Printing to a 2nd office

hzk916 · 30 August 2024 08:31

Hi All

1st Office 192.168.0.0/24

2nd Office 192.168.17.0/24

I have setup a 2nd office for a company and have setup an IPFire Site-to-Site VPN connection between the 2 offices, this is working well and each side can see the other side. Both Offices have IPFire Hardware routers. The 1st Office has a (Virtual) server with a share that they scan to. They also are using an Azure AVD and there is a VPN (RoadWarriror) connection from the AVD to the 1st office for printing and seeing that scan folder, this is also working well. My problem is I need to be able to print to the 2nd office. In the 2nd office I don’t have PC’s but thin clients based on Pi4 and Stratodesk (linux).

What I think I need is a rule on the 1st IPFire to send anything with an address of 192.168.17.0/24 across the VPN to the 2nd Office?

steven · 30 August 2024 08:53

RoadWarriror is OpenVPN?

I think, you must give access to your 2nd-office-network in the client-options.

And then i think, you must create a firewall-rule, with source openvpn and destination ip-sec-2nd-office-network.

tphz · 30 August 2024 10:56

[edit]

The following page may be helpful

However, I think a simpler solution may be to add a RW (RoadWarriror) connection to the 2nd office.

Regards

nickh · 30 August 2024 19:22

But you say the Site-to-Site VPN is working well so it must be sending traffic to 192.168.17.0/24 to the second office.

What sort of printer are you trying to print to? Is it a LAN printer which uses Uni/Multicast for printer discovery. If so, it may be a problem.

hzk916 · 3 September 2024 17:27

There is a Kyocera Ecosys MA3500cix network printer in the 2nd Office on IP 192.168.17.17. I need to be able to print from the Cloud AVD to it. I have a support call in with Stratodesk and they may be able to sort it with a kind of RDP redirected printing from there system.

hvacguy · 3 September 2024 18:48

Would this be where you would use
A static route in Router 1 to printer in Router 2 network?

nickh · 3 September 2024 19:38

With IPsec, there should already be subnet/subnet routing in place. I was trying to determine if the printer uses multicast for network discovery, but I’ve failed. If it does use multicast, it won’t work through an IPsec tunnel. Let’s see what Stratodesk come up with.

hvacguy · 3 September 2024 21:17

I would try a static route.
And you may need a firewall rule on your thin client side.

Found this

dr_techno · 15 November 2024 03:14

Ok, So you need to print from the AVD client in Office #1.

Can you reach the printer’s web gui at 192.168.17.17 from office 1 from a web browser?

If so, it seems you need to have location override function enabled in Azure for it to attach a printer that you are connecting from.

Consult your windblows documentation on how to use universal print on Azure.