Printing across VLANs

I have a wireless printer (HP Envy 5055) that is connected to VLAN 99 (configured in Unifi as a separate SSID). If my phone/computer is connected to the same network as the printer, I can print. If my phone/computer is connected to a different SSID (say VLAN11), I cannot print.

All VLANs are currently configured as any/any in pfSense. While on VLAN11, I can successfully ping the printer on VLAN99 so I know the communication is working… I just can’t print. I will admit that the printer does say that the device and printer must be on the same network but surely there is a way to make this work. Am I missing something obvious (e.g the printer telling me it must be on the same network) or just wasting my time?

Edit: I did see a previous post about enabling mDNS in Unifi but I do not have a UniFi Security Gateway which is required to enable this. I have Avahi enabled in pfSense though for both networks in question

I solved that on my home net - where I initialy had the printer (Airprint + IP) on the outside (WAN) of the PFSense box.

Install Avahi, description below. Avahi should allow the required broadcasts/multicasts across VLANS/Interfaces:

Avahi net 2.1_1 Avahi is a system which facilitates host and service discovery in local networks via mDNS (Multicast DNS) and DNS-SD (DNS Service Discovery). This package allows mDNS/DNS-SD protocols to work across multiple LAN segments. mDNS/DNS-SD is known in Apple circles as “Bounjour” and is part of the Zeroconf suite of protocols.

Thanks for the response! I have Avahi enabled for the VLANs in question. Still running in to issues.

I know Tom has said that printers + VLANS = meh. Does the printer support a 2nd IP? Is the printer
& router on the same VLAN?

Seeing as you have comm, I think that the printer, lets say on 10.2.33.x is rejecting / dropping the request coming from 10.2.44.x .

Have you looked at the printers logs?

Printer running latest firmware?

If you move the printer to VLAN-Y (from VLAN-X) , does the issue persist?

If you shutdown your PC & then upon reboot, connect to VLAN-Y (without 1st connecting to VLAN-X) does the issue persist?

Yeah I’m starting to feel the same way about this printer… Regarding your questions:

  • Does the printer support a 2nd IP?
    Negative

  • Is the printer & router on the same VLAN?
    No, printer is on vLAN and router is on LAN.

  • Have you looked at the printers logs?
    No I hadn’t… After looking, this is all it says " System Error - Network connection error. Check network and try again." Bear in mind, this is while the printer is successfully connected to my network and I can print to it (assuming I’m on the same VLAN).

  • Printer running latest firmware?
    Yes

  • If you move the printer to VLAN-Y (from VLAN-X) , does the issue persist?
    Yes. The printer can be on any VLAN and as long as my computer is on that same VLAN, I can print. If the printer and computer (or phone) are not on the same VLANs, I can’t printer.

  • If you shutdown your PC & then upon reboot, connect to VLAN-Y (without 1st connecting to VLAN-X) does the issue persist?
    Correct - issue persists

I’ll add one other thing… I did have to do some tinkering in Unifi to get the printer to successfully connect to the network. I had to disable:

  • High Performance Devices
  • Fast Roaming
  • Multicast and Broadcast Filtering

I have my printers on a separate VLAN and use a CUPS server to allow my devices both android and Linux to print to them, I also have a windows computer set to print using the CUPS server too.

Thanx for the feedback. Check firewall rules ? WHat if the printer joins the routers LAN instead? OR if you use print-to-email (not a great solution but in a pinch it could work).

All VLANs are any/any while I got everything set up. I’ll start doing those restrictions next I hope.

I ended up just joining the printer to the main private vlan… Perhaps I’ll revisit this at another time but the frustration to reward ratio was out of balance on this one.

1 Like

Issue is - likely - that broadcasts do not traverse the router between VLAN’s

So any/any won’t transfer broadcasts to another network segment.

Which is often a benefit - and reason for using VLAN’s - having several broadcast domains to avoid swamping a larger network with noise. Except when the noise is an AirPrint printer or similar.

Avahi is supposed to fix that. I know I managed to fix it when I briefly had my printer on the outside of the pfSense box. However - I think I had to re-add the printer using it’s IP Address on my MacBook.

I had actually tried resetting all print settings on my MacBook and re-adding the printer using various protocols as well as by IP. Perhaps I’ve missed something somewhere but for now, I’ll leave it on the private vlan and start planning a NAS killer build. Thanks again!

1 Like