Printing across VLANs

I have a wireless printer (HP Envy 5055) that is connected to VLAN 99 (configured in Unifi as a separate SSID). If my phone/computer is connected to the same network as the printer, I can print. If my phone/computer is connected to a different SSID (say VLAN11), I cannot print.

All VLANs are currently configured as any/any in pfSense. While on VLAN11, I can successfully ping the printer on VLAN99 so I know the communication is working… I just can’t print. I will admit that the printer does say that the device and printer must be on the same network but surely there is a way to make this work. Am I missing something obvious (e.g the printer telling me it must be on the same network) or just wasting my time?

Edit: I did see a previous post about enabling mDNS in Unifi but I do not have a UniFi Security Gateway which is required to enable this. I have Avahi enabled in pfSense though for both networks in question

I solved that on my home net - where I initialy had the printer (Airprint + IP) on the outside (WAN) of the PFSense box.

Install Avahi, description below. Avahi should allow the required broadcasts/multicasts across VLANS/Interfaces:

Avahi net 2.1_1 Avahi is a system which facilitates host and service discovery in local networks via mDNS (Multicast DNS) and DNS-SD (DNS Service Discovery). This package allows mDNS/DNS-SD protocols to work across multiple LAN segments. mDNS/DNS-SD is known in Apple circles as “Bounjour” and is part of the Zeroconf suite of protocols.

1 Like

Thanks for the response! I have Avahi enabled for the VLANs in question. Still running in to issues.

I know Tom has said that printers + VLANS = meh. Does the printer support a 2nd IP? Is the printer
& router on the same VLAN?

Seeing as you have comm, I think that the printer, lets say on 10.2.33.x is rejecting / dropping the request coming from 10.2.44.x .

Have you looked at the printers logs?

Printer running latest firmware?

If you move the printer to VLAN-Y (from VLAN-X) , does the issue persist?

If you shutdown your PC & then upon reboot, connect to VLAN-Y (without 1st connecting to VLAN-X) does the issue persist?

Yeah I’m starting to feel the same way about this printer… Regarding your questions:

  • Does the printer support a 2nd IP?
    Negative

  • Is the printer & router on the same VLAN?
    No, printer is on vLAN and router is on LAN.

  • Have you looked at the printers logs?
    No I hadn’t… After looking, this is all it says " System Error - Network connection error. Check network and try again." Bear in mind, this is while the printer is successfully connected to my network and I can print to it (assuming I’m on the same VLAN).

  • Printer running latest firmware?
    Yes

  • If you move the printer to VLAN-Y (from VLAN-X) , does the issue persist?
    Yes. The printer can be on any VLAN and as long as my computer is on that same VLAN, I can print. If the printer and computer (or phone) are not on the same VLANs, I can’t printer.

  • If you shutdown your PC & then upon reboot, connect to VLAN-Y (without 1st connecting to VLAN-X) does the issue persist?
    Correct - issue persists

I’ll add one other thing… I did have to do some tinkering in Unifi to get the printer to successfully connect to the network. I had to disable:

  • High Performance Devices
  • Fast Roaming
  • Multicast and Broadcast Filtering

I have my printers on a separate VLAN and use a CUPS server to allow my devices both android and Linux to print to them, I also have a windows computer set to print using the CUPS server too.

Thanx for the feedback. Check firewall rules ? WHat if the printer joins the routers LAN instead? OR if you use print-to-email (not a great solution but in a pinch it could work).

All VLANs are any/any while I got everything set up. I’ll start doing those restrictions next I hope.

I ended up just joining the printer to the main private vlan… Perhaps I’ll revisit this at another time but the frustration to reward ratio was out of balance on this one.

1 Like

Issue is - likely - that broadcasts do not traverse the router between VLAN’s

So any/any won’t transfer broadcasts to another network segment.

Which is often a benefit - and reason for using VLAN’s - having several broadcast domains to avoid swamping a larger network with noise. Except when the noise is an AirPrint printer or similar.

Avahi is supposed to fix that. I know I managed to fix it when I briefly had my printer on the outside of the pfSense box. However - I think I had to re-add the printer using it’s IP Address on my MacBook.

I had actually tried resetting all print settings on my MacBook and re-adding the printer using various protocols as well as by IP. Perhaps I’ve missed something somewhere but for now, I’ll leave it on the private vlan and start planning a NAS killer build. Thanks again!

1 Like

Hello, I assume you fixed this but I saw this post when I was looking to do the same thing in UniFi.

Assuming you have a HOME vlan (PC) and an IOT Vlan (PRINTER) set up.

Verify that you can ping the printer from your PC. If not, turn off your windows firewall and try. If that works, then you must add a rule to allow other networks through your PRIVATE NETWORK firewall. You can allow 192.168.0.0/16 for example. Then turn back on the firewall.

Now that you know you can ping (and get the reply) from the printer. Set the IP in UnifI console as static for the Printer.

Then add a printer using the IP address from the windows control panel and windows 10 is pretty good about finding setting up the drivers. (Or you can cheat and add the printer locally or be in same vlan to get the drivers installed so when you do the IP printer install they are already there.)

Then with the printer as static IP, that printer in you windows PC should work. Did for me.