Unanswered Question
Nov 7th, 2007
User Badges:

Hi All,

I currently have a customer with a PIX 515E running v7.x code. They use the firewall to remotely connect via a secure VPN tunnel over a BT network to central site. THis allows them to access terminal servers for their work.

Now, the central site, lets say "A" wishes to be able to send print jobs to the remote site "B" via the BT network and not through the tunnel. I have set a static translation on the PIX for this particular printer and also created 3 outside-in acl entries to allow UDP, TCP and IP from ANY to this printer. I can successfully ping the printer from site "A" ok but when i send print jobs to it, it does not work at all.

Any ideas why? Does the PIX inspect rules cause any printing type issues or should i be looking elsewhere?...



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sadbulali Wed, 11/14/2007 - 10:44
User Badges:
  • Bronze, 100 points or more

Could you paste the sh run, config of you PIX 515 E. It looks like an access-list problem.

bauer.juergen Thu, 11/15/2007 - 04:48
User Badges:

Had the same issue with MS Terminal Server printing over vpn tunnel.

what kind of internet connection do you have? one which adds extra headers like pppoe ?

for me ...

sysopt connection tcpmss


default is 1380 (1380 data + 20 TCP + 20 IP + 24 AH + 24 ESP_CIPHER + 12 ESP_AUTH + 20 IP = 1500 bytes)


This Discussion