Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How can I give wireless clients on Meraki DHCP access to a shared printer on LAN?

Solved
jared721
Here to help
‎Nov 3 2022 8:09 PM
‎Nov 3 2022 8:09 PM

How can I give wireless clients on Meraki DHCP access to a shared printer on LAN?

Hello!

We have a Wi-Fi network at my organization which assigns IP addresses using Meraki DHCP. I learned that this is not the best configuration to use if you want Wi-Fi clients to have access to a shared printer connected via LAN. However, I am wondering, is there any possible way we could give these Wi-Fi clients access to the printer? For example, could the Firewall rules be adjusted to allow all those Meraki DHCP clients to have access to the correct VLAN the printer is connected to?

 

I am wondering about this because it would allow us to remove one of our SSID's. We currently have several, I learned it is not recommended to use more than 2 or 3. We currently have to have an additional SSID solely for printer access.

 

Thanks in advance for the help!

0 Kudos
Subscribe
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 4:00 AM
‎Nov 4 2022 4:00 AM

Check on Firewall & traffic shaping page if It's allowed to clients access the local LAN.

 

 

alemabrahao_0-1667559530646.png

When clients use Meraki's DHCP they are using NAT, so any internal service will be accessed through the IP of the AP the client is connected to.

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

0 Kudos
Subscribe
3 Replies 3
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 4:00 AM
‎Nov 4 2022 4:00 AM

Check on Firewall & traffic shaping page if It's allowed to clients access the local LAN.

 

 

alemabrahao_0-1667559530646.png

When clients use Meraki's DHCP they are using NAT, so any internal service will be accessed through the IP of the AP the client is connected to.

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 4:48 AM
‎Nov 4 2022 4:48 AM

Client Isolation

NAT mode with Meraki DHCP isolates clients. Devices with a Meraki DHCP address will be able to access external and internal resources, such as the Internet and LAN (if firewall rules permit). However, connected clients will be unable to contact each other. The client isolation features of Meraki DHCP can be seen in the above figure. Client A and Client B can both access the Internet. When Client A wants to send traffic to Client B, the traffic will reach the AP. However, the AP will not forward this traffic to Client B. Therefore, the two clients are isolated from each other.

Since the client isolation function of NAT mode prevents wireless devices on the SSID from communicating with other wireless devices, NAT mode is not recommended for use with wireless peer-to-peer devices like a wireless printer or Google Chromecast.

Due to the implementation of client isolation, clients on a NAT mode SSID cannot talk to clients on a bridge-mode SSID when both clients are connected to the same AP.

 

 

Common Problems

There are a few common problems that can arise when deploying NAT mode with Meraki DHCP to provide client addressing. These problems are outlined in detail below:

  • Roaming - NAT mode with Meraki DHCP will use the IP address of the AP as the public IP address for wireless clients. When a client roams between APs with Meraki DHCP, TCP connections will drop and have to be re-established. This can cause problems with some applications and devices.
  • Bonjour and multicasting protocols - The client isolation features of Meraki DHCP will prevent wireless clients from communicating with each other. This will prevent Bonjour, layer 2 discovery protocols, and multicasting protocols from working. This can cause problems in networks that use Bonjour among wireless clients, or have IP phones or applications that require multicasting.
  • Inbound client connections - NAT mode with Meraki DHCP prevents inbound connections to a wireless client. This can cause problems if a wireless client needs to be accessible from a different network. The image below illustrates this problem. A connection, such as a remote desktop session, from the wired client to wireless client A will fail. Other common examples include failed wireless LAN connections to Chromecast devices, AirPlay enabled devices, printers or projectors. 
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
jared721
Here to help
‎Nov 4 2022 11:05 PM
‎Nov 4 2022 11:05 PM

This was the issue. The printer now accessible. Thanks so much!

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.