Help with routing
Hi All,
Whilst I've worked in IT for a number of decades, I'm no networking expert, so please be gentle with me!!
Starting a new job a few months ago, I've inherited a Watchguard solution, and I need some help configuring the Watchguards to allow printing in a very specific scenario.
Allow me to describe my setup. We have 6 offices, all connected via the Watchguards BOVPN. IP Ranges are different in each office, and are as follows:
Site 1: 192.0.0.x/24 - This is the site we VPN into and has a clustered set of M270 devices
Site 2: 192.168.16.x/24 - This site also has clustered M270 devices.
Site 3: 192.168.17.x/24 - This site has a Watchguard T40 device.
Site 4: 192.168.15.x/24 - This site has a Watchguard T40 device.
Site 5: 172.16.1.x/24 - This site has a Watchguard T35.
Site 6: 192.0.1x/24 - This site has a Watchguard T40 device.
All sites have their own print server.
I work for a firm of solicitors. Sometimes these solicitors work from home or from court, and have to VPN into the network. Typically, most users don't have their own laptop, they make use of 'pool laptops' (Windows domain connected). However, when they print, they need the print jobs to come out of the printer that's on the desk in their office (not at home, not at court).
If the user is located at site 1 (above). All is fine, and they can browse to the printer they need, and they can print. However, if they are located in any of the other 5 offices, they cannot see the print server in their own office.
For example, user Joe Bloggs normally works out of Site 5. He VPN's in from home and gets and IP Address from the Site 1 range. Therefore, his device cannot see the IP Range of site 5, and cannot browse for his own printer server.
Can anyone offer guidance on what changes I need to implement for Joe Bloggs to be able to see his own print server? I've thought of SNAT, but that hasn't worked.
I'm struggling here so any layman advice would be appreciated.
Thanks!
Comments
How about if Joe VPNs into site 5 instead of site 1?
"seeing" a print server uses Windows networking which works on broadcast packets. Windows networking broadcast don't route across across BOVPNs.
Hi Bruce, thanks for the response. Currently the only VPN is setup to connect into our main office, which is site 1. Are we saying it's just not possible under the current config?
You can add network printer by IP addr in Windows, so that would be an option.
But "seeing" a printer which is at a different site is not possible.
Have you looked at adding a remote printer to a main site print server, and see if that works?
I'll give that a bash, thanks