[SOLVED] Epson WF-3460 network printer not working

RouterOS General
1

Hello everyone,

I have been struggling on successfully setting up my WF3640 multi-functioning printer so that the local clients can use it. Some unsuccessful tests which I ran are pointed below. *one important information, the clients are routed through L2TP VPN so that they don’t receive my real public IP.
printer has a static ip.

  1. Made the printer in the same subnet network of the clients. Clients can ping the printer IP but cannot find the printer. (FAILED)
  2. Setting the printer in different subnet and then masquerade the subnet network with the client. (FAILED)
  3. Setting the printer in different subnet and then masquerade the subnet network with the client also exclusively set firewall filters to accept dst-ip to printer IP. (FAILED)


    Below you can find the prints for my current settings with DHCP, IP ADDRESS, IP ROUTE, IP FIREWALL FILTER, IP FIREWALL NAT, IP FIREWALL MANGLE

/ip address> print

[xX_Dark.Angel_Xx@MikroTik_Essen.de] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                
 0   ;;; guests
     192.168.100.1/24   192.168.100.0   bridge                                   
 1   ;;; dark.angel
     192.168.101.1/24   192.168.101.0   bridge                                   
 2   ;;; alu
     192.168.103.1/24   192.168.103.0   bridge                                   
 3   ;;; sam
     192.168.102.1/24   192.168.102.0   bridge                                   
 4 I 192.168.0.12/24    192.168.0.0     WAN2                                     
 5   192.168.0.11/24    192.168.0.0     WAN1                                     
 6   ;;; network_devices
     192.168.99.1/24    192.168.99.0    bridge                                   
 7 D 10.0.1.66/32       1.0.0.1         L2TP-ExpressVPN-02                       
 8 D 10.0.1.219/32      1.0.0.1         L2TP-ExpressVPN-01                       
 9 D 10.0.1.171/32      1.0.0.1         L2TP-ExpressVPN-03

/ip dhcp-server> print

[xX_Dark.Angel_Xx@MikroTik_Essen.de] /ip dhcp-server> print
Flags: X - disabled, I - invalid 
 #   NAME       INTERFACE     RELAY           ADDRESS-POOL     LEASE-TIME ADD-ARP
 0   defconf    bridge                        guest            10m

/ip dhcp-server network> print/b]

[xX_Dark.Angel_Xx@MikroTik_Essen.de] /ip dhcp-server network> print
 # ADDRESS            GATEWAY         DNS-SERVER      WINS-SERVER     DOMAIN     
 0 ;;; network_devices
   192.168.99.0/24    192.168.99.1    8.8.8.8        
                                      8.8.4.4        
 1 ;;; guest
   192.168.100.0/24   192.168.100.1   8.8.8.8        
                                      8.8.4.4        
 2 ;;; dark.angel
   192.168.101.0/24   192.168.101.1   8.8.8.8        
                                      8.8.4.4        
 3 ;;; sam
   192.168.102.0/24   192.168.102.1   8.8.8.8        
                                      8.8.4.4        
 4 ;;; alu
   192.168.103.0/24   192.168.103.1   8.8.8.8        
                                      8.8.4.4

/ip route> print

[xX_Dark.Angel_Xx@MikroTik_Essen.de] /ip route> print
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          L2TP-ExpressVPN-01        1
 1 A S  0.0.0.0/0                          L2TP-ExpressVPN-02        1
 2 A S  0.0.0.0/0                          L2TP-ExpressVPN-03        1
 3 A S  0.0.0.0/0                          192.168.0.1               1
 4 ADC  1.0.0.1/32         10.0.1.66       L2TP-ExpressVPN-02        0
                                           L2TP-ExpressVPN-01
                                           L2TP-ExpressVPN-03
 5 ADC  192.168.0.0/24     192.168.0.11    WAN1                      0
 6 ADC  192.168.99.0/24    192.168.99.1    bridge                    0
 7 ADC  192.168.100.0/24   192.168.100.1   bridge                    0
 8 ADC  192.168.101.0/24   192.168.101.1   bridge                    0
 9 ADC  192.168.102.0/24   192.168.102.1   bridge                    0
10 ADC  192.168.103.0/24   192.168.103.1   bridge                    0

/ip firewall filter> print

[xX_Dark.Angel_Xx@MikroTik_Essen.de] /ip firewall filter> print
Flags: X - disabled, I - invalid, D - dynamic 
 0  D ;;; special dummy rule to show fasttrack counters
      chain=forward action=passthrough 

 1    ;;; defconf: accept ICMP
      chain=input action=accept protocol=icmp log=no log-prefix="" 

 2    ;;; defconf: accept established,related
      chain=input action=accept connection-state=established,related log=no 
      log-prefix="" 

 3    ;;; defconf: drop all from WAN
      chain=input action=drop in-interface=WAN1 log=no log-prefix="" 

 4    ;;; defconf: fasttrack
      chain=forward action=fasttrack-connection 
      connection-state=established,related log=no log-prefix="" 

 5    ;;; defconf: accept established,related
      chain=forward action=accept connection-state=established,related log=no 
      log-prefix="" 

 6    ;;; defconf: drop invalid
      chain=forward action=drop connection-state=invalid log=no log-prefix="" 

