Scribd
Upload
207 views

AirPrint With iOS and OS X and A FortiGate Unit

This document provides instructions for setting up AirPrint printing services between iOS devices, OS X computers, and an AirPrint printer connected through a FortiGate unit. The setup involves configuring WiFi SSIDs and interfaces, adding addresses and services, and creating multicast and inter-subnet security policies to allow the devices to discover and communicate with each other for printing purposes. Upon completion, traffic logs can be viewed to verify that printing traffic is passing properly through the FortiGate unit between the wireless networks and internal network.

Uploaded by

Pupsik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
207 views

AirPrint With iOS and OS X and A FortiGate Unit

This document provides instructions for setting up AirPrint printing services between iOS devices, OS X computers, and an AirPrint printer connected through a FortiGate unit. The setup involves configuring WiFi SSIDs and interfaces, adding addresses and services, and creating multicast and inter-subnet security policies to allow the devices to discover and communicate with each other for printing purposes. Upon completion, traffic logs can be viewed to verify that printing traffic is passing properly through the FortiGate unit between the wireless networks and internal network.

Uploaded by

Pupsik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Using AirPrint with iOS and OS X and a FortiGate

unit
This example sets up AirPrint services for use with an iOS device and OS X
computers using Bonjour and multicast security policies.

1. Configuring the FortiAP and SSIDs


2. Adding addresses for the wireless networks and printer
3. Adding service objects for printing
4. Adding multicast security policies
5. Adding inter-subnet security policies
6. Results

iPad Internal Network


OS x

FortiAP FortiGate

AirPrint
Configuring the FortiAP and
SSIDs
Go to System > Network > Interfaces.

Set an internal interface as dedicated to the


FortiAP unit.

Connect the FortiAP unit to the FortiGate


unit.

Go to WiFi Controller > Managed Access


Points > Managed FortiAP and authorize
the FortiAP.

Once authorized, it will appear in the


authorized list.
Go to WiFi Controller > WiFi Network >
SSID.

Create a WiFi SSID for the network for


wireless users and enable DHCP Server.
Create an SSID for the network for the
AirPrint printer and enable DHCP Server.

Adding addresses for the


wireless networks and
printer
Go to Firewall Objects > Address >
Addresses.

Create addresses for the SSID1, SSID2, and


AirPrint printer.
Create an address for the internal network
containing the OS X computers.

Adding service objects for


printing
Go to Firewall Objects > Service >
Services.

Create a new service for Internet Printing


Protocol (IPP) for iOS devices.

Create a new service for PDL Data Stream


for OS X computers.
Adding multicast security
policies
Go to Policy > Policy > Multicast Policy.

Create two policies to allow multicast traffic


from WLAN1 and WLAN2 for iOS devices.

For the first policy, set Incoming Interface


to WLAN1, Source Address to the SSID1
IP, Outgoing Interface to WLAN2, and
Destination Address to Bonjour.

For the second policy, set Incoming


Interface to WLAN2, Source Address
to the SSID2 IP, Outgoing Interface to
WLAN1, and Destination Address to
Bonjour.

The Bonjour address allows the devices to


find each other when they connect
through the FortiGate unit.

Create two policies to allow multicast


traffic from the LAN and WLAN2 for OS X
computers.

For the first policy, set Incoming Interface


to LAN, Source Address to the Internal
network, Outgoing Interface to WLAN2,
and Destination Address to Bonjour.
For the second policy, set Incoming
Interface to WLAN2, Source Address to
the AirPrint, Outgoing Interface to LAN,
and Destination Address to Bonjour.

Adding inter-subnet security


policies
Go to Policy > Policy > Policy.

Create a policy allowing printing from


wireless devices. Set Incoming Interface to
WLAN1, Source Address to the SSID1 IP,
Outoing Interface to WLAN2, Destination
Address to the AirPrint, and Service to IPP.

Create a policy allowing printing from an


OS X computer to the AirPrint printer. Set
Incoming Interface to LAN, Source
Address to the Internal network, Outoing
Interface to WLAN2, Destination Address
to the AirPrint, and Service to IPP.
Results
Print a document from an iOS device.

Go to Log & Report > Traffic Log >


Multicast Traffic to see the printing traffic
passing through the FortiGate unit.

Select an entry to see more information.

Go to Log & Report > Traffic Log >


Forward Traffic and verify the entry with the
IPP service.
Print a document from an OS X computer.

Go to Log & Report > Traffic Log >


Multicast Traffic to see the printing traffic
passing through the FortiGate unit.

Select an entry to see more information.

Go to Log & Report > Traffic Log >


Forward Traffic and filter the destination
interface for WLAN2 traffic.

Select an entry to see more information.

You might also like