10

I have external contractors sitting in my office that have access to various file shares via Citrix (they are not on our internal network).

These contractors require printing.

Is there a way to enable printing to a network printer from a program not in Citrix (having them print in Citrix is not an option currently, due to them needing to print from specific programs not in Citirx)?

Or do I just have to use something like papercut's webprint (not as nice as they can't just print directly to a printer)?

Kvad
  • 657
  • 2
  • 9
  • 21
  • 5
    Honestly, if this is just a temporary situation that doesn't require a re-usable, permanent solution I would probably just buy a cheap inkjet printer, and give them a USB cable. I tend to look at problems like this at $150/hour. If it would take me 3 hours to fix just for a once off, if I can spend less than $450 to get it out of my way then that might be the way to go. – Mark Henderson Apr 04 '14 at 01:36
  • 2
    Not a once off. Its a frequent requirement. Also this stretches across multiple offices and floors. – Kvad Apr 04 '14 at 03:25
  • 2
    This sounds like a perfect use case for a VPN with some advanced routing. – David Eisen May 25 '14 at 02:59
  • Can you elaborate more on the exact setup? It seems as though the hardware is there, its just that they are on some sort of a guest VLAN, or something. – Konrad Gajewski May 13 '15 at 14:14
  • No longer a requirement. Would probably have enabled Papercut webportal in the end. – Kvad May 14 '15 at 07:40

3 Answers3

1

You can create a guest vlan and/or a wireless network where they can access port 9100 (JetDirect) on the printers. They will need to get the print driver from the internet, but at least they have access to the printer.

datagutten
  • 21
  • 3
0

I realize this is an old question but for anyone else coming accross this here is probably the best solution (in my opinion).

A couple people suggested a VLAN (Virtual Local Area Network). The idea here is that you can take a 24 port managed switch and configure it so ports 1-12 function as a seperate switch and ports 13-24 function as a seperate switch. So once you segregate your ports then you assign ports 1-12 a VLAN ID and ports 13-24 a second VLAN ID. VLANs work having the default VLAN (no VLAN being enabled) as VLAN 1. VLAN 1 has access to everything on the network (by default because everything is considered connected to VLAN 1).

So let's say you have servers that you do not want the contactors to have access to. We put all of those servers on ports that are assigned VLAN 20. Put all of your company workstations on VLAN 20 too. Now create a guest network VLAN 40. The contractors would connect their computers to VLAN 40. As it is setup currently VLAN 40 cannot communicate with VLAN 20.

Now create a third VLAN for printers that both networks should be able to print to. Put the common printers on VLAN 30. Setup routing so that VLAN 20 can communicate with VLAN 30 and VLAN 40 can communicate with VLAN 30. VLAN 20 and VLAN 40 cannot communicate.

That will give you the solution you want. To do this you need layer three managed switches and you need to properly configure VLAN tagging, trunking, and IP routing on the related layer three switches.

Hopefully this helps someone in the future. Please let me know if you have any questions.

user5870571
  • 2,900
  • 2
  • 11
  • 33
0

Simply add like a USB to rj45 plug at a low cost and that will make the printer answer on two IP, the main IP via the integrated network card and the other IP via the plug. I used that tip a lot and it work good.

yagmoth555
  • 16,300
  • 4
  • 26
  • 48