 7    ;;; defconf:  drop all from WAN not DSTNATed
      chain=forward action=drop connection-state=new 
      connection-nat-state=!dstnat in-interface=WAN1 log=no log-prefix=""

/ip firewall nat> print

[xX_Dark.Angel_Xx@MikroTik_Essen.de] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic 
 0    ;;; defconf: masquerade
      chain=srcnat action=masquerade out-interface=WAN1 log=no log-prefix="" 

 1    ;;; defconf: masquerade
      chain=srcnat action=masquerade out-interface=WAN2 log=no log-prefix="" 

 2    ;;; L2TP-ExpressVPN-01
      chain=srcnat action=masquerade out-interface=L2TP-ExpressVPN-01 log=no 
      log-prefix="" 

 3    ;;; L2TP-ExpressVPN-02
      chain=srcnat action=masquerade out-interface=L2TP-ExpressVPN-02 log=no 
      log-prefix="" 

 4    ;;; L2TP-ExpressVPN-03
      chain=srcnat action=masquerade out-interface=L2TP-ExpressVPN-03 log=no 
      log-prefix="" 

 5    ;;; Local
      chain=srcnat action=masquerade out-interface=bridge log=no log-prefix=""

/ip firewall mangle> print

[xX_Dark.Angel_Xx@MikroTik_Essen.de] /ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic 
 0  D chain=forward action=change-mss new-mss=1410 tcp-flags=syn protocol=tcp 
      out-interface=all-ppp tcp-mss=1411-65535 

 1  D chain=forward action=change-mss new-mss=1410 tcp-flags=syn protocol=tcp 
      in-interface=all-ppp tcp-mss=1411-65535 

 2  D ;;; special dummy rule to show fasttrack counters
      chain=prerouting action=passthrough 

 3  D ;;; special dummy rule to show fasttrack counters
      chain=forward action=passthrough 

 4  D ;;; special dummy rule to show fasttrack counters
      chain=postrouting action=passthrough 

 5    chain=prerouting action=passthrough src-address=192.168.99.0/24 log=no 
      log-prefix="" 

 6    chain=prerouting action=mark-routing new-routing-mark=L2TP01 
      passthrough=yes src-address=192.168.100.0/24 dst-address=!192.168.99.0/24 
      log=no log-prefix="" 

 7    chain=prerouting action=mark-routing new-routing-mark=L2TP01 
      passthrough=yes src-address=192.168.101.0/24 dst-address=!192.168.99.0/24 
      log=no log-prefix="" 

 8    chain=prerouting action=mark-routing new-routing-mark=L2TP02 
      passthrough=yes src-address=192.168.102.0/24 dst-address=!192.168.99.0/24 
      log=no log-prefix="" 

 9    chain=prerouting action=mark-routing new-routing-mark=L2TP03 
      passthrough=yes src-address=192.168.103.0/24 dst-address=!192.168.99.0/24 
      log=no log-prefix=""

Please help me out setting up the network multi-functioning printer. Currently I am using the remote print service of epson which sends documents over the internet to epson’s print server.

2

Hello everyone and Abraham,

I am running into a similar issue with an Epson XP-610. My network layout is much simpler than your example. All devices are connected to the Wifi on 10.10.2.0/24 network. A couple of observations I’ve made so far:

  1. The printer worked on RouterOS 6.36 properly. Discovery, Print and Scan worked 100% of the time.
  2. Recently updated to 6.38.5 and no longer works. Printer gets an IP from DHCP and is directly accessible via IP. Any attempt to Discover it doesn’t work.
  3. If I power cycle the printer, it becomes Discoverable for a few minutes. Enough to get a print job out. Subsequent print jobs fail to Discover the printer.

I am currently going through the change logs between 6.36 and 6.38.5 to see if there’s anything that may have changed. I may look at downgrading back to 6.36 if possible and retest then upgrade incrementally until it breaks again.

Any other suggestions?

Regards,

Bryan

3

hello Bryan,

since all your devices are in same subnet, you can try setting a static DHCP IP or Static IP for the printer.
My printer (wifi connected) IP had 100ms+ latency when pinged from mikrotik itself but later when I changed to LAN connection, the latency fell to 1ms. You can try putting a cable connection with the printer.

Lastly use the epson software to re-setup the printer. during setup select wired connection (even if the printer is wireless connected) and then set as new device NOT EXISTING DEVICE.

Regards,
Abraham

4

Abraham et al.

The printer is Wifi only and has worked flawlessly until I did a recent firmware upgrade on the router OS. I had already tried re-setting up the printer and it already has a static IP from the DHCP server. The issue seems to be something with mDNS discovery of services in general. Like a default got changed and they are now blocked?

I’m really gonna try and do a firmware downgrade back to 6.36 and then work up.

Regards,

Bryan

5

Try 6.37.5 first. And if it works, just stick to the bugfix channel unless you have a really good reason to do otherwise.

6

SOLVED

after doing lots of trial and error finally i managed to solve the problem. now the printer is discover-able from both computers and mobile phones, even iOS AirPrint (Bonjour) is also working.

all I did was to set an addesses list for my local subnets and use the NOT function for dst-address list in the firewall mangle which marks the routing for L2TP vpn. Now the Printer subnet can pin any computers of local subnet as well as any computers on the local can find the printer.