Nebula/on-prem: bonjour reflection (e.g. AirPrint, Chromecasts, Spotify)
Hello everyone,
I am looking for some improvements about the need to share printers across differents VLANS. That is needed when you have multifunctions to be shared across different subnets and when you want to be green-friendly (buying only one printer) but also be careful about IT security with WiFi guests.
I was on this page since some time, there is no easy solution and this is my result: I am not able to find any solution inside Zyxel documentation.
Some other network players have the ability to use mDNS reflection with easy steps setting the repeater function. With latest documentation you can enable it with:
set service mdns repeater interface eth1
set service mdns repeater interface eth2
so you can set how to reflect the packets you need to use to print/scan via AirPrint and other bonjour services.
You can use also a project on GitHub:
Anyway there is NO easy solution with both configs:
- on-premise
- Nebula controlled
versions of:
- firewalls
- security routers
to share a printer (or another device Chromecasts or Spotify...) between different VLANS, a part from allowing traffic to that specific IP printer using the rules, but loosing easy management via bonjour.
For example, a printer is 192.168.1.100
You set VLANS to have 192.168.10.0/24 and 192.168.11.0/24 separated networks for your specific usage like guests, IoT and so on…
You have to create rules to block any sort of traffic from x.x.10.x and from x.x.11.x to x.x.1.x while you allow to reach only 192.168.1.100 and in this way you can ping that printer and print with it, using traditional drivers (from Win/Mac) and apps (from iOS/Android)
You loose easy config with AirPrint, anyway you can avoid to buy a printer for each subnets.
Hope this helps.
It should be mandatory to have the possibility to have an option to use reflection for the packets needed without exposing the whole subnet to IT risks, for example when giving tablet to guests to allow them to manage music but being sure you are not allowing them to reach other important items inside your network.
Categories
- All Categories
- 417 Beta Program
- 2.5K Nebula
- 160 Nebula Ideas
- 108 Nebula Status and Incidents
- 5.9K Security
- 331 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 259 Service & License
- 402 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 80 Security Highlight