Meraki

Community

Wi-Fi printers and meraki dhcp clients

Vittorio
New here
‎Nov 4 2022 4:37 AM
‎Nov 4 2022 4:37 AM

Wi-Fi printers and meraki dhcp clients

Hello everybody, is it possible to print from the same SSID with printers connected in wi-fi and both (PC and printers) connected using Meraki DHCP (client isolation i know) is there a workaround?

thanks

Labels:
0 Kudos
9 Replies 9
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 4:41 AM
‎Nov 4 2022 4:41 AM

 

Check on Firewall & traffic shaping page if It's allowed to clients access the local LAN.

 

 

alemabrahao_1-1667562108567.png

 

When clients use Meraki's DHCP they are using NAT, so any internal service will be accessed through the IP of the AP the client is connected to.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 4:44 AM
‎Nov 4 2022 4:44 AM

But, It's not the best option. I suggest you use an external DHCP server assigned.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 4:46 AM
‎Nov 4 2022 4:46 AM

Client Isolation

NAT mode with Meraki DHCP isolates clients. Devices with a Meraki DHCP address will be able to access external and internal resources, such as the Internet and LAN (if firewall rules permit). However, connected clients will be unable to contact each other. The client isolation features of Meraki DHCP can be seen in the above figure. Client A and Client B can both access the Internet. When Client A wants to send traffic to Client B, the traffic will reach the AP. However, the AP will not forward this traffic to Client B. Therefore, the two clients are isolated from each other.

Since the client isolation function of NAT mode prevents wireless devices on the SSID from communicating with other wireless devices, NAT mode is not recommended for use with wireless peer-to-peer devices like a wireless printer or Google Chromecast.

Due to the implementation of client isolation, clients on a NAT mode SSID cannot talk to clients on a bridge-mode SSID when both clients are connected to the same AP.

 

 

Common Problems

There are a few common problems that can arise when deploying NAT mode with Meraki DHCP to provide client addressing. These problems are outlined in detail below:

  • Roaming - NAT mode with Meraki DHCP will use the IP address of the AP as the public IP address for wireless clients. When a client roams between APs with Meraki DHCP, TCP connections will drop and have to be re-established. This can cause problems with some applications and devices.
  • Bonjour and multicasting protocols - The client isolation features of Meraki DHCP will prevent wireless clients from communicating with each other. This will prevent Bonjour, layer 2 discovery protocols, and multicasting protocols from working. This can cause problems in networks that use Bonjour among wireless clients, or have IP phones or applications that require multicasting.
  • Inbound client connections - NAT mode with Meraki DHCP prevents inbound connections to a wireless client. This can cause problems if a wireless client needs to be accessible from a different network. The image below illustrates this problem. A connection, such as a remote desktop session, from the wired client to wireless client A will fail. Other common examples include failed wireless LAN connections to Chromecast devices, AirPlay enabled devices, printers or projectors. 
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 5:45 AM
‎Nov 4 2022 5:45 AM

So the workaround is to use an external DHCP server assigned.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
TBHPTL
A model citizen
‎Nov 4 2022 2:59 PM
‎Nov 4 2022 2:59 PM

No see above regarding bonjour forwarding...

0 Kudos
TBHPTL
A model citizen
‎Nov 4 2022 2:58 PM
‎Nov 4 2022 2:58 PM

Yes it s possible to ppint to your devices in differing subnets with isolation on.or use chromcasts and apple tvs across differing subnets with isolation

 

Put he printer in one subnet, your clients in a differing subnet. printer can be wired or wireless and use bonjour forwarding  MUST create reciprocal rules or it will not work....

 

TBHPTL_0-1667599014889.png

 

0 Kudos
In response to TBHPTL
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 6:21 PM
‎Nov 4 2022 6:21 PM

  • Bonjour and multicasting protocols - The client isolation features of Meraki DHCP will prevent wireless clients from communicating with each other. This will prevent Bonjour, layer 2 discovery protocols, and multicasting protocols from working. This can cause problems in networks that use Bonjour among wireless clients, or have IP phones or applications that require multicasting.
  • Inbound client connections - NAT mode with Meraki DHCP prevents inbound connections to a wireless client. This can cause problems if a wireless client needs to be accessible from a different network. The image below illustrates this problem. A connection, such as a remote desktop session, from the wired client to wireless client A will fail. Other common examples include failed wireless LAN connections to Chromecast devices, AirPlay enabled devices, printers or projectors. 
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
TBHPTL
A model citizen
‎Nov 14 2022 4:03 PM
‎Nov 14 2022 4:03 PM

I missed he was doing Meraki DHCP which for the life of me I can't understand why anyone would do this 

 

Use bridge mode enable WIRELESS Client iso on the SSID and do what I said do, it will work flawlessly between subnets

 

 

 

0 Kudos
In response to TBHPTL
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 4 2022 6:26 PM
‎Nov 4 2022 6:26 PM

 NAT mode is not recommended for use with wireless peer-to-peer devices like a wireless printer or Google Chromecast.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.