Solved

Connect to wireless vlan with the ip of a different subnet

Posted on 2016-08-08
16
19 Views
Last Modified: 2016-08-28
I have 4 vlans, 3 of the vlans have ssids on our wireless access points. the 1 that is not is basically management.
all of the student laptops connect wireless to the student vlan. These laptops also have a wireless printer they print to. I would like to somehow connect the printer to wireless vlan students yet have a default vlan ip address without showing the world our default vlan.
Can this be done?
0
Comment
Question by:stevekee65
  • 7
  • 7
  • 2
16 Comments
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points (awarded by participants)
ID: 41747533
If you have the printer using an IP on the management subnet you can't connect it to the student VLAN.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41747536
I think it is possible if your access point has some firewall capabilities... as from vLan1 to vLan2 IP:x.x.x.x. allow all
0
 

Author Comment

by:stevekee65
ID: 41747546
we do have a watchguard firewall that the vlans are set up on.
0
 

Author Comment

by:stevekee65
ID: 41747547
to be clear, i want to connect to the student wireless signal, so i would be on the student vlan, but give the printer an ip of a different vlan.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41747549
So, definitively the configuration is possible... just use firewall rules to allow the correct traffic to that printer.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41747551
for example;

FROM: StudentVLAN
IP: ALL
Port/Protocol: ALL (we could restrict more here)
TO: DefaultVLAN
IP: (printer IP)
ALLOW
0
 

Author Comment

by:stevekee65
ID: 41747555
so i can be connected to 1 vlan with the ip of a different vlan. when the printer askes what vlan i want to connect to, i select student. then give it a different ip
0
 

Author Comment

by:stevekee65
ID: 41747576
what kind of proxy or packet filter would i use
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41747579
If everything is connected; laptops, printers, etc... and working in its own vlans properly, you don't need to reconfigure nothing, just give (ALLOW) access from one network (vlan) to another one using firewall rules.  The watchguard will take care of IP's and network translations.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41747582
By now, to see if the rule works, don't filter any protocol/port... once it work then you could configure to filter exactly the protocols needed...

Print servers may support a variety of standar or proprietary printing protocols including Internet Printing Protocol, Line Printer Daemon protocol, NetWare, NetBIOS/NetBEUI, or JetDirect.
0
 

Author Comment

by:stevekee65
ID: 41749035
Just to be clear, i have a wireless printer that is connected wirelessly to student vlan, 192.168.20.5 - 254 but the printer has a static ip address, 191.168.0.21 of a different vlan/subnet. can anyone verify that this will or not work?
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41749049
No, it won't work.  The network has different addressing.  To work that must change the printer IP to 192.168.20.x.
0
 
LVL 5

Expert Comment

by:Manuel Flores
ID: 41749056
Under my point of view you have two main options;

1.  Let he printer connected to vlan 192.168.20.x and change its IP.

2.  Let the printer to its original network (where it is working now), and using firewall rules allow transit data traffic from vlan 192.168.20.x to 191(?).168.0.21.

..MFlores..
0
 

Author Comment

by:stevekee65
ID: 41749098
i think the problem is that we dont have an ssid, wireless signal for the default lan, 191.168.0.
0
 

Author Comment

by:stevekee65
ID: 41749125
it will not work
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 41773573
Best answer chosen.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now