Hi all,
I’ve got a question to setup a rule to reach a Wifi Printer which is installed on Blue.
At the moment I did something like this:
Source = StandardNetwork = Green
No Nat
Target = IP from the Printer on Blue
Protocol = ALL
Accept
Now I can Ping the Printer, but unfortunately nothing more. OperatingSystem couldn’t connect the printer.
Has anyone an idea how to set this up correctly?
Thanks in advance an best regards
You don’t need a firewall rule to access things on Blue from Green. Green is open to accessing machines on Blue as standard. Machines on Blue can not access anything on Green.
The fact that you can ping the printer suggests that you have filled out the Blue Access page
https://wiki.ipfire.org/configuration/firewall/accesstoblue
but maybe you can confirm just to be certain.
How were you trying to connect to the printer with your operating system, with CUPS?
Often OS’s use a form of discovery that is based on broadcast address searching to discover what printers are around.
From things I have read in the past I believe that broadcast address traffic can not be routed from one subnet (green) to another (blue).
I believe that you will need to set up the printer connection URI manually knowing the information about its IP etc.
Hi,
thanks a lot. that was the solution to add the Printer direct via IP and not use the broadcast.
Best regards
Good that you got things working using the direct IP rather than the broadcast discovery.
A possible alternative that might work for discovery of your printer is the addon mDNS Repeater, which I saw mentioned in the following post
https://community.ipfire.org/t/see-google-nest-on-blue-subnet-from-the-green-subnet/9539/3
Where the poster was interested in broadcast access from green to blue for smart thermostats.
I am not certain enough to say it will help your use case but it might be worth a try as according to the wiki page on the addon it requires very little configuration. Just the definition of the two subnets involved.
You know the printer can be accessed via the specific IP so it might be worth a quick test with the addon to see if that helps with the discovery process for the printer. If it does, then it would be good to mention that as a use case in the mDNS addon wiki page.