Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 12758 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Printing issue

TonV

I have a very annoying printer problem on my terminal server, where print jobs with a image (word, pdf, or plain image) will get stuck and try to restart but fail every time in the printing queue.

This all started at the time we changed the cisco to a Sophos XG 125, and I don't know if this has anything to do with it but maybe someone experience the same.

 

Here is the situation.

 

Site A uses a Sophos XG 125, terminal server is hosted at this location. subnet 192.168.60.x 255.255.255.0

Site B uses a Sophos XG 135, and the printers that show problems are on this location. subnet 192.168.0.x 255.255.224.0

 

There is a IPSEC site-to-site vpn between those 2 sites using DefaultBranchOffice and DefaultHeadOffice

 

Our users connect from both locations to the terminal servers, all the printers for both locations are locally connected to the terminal server, so we do not use redirection. No one has problems on site A printing to a printer on that site, but people on Site B do have problems when printing to printers on site B, but only when someone prints some kind of document with a image in it.

 

Firewall use LAN to VPN and VPN to LAN exist on both Sites.

 

- Printers with problems are all HP models (HP M477, HP M401, HP M570)

- Terminal Server (Server 2008 R2)

- Driver (Universal Print) 

 

As I said before, maybe the Sophos XG has nothing to do with this, but this all started when the Sophos was placed so maybe there is a link.



This thread was automatically locked due to age.
  • 0

    Hi Ton , 

    If you suspect the issue with IPsec VPN or XG dropping the connections. Could you check if traffic flow between the terminal server and Printer at Site A and B ?  While sending the test page command to the printer from the terminal server. You may capture the packets using diagnostics utility and check on both ends XG 125 and 135 to check if the packets are forwarded to your printer or not. 

  • 0 in reply to Aditya Patel

    Test page would always print succesfully. We have now disabled every option on both sites (Anti-virus, Web policy, IPS, Application Filter) and the printing problem is gone. When we used the packet capture I could see the packages forwarded.

     

    So my hunch was correct, it is something that is scanning the print job and sees a certain image type and doesn't like it.

  • 0 in reply to TonV

    Ton,

    the only filter that can apply is IPS. Try by disabling one filter at time and let us know. Other filters should not applied (bug?)

  • 0 in reply to lferrara

    I finally found the problem: In the meantime we changed all the users to have the printer locally connected to their pc and bringing them with their RDP session, this workaround worked but was not ideal. 

    We use a application that generates labels that where send to a Zebra label printer, sometimes labels would print and other times the would get stuck in the printing queue. A few weeks ago I updates both Sophos firewalls to OS 17 and noticed that the IPSEC profile branch to head office was deprecated and would not connect properly, so switched to the new head and branch office policy and VPN would work again. But later also received complaints that the zebra printer would not print labels at all, I could see traffic going from the server to the printer over the tunnel but labels would not come out. 

    After this I figured it could be something with the encryption, so changed it to the lowest encryption possible, and tadaa labels would print again, and the whole printing issue was gone.

     

    Now my question, is there a way to fix this? Bandwith on both sites are more than capable. 50 mbit up and 50 down on site B and 500 mbit up and 40 down on site A.