The answer for bonjour/airprint across networks seems to be avahi-daemon (
https://community.spiceworks.com/how_to/38251-build-your-own-bonjour-gateway)
which is conveniently available if I do a custom build of astlinux. So I
will try that. But first I need to get traffic going between the subnets.
I don't want all-or-nothing, just access to the printers, so I'll try
custom rules. I think a route from vlan->specific printer IP in one
direction and printer IP -> any subnet IP in the other direction will do it.
David.
On Sun, May 29, 2016 at 4:27 PM, Lonnie Abelbeck <li...@lonnie.abelbeck.com>
wrote:
> David,
>
> If you configured your guest VLAN network on the DMZ interface you could
> add a "Pass DMZ->LAN" rule to pass IPP to your printer. You would also
> want to "Pass DMZ->Local" for DHCP and DNS (UDP 53,67,68).
>
> By default LAN interfaces are isolated from each other, or check "Allow
> LAN to LAN for the ..." to allow any traffic between the selected LAN's.
> All or nothing. Without creating a custom-rule, there does not seem an easy
> way to allow only certain packets between LAN's other then using the DMZ.
>
> Regardless, they would be in different link-level broadcast domains,
> definitely a security feature, but less convenient. Classic security vs.
> convenience.
>
> > For extra credit it would ideally be discoverable (bonjour / AirPrint)
> for iPads.
>
> Purchase a second printer. :-)
>
> Lonnie
>
>
> On May 29, 2016, at 12:23 PM, David Kerr <da...@kerr.net> wrote:
>
> > So, lets say I have a guest network on a vlan, and I have my regular
> network. On that regular network I have a printer attached which I would
> like my guests to have access to. For extra credit it would ideally be
> discoverable (bonjour / AirPrint) for iPads.
> >
> > Any suggestion as to how this could be setup? My best guess at the
> moment is to use IPP and just access the printer through external IP
> address, port 631, which I then route to the printer. But that is
> certainly not discoverable by iPads, and is there a way to route between a
> vLan and a regular Lan?
> >
> > Thanks
> > David
>
>
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
