Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 7572 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Loopback from Guest Wifi to LAN

withanHdammit

I'm on an XG running SFOS 16.05.3 MR-3.

I have a private LAN and a Guest Wifi zone.  My printer is on the LAN and I want the guest wifi users to be able to print to the printer.  I have a rule set to allow the traffic but the print jobs do not come through.

Firewall rule for this is:



This thread was automatically locked due to age.
  • 0

    Hi, the Printer is set with ip 192.168.0.6 in wifi devices ?

    By the prints i suppose that your wifi network is 192.168.0.0/xx and your lan is 172.16.17.0/24.

    You configure a NAT saying any packet from WiFi LAN and destination:192.168.0.6 with port:9000, change 192.168.0.6 for printer IP ( 172.16.17.100 for example ) and also change source ip to 172.16.17.254 (probably is internal IP of the firewall XG ).

    But in this NAT the destination is written by #Port2-192.168.0.6, its means the ip 192.168.0.6 is a ip of the Port2 of the firewall. For it work you must set the printer ip to 192.168.0.6 too. because if there are another IP for printer set in your wifi devices, it sends a packet to Port2 of sophos by routing, not for destination 192.168.0.6.

    Or you can set the ip printer in devices on WIFI like another ip of the net 192.168.0.0/xx like 192.168.0.100 and set this ip on the net rule with destination IP.

  • 0

    I dont think a DNAT is going to work in this case. A network rule would be better in this scenario. Create a service for tcp port 9100 (* -> 9100; you can also add 9100 -> * to the service): Accept this service for (WiFi (Any Host) to LAN (Printer's IP)