is really limited to your VLAN (no vlan leaking between the 2).
In the Edit VLAN-VLAN service, you need to add another rule with the Destination VLAN user as (10.0.0.209). Because traffic is bidirectional right? So you had from the printer, now you need to allow a rule for the "to" the printer.
Let me know how it goes.
That means the problems is solved, since you're able to ping across from the wireless VLAN.
You probably have a proxy set in your web browser that's why you can ping 10.0.0.254 but you can't access it from the browser (try clearing all proxy settings in your browser).
10.0.255.255 and 20.0.255.255 will not be reached anyway (they're both broadcast IP addresses). All I needed was to see if the broadcast domain is really limited to your VLAN (no vlan leaking between the 2).
In the Edit VLAN-VLAN service, you need to add another rule with the Destination VLAN user as (10.0.0.209). Because traffic is bidirectional right? So you had from the printer, now you need to allow a rule for the "to" the printer.
Let me know how it goes.
ASKER
Hey,
Well, as far as the VLAN rules go, If you look at my picture in last port, I have 2 rules. One below the first. One is to 10.0.0.209 from ANY and one to ANY from 10.0.0.209.
I also cleared all proxy settings and I still cannot connect to 10.0.0.209 or 10.0.0.254. When wired onto VLAN1 I can connect 10.0.0.209 and it shows real time printer use. I used both IE and Firefox with cleared proxy settings but I wasn't able to connect to either via wireless.
Again, thanks a lot for all your help!
EDIT: I think I was mistaken earlier about being able to ping 10.0.0.254 via wireless. I just tried to ping it and got 100% loss and no changes were made to anything.
Well, as far as the VLAN rules go, If you look at my picture in last port, I have 2 rules. One below the first. One is to 10.0.0.209 from ANY and one to ANY from 10.0.0.209.
I also cleared all proxy settings and I still cannot connect to 10.0.0.209 or 10.0.0.254. When wired onto VLAN1 I can connect 10.0.0.209 and it shows real time printer use. I used both IE and Firefox with cleared proxy settings but I wasn't able to connect to either via wireless.
Again, thanks a lot for all your help!
EDIT: I think I was mistaken earlier about being able to ping 10.0.0.254 via wireless. I just tried to ping it and got 100% loss and no changes were made to anything.
I'll ignore the fact that you can't manage your device from the Wireless VLAN (this could be a management setting where you can only manage the box from the main VLAN).
This is now looking like your printer's default gateway is not correct, so the problem might be in the return traffic from the printer.
How does your printer get its IP address? Is it static or dynamic through DHCP?
I'd recommend you put a static entry for the printer in your DHCP and reconfigure the printer to receive its IP address via DHCP.
If it's static, then make sure the default-gateway on the printer is set to the router's routed interface in the printer VLAN.
Let me know how it goes, I'm quite interested to fix this challenge...
This is now looking like your printer's default gateway is not correct, so the problem might be in the return traffic from the printer.
How does your printer get its IP address? Is it static or dynamic through DHCP?
I'd recommend you put a static entry for the printer in your DHCP and reconfigure the printer to receive its IP address via DHCP.
If it's static, then make sure the default-gateway on the printer is set to the router's routed interface in the printer VLAN.
Let me know how it goes, I'm quite interested to fix this challenge...
ASKER
Everything on VLAN1 is assigned static IP addresses as well as the printer. I am attaching picture of the printer's tcp/ip settings. I am going to add VLAN rules for a different printer to make sure it's my network settings and not the printer itself. The printer has to remain static since all the PCs on VLAN1 are setup to look for it at 10.0.0.209.
The printer in question was a OCE printer, I also added VLAN rules for a HP4000 printer on 10.0.0.210 and I still wasn't able to connect to it via wireless.
Also is it okay if both VLANs are on the same subnet? 255.255.0.0
20130710-090657.jpg
The printer in question was a OCE printer, I also added VLAN rules for a HP4000 printer on 10.0.0.210 and I still wasn't able to connect to it via wireless.
Also is it okay if both VLANs are on the same subnet? 255.255.0.0
20130710-090657.jpg
Yes, there is no problem with both VLANs to have the same subnet mask.
Can i ask you please to go in the VLAN rules and click on the "edit' bottom and show us a snapshot of the input? Thx
Can i ask you please to go in the VLAN rules and click on the "edit' bottom and show us a snapshot of the input? Thx
Can you show me the "LAN Settings" tab for the Wireless VLAN? Thx
ASKER
Can you show me the 'advanced' tag in the routing section?
This is a layer-3 problem, I can't believe that it took us that long to nail it down!
This is a layer-3 problem, I can't believe that it took us that long to nail it down!
Under the Network Config, can you send me the snapshot of the Routing tab??? and WAN Settings...
There will probably be something wrong in the Routing tab :D
There will probably be something wrong in the Routing tab :D
ASKER
Thanks again for your help! Here it is.
Untitled.png
Untitled.png
ASKER
I've requested that this question be deleted for the following reason:
No answer
No answer
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all your help!