brother wireless scanner access

I have two brother ADS1500 scanners that are wireless.  Recently updated my sonic wall to a TZ200  and need to know what settings to change to allow access to these scanners via my LAN.
joel fordAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CompProbSolvCommented:
If they are connecting to the wireless as before I'd not expect that you'd need any changes.

How simple or complicated is your firewall configuration with regard to the LAN?
0
joel fordAuthor Commented:
I had a TZ 170 prior to the TZ 200 and the firewall config. was set up via the wizard with no changes that I am aware of other than the defaults
0
hdhondtCommented:
If you are scanning to a folder on a PC or server, the scanner will use the SMB protocol, the same as that used for file sharing in Windows. SMB uses TCP port 445, and possibly port 139.

Make sure these ports are not blocked on the firewall.
0
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

CompProbSolvCommented:
Is it likely that the ports would be blocked on the LAN-LAN side of things?
0
Blue Street TechLast KnightCommented:
Hi Joel,

On your SonicWALL, by default the wireless and hard-wired traffic is segregated into Zones and cross Zone communication (LAN > WLAN, WLAN > LAN) is not allowed for security purposes. So in the Access Rules, make sure that both LAN > WLAN and WLAN > LAN Zones are set to allow at the very least the printer traffic (whichever service/port you have the printer running on) for example, port 9100 or you can set it to Any, Any, All to allow everything and filter afterward.

Let me know if you have any questions!
1
joel fordCommented:
Checked the sonic wall settings and the LAN to WAN and WAN to LAN  zones are set to Any, Any, All.

I have one pc that can connect to the scanners now but three other machines that cannot?
0
CompProbSolvCommented:
What about LAN to WLAN and LAN to WLAN?
0
joel fordCommented:
I don't see WLAN in my access rules?
0
CompProbSolvCommented:
To be clear..... your TZ200 has a built-in wireless access point?
0
joel fordCommented:
not to be ignorant but I assume it does?  I can access one of the scanners from one of my four desktops and it is only connected wirelessly.  does that help?
0
Blue Street TechLast KnightCommented:
Hi Joel,

To determine if your SonicWALL has built-in Wireless login to it and go to System > Status, then under model it should say TZ 200 wireless. Under Network > Interfaces, you should see a W0 Interface even if you haven't configured it. Lastly, you will see in the main tree structure of the navigation a Wireless section below 3G/4G/Modem and SonicPoint or Firewall.

If you don't have Built-in wireless, trace the physical cable on which port the wireless access point is plugged into and lookup the switchport's Zone. I'd assume it is LAN or LAN2. Understanding you Zone layout is critical to figuring out if a port or service is being blocked or not.

CRITICAL!!!
Checked the sonic wall settings and the LAN to WAN and WAN to LAN  zones are set to Any, Any, All.
The WAN > LAN Zone should never be set to Any, Any, Any, All...it makes your firewall worthless!!! You will be completely vulnerable to any attack and it completely compromises the integrity of your network security and all your devices within the network (servers, PCs, etc.). Unless you need to open up specific ports (which should be encrypted) you should only have the default Access Rule of Any, Any, Any, Deny or Discard.

Let me know how it goes!
0
joel fordCommented:
ok, confirmed that there is no built in wireless on my TZ200.  The X1 (WAN)  port is plugged into my Verizon router's LAN port and the X0 on the sonicwall is my LAN.  The access rules are using the defaults not as I described earlier.
0
CompProbSolvCommented:
The key here is following the path through the network from your wireless access point to the scanner.  It sounds as if it doesn't go through the TZ200 at all (other than possibly getting addresses from DHCP in the TZ200).

Find your wireless access point, confirm how it is connected to the LAN, and you'll be halfway there.  Check if it is really a wireless router connected to the LAN through the WAN port.  That would make things difficult.  If you could provide the IP address of the scanner and of one of the computers that is connected wired that would help.
0
masnrockCommented:
CompProbSolv pretty much stated things as you have it right now.

Do you have Verizon FiOS or DSL? And do you want your Sonicwall or Verizon router to be the device facing the internet? If you want your Sonicwall to face the internet, then you can do one of three things:
1) Configure your Verizon router as a passthrough and get a wireless access point.
2) Get a static IP from Verizon. This way you can configure that address on your Sonicwall (you may need to change some things on your Verizon router as well). The fate of the router depends on whether you have FiOS or DSL. If you have DSL, you're better off doing option 1 above. If you have FiOS, then you might need to change a setting on the Verizon router (easiest to have Verizon support help with this one).
3) Applicable only if you have FiOS: Connect your Sonicwall directly to your ONT via the Cat5 interface (this may require you run some cabling). You will need to get Verizon to provision the ONT for that interface to be active. Connect the WAN port of the Verizon router to a LAN port on the Sonicwall. You will also need to reconfigure the Verizon router so that it is expecting a signal from the WAN Ethernet port instead of the coax port. This will also require you to do port forwarding on the Sonicwall so that the TV service works properly (namely the channel guide and some other features). There is a way you can avoid using the Verizon router all together, but that will take extra steps AND require you get an access point.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
masnrockCommented:
Sufficient information provided to solve the issue
0
Blue Street TechLast KnightCommented:
Thanks for the points. Glad I could help!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Printers and Scanners

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.