I’ve scoured the internet looking for information on VLANs and setting them up properly in Mikrotik. However, I can’t seem to get them to function as I want them to.
I have a network setup with 2 VLANs.
10.0.0.0/24
10.0.40.0/24
I’ve used firewall rules to allow traffic to flow between them, and most traffic does.
I can ping most devices and access my server’s webpage that’s on the 1st VLAN from devices on the second VLAN.
The issues come into play with some printers on VLAN 1.
I have setup IGMP Proxy as listed in the Mikrotik documentation. So far only 2 devices auto discover.
The printer however, will not talk to the 2nd VLAN. I can ping it, but cannot connect to it even by IP address to print. Trace routes are correct, everything seems to be routing properly, but for some reason I cannot get these to talk.
The other instance is with VNC connections.
Going from VLAN 1 to VLAN 2, I can ping the machine, but connection will timeout from VNC.
RDP sessions work going from 2nd VLAN to 1st, but haven’t had an opportunity to test the other way around.
If you can ping it already that means that VLAN’s are OK.
Printers these days are quite flexibel, offer dozens of (printing) protocols to choose from. They can be configured with ACL to only allow printing from certain IP-ranges etc,etc.
What does you logging say ? If you define a printer on a PC on VLAN1 pointing to printer in VLAN2 and start printing? Do you get any DROP’s , do you see ANYTHING ?
What kind of printer is it?
What kind of “find and resolve” protocol is used? Are you sure that it is based on TCP/IP? If low level ones are used than it is expected communication to be blocked with VLAN crossing.
Well, I feel dumb now not thinking to track the traffic for that. I used the torch feature, defined it to the two IP addresses.
I can see the traffic getting to it’s destination, but no replies from the printer. Attaching a screenshot of what I’m seeing. If there is a better way to do this, let me know.
