WRVS-4400N: Share printer between VLANs

cjisndenial · ‎11-01-2010

I have configured my WRVS-4400N with 3 separate VLANs. I have intra-VLAN routing turned off because I do not want any traffic between the VLANs.

EXCEPT, I would like 1 computer on my Point-of-Sale VLAN to be able to communicate with 1 printer on my Office VLAN.

What is the best way to accomplish this? Can I create a single static route between the IPs?

davbarre · ‎11-03-2010

Hi CJ,

One way you could accomplish this would be to enable the Inter-VLAN routing, then create an IP based ACL to block the DHCP range assigned to each VLAN to everything else except this single IP address.

With Inter-VLAN routing disabled, it will function as you have seen and not allow traffic from one VLAN to another.

Thanks!

Dave

David L. Barrett, Jr.

cjisndenial · ‎11-03-2010

OK, I can deffnately do that. But doesn't enabling intra-vlan routing just create routes in the routing table? Is there no way to create a single static from an IP on one VLAN to an IP on another VLAN without turning on intra-vlan routing? I tried to do this, but when I set the router for the route as 0.0.0.0 I got an error.

Maybe I'm paranoid, but I love the simplicity of VLAN security vs IP packet blocking using a firewall.

-CJ

davbarre · ‎11-03-2010

Hi CJ,

You can certainly do routes, however you'd have to have a route for each IP address in each VLAN.

I believe the simpler answer would be as described above with Enabling Inter-VLAN routing, then ACL to block a subnet or range depending on how your network is configured and IP that your printer is on.

Thanks!

Dave

David L. Barrett, Jr.