How to share printer in DMZ

Hello all,

I have a Guest / WIFI Network in my facility and also my LAN which houses business devices. The two networks are segmented off from each other but run through the SonicWALL TZ400 for security. I have a new networked color printer that I'm wanting to share between both networks but do not want any traffic from the guest network making it over to the business network. What would be the best way to accomplish this? I assumed putting a switch on one of the interfaces and plugging up the printer to that switch, but if that were the case the switch would have a different IP Subnet and I wouldn't be able to communicate with the printer. Am I thinking about this the correct way or is there another way of accomplishing this?


Category: Entry Level Firewalls

    In my head I'm thinking that I put the printer on a DMZ interface and then setup access rules as folows,

    Allow traffic from LAN to DMZ (X0 Interface to X5 Interface)

    Allow traffic from Guest to DMZ (x6 Interface to X5 Interface)

    Deny any traffic from DMZ outward (X5 Interface to ANY)

    I want to ensure that someone can't tunnel in through the printer into the main business network. I believe I've tried setting this up in the past but it didn't work the way I had hoped and I believe it had something to do with the IP being on a different subnet.

