Help to create rules for PAPERCUT (Printing program) for Wireless users on a Separate VLAN

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Help to create rules for PAPERCUT (Printing program) for Wireless users on a Separate VLAN

L4 Transporter

Hi There,

I have got a program "Papercut" installed on my Fileserver1.  The program listens on port 9191.  ISP has created a sub-domain which routes all traffic using http://papercut.xxx.com to an external IP address of 213.1.215.4.

Shortcut to "Papercut" on our internal network is http://fileserver01:9191.  I want to implement a rule for the Wireless users on a seperate VLAN to be able to access "Papercut", since they are not recognized on our internal network's IP addresses.

I know we need to have a NAT rule created, but cannot get my heads around.  Help would be appreciated.

Thank you

Regards,

Kal

1 accepted solution

Accepted Solutions

L4 Transporter

Fixed it.  U-turn NAT was required.  Thanks Guys...

Regards,

Kalyan

View solution in original post

3 REPLIES 3

L6 Presenter

No need to use NAT in your case.

I assume your fileserver1 have a defgw which points to your router.

You can then put a static route entry in your router to point out where the wifi-clients are connected (iprange of wifi-clients with nexthop to your PAN box - I assume your network is similar to router <-> PAN <-> access-point <-> wifi-clients).

Or am I missing something here?

Then in your PAN you can as debug just allow appid:any, service:tcp9191 to see how PAN will detect the flows and once found out limit the appid to only use the detected application(s).

L6 Presenter

Hi...are the wireless users on the same private IPs as your server?  If so, you may need to do U-turn NAT.  See:  https://live.paloaltonetworks.com/docs/DOC-1678.

Thanks.

L4 Transporter

Fixed it.  U-turn NAT was required.  Thanks Guys...

Regards,

Kalyan

  • 1 accepted solution
  • 2803 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!