Home Printing – Connected to a VPN

 

My company, like many others out there, requires you to sign on to a VPN to allow you to access the “internal” network. A work colleague recently complained that when she did this at home she could no longer print to her home printer which was shared on a Windows machine on her home network. The only way this worked was if she used the VPN from the actual print server PC herself – a workaround but not ideal.

The reason this was happening was that the VPN adapter was making itself the default gateway for all of her traffic, including the requests to the print server. Since the work network has no knowledge of your home network, the requests simply get discarded. I put together an e-mail to show her how to get around this issue, temporarily at first and permanently should she require it. Since this might be quite common, I have transcribed that e-mail below into a small general How-To.

First off, there are a couple of things you will need to know/do:

  1. The IP Address of the computer that is acting as your Print Server (in the example that is 192.168.1.103)
  2. The IP Address of your home network’s router (in the example that is 192.168.1.1)
  3. Make sure that the printer is set up to map via the IP address and not the computer name

Number 3 is easily checked in the properties of the printer you added to your machine – if it is added with the name rather than the IP address, just modify (or delete and re-add) it.

As for 1 and 2, since I know everyone is not a geek and does not know this stuff off the top of their head, we’ll go through the steps you would take on a Windows machine:

First run this command (in bold) from a command prompt (Start >> All Programs >> Accessories)

C:\Documents and Settings\adam>ipconfig /all

Your output should look like this anything in [] and bolded is inserted by me – I ran this on the machine that was connected physically to the printer and was acing as the server:

Windows IP Configuration

Host Name . . . . . . . . . . . . : PC-xxxxxx
Primary Dns Suffix . . . . . . . : xxxxxxx
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xxxxxxxx

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : xxx.xx.comcast.net
Description . . . . . . . . . . . : Broadcom 570x Gigabit Integrated Controller
Physical Address. . . . . . . . . : xxxxxxx
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.103 [IP Address of the computer on the home network]
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1 [IP Address of your Router]
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
68.87.73.242
68.87.71.226
Lease Obtained. . . . . . . . . . : Friday, March 02, 2007 12:18:51 PM
Lease Expires . . . . . . . . . . : Saturday, March 03, 2007 12:18:51 PM

So, from the above, you can find out the IP of the machine you are using on your home network as a print server and the IP of your home router – the default gateway.

Now, as an FYI, the reason why you can’t get to your printer is because the VPN client has gone and grabbed your default gateway. You can see this by running the command below (relevant line is bolded) – all 10. addresses have been changed from actual values and I’ve removed some lines for brevity:

C:\Documents and Settings\adam>route print
===========================================================================
Interface List
0×1 ……………………… MS TCP Loopback interface
0×2 …00 xx xx xx xx xx …… Broadcom 570x Gigabit Integrated Controller – Packet Scheduler Miniport
0×20004 …00 xx xx xx xx xx …… Cisco Systems VPN Adapter – Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 128.0.0.0 10.100.100.101 10.100.100.101 1

255.255.255.255 255.255.255.255 192.168.1.122 192.168.1.122 1
Default Gateway: 10.100.100.101
===========================================================================
Persistent Routes:
None

Now, onto how to get around this issue, here’s how I did it for mine, first I try to ping the server from another machine on the home network that I have connected to the VPN. Remember, 192.168.1.103 is the IP of the machine I have set up as the printer server:

C:\Documents and Settings\adam>ping 192.168.1.103

Pinging 192.168.1.103 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.1.103:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

As expected, no luck. So now for the magic command:

C:\Documents and Settings\adam>route add 192.168.1.103 MASK 255.255.255.255 192.168.1.1

Now, we should be able to get to it, so lets ping again:

C:\Documents and Settings\adam>ping 192.168.1.103

Pinging 192.168.1.103 with 32 bytes of data:

Reply from 192.168.1.103: bytes=32 time=2ms TTL=128
Reply from 192.168.1.103: bytes=32 time=1ms TTL=128
Reply from 192.168.1.103: bytes=32 time=1ms TTL=128
Reply from 192.168.1.103: bytes=32 time=1ms TTL=128

Ping statistics for 192.168.1.103:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms

Hooray! Mission accomplished…….

Now obviously you don’t want to have to do that each time, but that’s the quick way of figuring out if you have everything working. The general form of this command is:

route add [IP Address of Print Server] MASK 255.255.255.255 [IP Address of Home Router]

Once you substitute in the appropriate values for your network, you can save that line to a text file (using notepad or any other plain text editor). Then either save as .bat rather than .txt or change the .txt extension to .bat after the fact. Place the file on your desktop and you can then just double click that .bat file to run the command and fix your routing as needed.

Alternatively, once you are happy that this works you can add it as a persistent route – this stores the route in the Windows registry and keeps it in your routing table permanently. This is very easy to do, you just add a -p flag like so:

route -p add [IP Address of Print Server] MASK 255.255.255.255 [IP Address of Home Router]

And that’s it – if you find this useful, then let me know – my colleague has already successfully applied this to her situation and had no problems. If you have any suggested improvements, either drop me an e-mail or leave a comment in the blog.

Technorati Tags: , , , , , , , ,

 Posted by at 1:25 pm