DMZ device print to LAN zone printer

Newbie634913 Lv1Posted 23 Aug 2023 14:42

Last edited by Newbie634913 23 Aug 2023 16:38.

  
I setup the HP network printer on LAN zone (10.8.8.0/25), and I would like to allow DMZ (192.168.8.0/24, for WiFi) can print to that printer.
  
  
I configurate the “Application Control” that allow DMZ device to that printer. I tested on my iPhone that I can ping printer IP and access web portal of printer by Chrome app.
  
  
But when I want to print the document from my iPhone that cannot find the printer.
  
Checked my HP printer support airprint.

  
May I know is there any additional configuration need to setup?

KY has solved this question and earned 10 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

For this issue, it's recommended to raise a ticket for our support engineer to perform further troubleshooting. You may drop an email to our support email to raise a ticket.
Email: tech.support@sangfor.com
Is this answer helpful?
CLELUQMAN Lv4Posted 24 Aug 2023 09:02
  
have you try to troubleshoot ? see if any port got blocked by the NGAF.

System>Troubleshooting>Troubleshooting>Global passthrough and analysis >Turn On

then try to print again, and check the result.
Newbie517762 Lv5Posted 24 Aug 2023 09:37
  
HiHi,

Please review the following information regarding the blocked network ports by NGAF:

- For Airprint, the network ports are as follows:
  - Bonjour service: port 5353
  - Internet Printing Protocol (IPP): port 631

Furthermore, please find below a detailed description of the network ports used by Apple products:

Thanks.
Brooker Lv3Posted 28 Aug 2023 11:53
  
You mentioned that your HP printer supports AirPrint. Make sure that AirPrint is enabled on the printer itself. Sometimes printers might have an option to enable or disable AirPrint functionality in their settings.
Carrot Lv3Posted 28 Aug 2023 11:54
  
AirPrint and other similar features often rely on multicast traffic and the Bonjour service for device discovery. Ensure that multicast traffic is allowed between your DMZ and LAN networks. In some network setups, multicast traffic might be restricted or isolated by default, preventing device discovery.
Fisher Lv2Posted 28 Aug 2023 11:54
  
Bonjour uses mDNS for service discovery. If your network is segmented (which is likely the case between DMZ and LAN), you might need to configure mDNS reflection or mDNS repeaters to allow devices in different subnets to discover each other. Some routers have settings for this purpose.
Franky Lv3Posted 28 Aug 2023 11:55
  
Verify that the subnet mask and gateway configuration of the printer are correct. It should have the correct subnet mask (255.255.255.128 for the LAN network) and the gateway address pointing to the appropriate router interface in the LAN network.
Gomu Lv2Posted 28 Aug 2023 11:55
  
Double-check the firewall rules and application control settings on your network device that manages traffic between the DMZ and LAN networks.
Nami Lv2Posted 28 Aug 2023 11:55
  
Some wireless networks implement client isolation features that prevent devices on the same network from communicating directly with each other.
Racoon Lv2Posted 28 Aug 2023 11:56
  
Make sure that your WiFi network does not have such isolation enabled.

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders