Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Subscribers 27 subscribers
  • Views 6908 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Suggestion - Do a write up on Setting up a printer behind the firewall on the Lan side

ADogNamedGromet

I would like to see a simple write up on how to set up a printer

to be safely accessible by other machines on the network.    It is a really common that most offices need to do.  I don't think it should be this difficult.

The printer should allow prints and still be safe from intrusion.  

 

My specific instance is a brother lazer printer with a scan option.  Which would need two way traffic.

 

I might also suggest simple setups for or other standard office hardware like Image Scanners,  Label makers, Plotters,  Voip,  IP cameras,  3d Printers,  Streaming devices, like Sonos.  Plex servers and many more.

Many many android devices that DHCP works well for.

 

Right now we really need the printer issue resolved.  The rest can follow.  

 

But a standard Write up would help everyone with the same problem. 



This thread was automatically locked due to age.
Parents
  • 0

    Hey  

    Thanks for you feedback and suggestion!

    To clarify with the issue you experienced, was your local printer unable to be accessed by other local machines on the same zone/network subnet? If so, what firewall rules did you configure to resolve this?

    Regards,

  • 0 in reply to FloSupport

    I am not sitting in front of it right now.  As far as I know they are all on the same subnet and zone.    It is not resolved at this stage.

    But I have a group for the work machines and Static IP addresses for them and a separate group for the printer with a Static IP address.   

    Maybe they should be in the same group.

     

    I have found some information that points toward putting in a Dnat which I am trying to do and I also put in a Lan to Lan allow rule.

    None of that has allowed a print to go through.    I have also allowed TCP and UDP to communicate also.

    I shouldn't need degree in IT security to do this.   

     

    This is such a common thing that Everyone should be able to do it without weeks of searching.

    I cannot find a simple video or document on setting up Basic Safe communication between Machines and Printers or even Machines to Machines.

    I think this needs to be clearly addressed in the documentation section.  Even just clearly what Zones are, What groups are, and how they can be used together. to build your network.

     

    Mike Fauchers youtube Video is the clearest explanation of all of this that I can find.  (If you can make videos like that I can understand it all.)

    It was working before I put the Firewall in.  I have possibly have one small setting wrong somewhere.

    I will post my settings later when I am in front of the screen.  Thanks Rick M

  • 0 in reply to ADogNamedGromet

    Hi Rick,

    I apologize for the issues and inconvenience you have experienced while getting our product setup. Out of curiosity, when you purchased your device from your Sophos Partner/Reseller, did they advise or assist you with getting it setup? We do have a professional services team to assist with your initial setup and migration, along with providing how-to's and quick tutorials so to quickly get you up to speed with your new device. I would highly suggest this to avoid any potential issues you may run into in the future.

    In regards to Videos and Documentation, I can point you to the Sophos Videos we have (link in my signature), our handy documentation website, and our extensive KB library.

    I can quickly point you to our KB for Zones, and also the SFOS help and Admin Guide (p.66/67) for IP Host Groups.

    • Group objects are used to easily define multiple IPs, IP networks, Ranges, Lists, etc. into a single object to use in configurations (Firewall rules, Web Policies, etc.)

    Regards,

  • 0 in reply to FloSupport

    Hi  I am sitting in front of it now.  I think I am at the stage where I have tried everything reasonable.  

    As much as all the documentation is helpful.  I cannot figure out where my settings are wrong.  

     

    I have followed as much logic as I can and even have every machine and printer pingable.   The rules of Lan to Lan are there even spelling out the IP range the office machines and printers are on.

    I have some setting wrong.  We have had to resort to pulling a Long USB cable across the room. 

     

    You need some basic videos that are very to the point and clear.  I realize the Sophos system is quite powerful and scale able but sometimes one needs to just do something simple.

    I will need to call in for help as I don't know what else to do.  Thanks for your help so far.

     

    Regards Rick M 

  • 0 in reply to ADogNamedGromet

    Hi Rick,

    Please don't hesitate to PM me in the event you had further inquiries or if you wanted me to look into one of your support cases.

    Best,

  • +1 in reply to FloSupport

    I just called in and got it resolved quite quickly.

    Thanks.  It was actually a windows driver issue.

    Regards Rick M

  • 0 in reply to ADogNamedGromet

    Another good writeup to do (I am thinking simple ones.)  is hardware setup and also the simplified uses of ports vs zones, vs groups, vs users, Static and dynamic IP addresses and machines etc.

     

    I can see how each thing is used but I don't know in what order they should be placed.

    This way a person knows how to use each of them easily when they are designing their network.  They will have all kinds of hardware and different people who use them.

     

    Eg we have a home office.  It needs Admin people,  Manager that needs access,  Staff that need a different kind of access,   Then we have machines for streaming video in the house and also restrictions on kids computers.   Printers and then a slew of Android devices that are almost managed.

     

    We also have specific equipment and switches for it all.

    This can be set up in many ways and each scenario is different per office or house.

     

    This could have nice over view videos on how to set all that up.

    Just an Idea.

     

    Another Idea is a set of videos on problem solving and identification of sources.  I see a fair bit of Trouble shooting info but not really clear videos on it.    

    Like I was trying to get Mac addresses from various hardware and it was difficult to get and add to the Static IP list.   But a general over view of how to get different kinds standard info out of our hardware.

     

    Just some thoughts on Videos.  I hope it helps in some way.  It is a great product and some helpful documentation or videos would be really good to have.

    Regards Rick M

Reply
  • 0 in reply to ADogNamedGromet

    Another good writeup to do (I am thinking simple ones.)  is hardware setup and also the simplified uses of ports vs zones, vs groups, vs users, Static and dynamic IP addresses and machines etc.

     

    I can see how each thing is used but I don't know in what order they should be placed.

    This way a person knows how to use each of them easily when they are designing their network.  They will have all kinds of hardware and different people who use them.

     

    Eg we have a home office.  It needs Admin people,  Manager that needs access,  Staff that need a different kind of access,   Then we have machines for streaming video in the house and also restrictions on kids computers.   Printers and then a slew of Android devices that are almost managed.

     

    We also have specific equipment and switches for it all.

    This can be set up in many ways and each scenario is different per office or house.

     

    This could have nice over view videos on how to set all that up.

    Just an Idea.

     

    Another Idea is a set of videos on problem solving and identification of sources.  I see a fair bit of Trouble shooting info but not really clear videos on it.    

    Like I was trying to get Mac addresses from various hardware and it was difficult to get and add to the Static IP list.   But a general over view of how to get different kinds standard info out of our hardware.

     

    Just some thoughts on Videos.  I hope it helps in some way.  It is a great product and some helpful documentation or videos would be really good to have.

    Regards Rick M

Children