Im stuck… I first put all of my copiers over to a VLAN which is coming from pfSense, along with it’s DHCP server for the said VLAN. I needed AirPrint to function from our main network to this VLAN for copiers only. My main network is AD but only AD and DNS are running in the network from DC’s. VLANS, DHCP for all networks, and firewall runs on pfSense. I first tried Avahi. It worked for 1 day and then stopped. Never could figure out what happened other than it’s just not compatible with AD. What is the easiest way to allow my AirPrint enabled copiers on their VLAN (which is accessible from the main network) to be discoverable from my main network for iDevices used by employees on my network? Thanks to anyone who is willing to offer a little help!
Avahi is the answer, but you also need to make sure that you have the proper firewall rules to allow access to the printer VLAN.
So I need to allow traffic back from the VLAN? This doesn’t seem very secure. Kinda defeats the purpose of VLANS. My LAN already has access to said VLAN.
Printers do some real stupid stuff… I’ve seen printer drivers where the client sends the printer its IP and then the printer makes an SMB connection to the client to get the file to be printed. Do a packet capture on PFSense of everything to and from a printer’s IP to see what its trying to do.
You only need to allow access from the LAN to the printer VLAN. You don’t need rules that allow the printer VLAN back to the LAN. Also could you share your config for avahi?
The other interface selected in the allowed interfaces list is my copier VLAN. All traffic is allowed on LAN.
Should I be creating any manual DNS entries on my AD for Avahi?
I’ve read that Avahi and AD dont get along well. Not sure if thats reliable info or not.