Thank you for the tip. I am not Cisco engineer. If I don't provide the information you need, please let me know. I will try my best. Here are the interfaces:

interface Vlan200

description StudentSubnet

ip address 10.2.0.2 255.255.255.0

ip access-group studentaccess in

!

interface Vlan300

description PublicWireless

ip address 10.3.0.2 255.255.255.0

ip access-group publicaccess in

ip helper-address 10.2.0.253

I try to add permit ip host 10.2.0.253 host 10.3.0.206 to ip access-list extended studentaccess

and

permit ip host 10.3.0.206 host 10.2.0.253 to ip access-list extended publicaccess

but that doesn't fix the problem. Here are configuration after I made the changes.

ip access-list extended studentaccess
permit icmp any any
permit tcp any any established log
deny   ip 10.2.0.0 0.0.0.255 10.0.0.0 0.0.255.255
permit ip any any

permit ip host 10.2.0.253 host 10.3.0.206

ip access-list extended publicaccess
permit icmp any any
permit ip any host 10.2.0.253
permit tcp any any established log
deny   ip 10.3.0.0 0.0.0.255 10.1.0.0 0.0.0.255
deny   ip 10.3.0.0 0.0.0.255 10.2.0.0 0.0.0.255
permit ip any any

permit ip host 10.3.0.206 host 10.2.0.253

So the commands takes by order. That make sense. After making the change, I can add the printer, but can't print. I think the problem is I need open more tcp and udp. Can someone give me the command line to add all tcp and udp for 10.2.0.253 to access 10.3.0.206 and where I shuld insert the command line by order? Thank you.

If u can add a printer that means Printer is available, else you can ping printer ip.

I can ping the printer IP and add it. But when I send the print job, it stays in the queue for a while and the shows error. I do beleive it is port issue because in the public VLAN, I can telnet printer port 515 and 80. In the Student VLAN, I can't.

Hi,

Post here your current configuration of the switch.

Hope it will help.

Best regards,
Abzal

We have more than 3 VLANs. Any way, attached is the configuration