timeshifter
Well-Known Member
- Reaction score
- 2,254
- Location
- USA
Here's some lab work...
UniFi switch and FortiGate firewall - can't ping past switch for some users
- Thread starter timeshifter
- Start date
timeshifter
Well-Known Member
- Reaction score
- 2,254
- Location
- USA
If you've read any of my posts over the years you might know that I loathe the Wi-Fi Direct feature of HP printers (and others, but HP especially).
I'm 99.9% sure this problem is completely solved and I know why as well. Yes, I identified the printer, but why. And why didn't it do it before I switched networks from 192.168.111.0 to 192.168.223.0?
As you can see from the Wireshark capture above it looks like I had duplicate IP addresses of 192.168.223.1, one for the router (a Netgear in my lab) and one for the HP printer. A broadcast would go out and the Netgear would answer then the HP would answer.
I looked at the printer settings and saw that 192.168.223.1 was the IP for the Wi-Fi direct. But was it coincidence or was it following along with my new network. It was a coincidence.
I changed my lab setup to use 192.168.174.0 and tried everything again. The HP still had 192.168.223.1 as the IP for it's (f&^%ing) Wi-Fi direct. So I Googled "hp envy 5000 192.168.223.1" and sure enough, there it was https://support.hp.com/us-en/document/ish_1841315-1637332-16 If you expand the section "Can I access printer settings and management tools using a Wi-Fi Direct connection?" you'll see it plain as day.
So, 192.168.223.1 is the default address for Wi-Fi direct on this model.
We lost the lottery when the vendor said we could use 192.168.223.0 for our subnet with their site-to-site VPN.
Gather your baseball bats and meet me in the field and help me beat the s#$% out of this printer.
I'm 99.9% sure this problem is completely solved and I know why as well. Yes, I identified the printer, but why. And why didn't it do it before I switched networks from 192.168.111.0 to 192.168.223.0?
As you can see from the Wireshark capture above it looks like I had duplicate IP addresses of 192.168.223.1, one for the router (a Netgear in my lab) and one for the HP printer. A broadcast would go out and the Netgear would answer then the HP would answer.
I looked at the printer settings and saw that 192.168.223.1 was the IP for the Wi-Fi direct. But was it coincidence or was it following along with my new network. It was a coincidence.
I changed my lab setup to use 192.168.174.0 and tried everything again. The HP still had 192.168.223.1 as the IP for it's (f&^%ing) Wi-Fi direct. So I Googled "hp envy 5000 192.168.223.1" and sure enough, there it was https://support.hp.com/us-en/document/ish_1841315-1637332-16 If you expand the section "Can I access printer settings and management tools using a Wi-Fi Direct connection?" you'll see it plain as day.
So, 192.168.223.1 is the default address for Wi-Fi direct on this model.
We lost the lottery when the vendor said we could use 192.168.223.0 for our subnet with their site-to-site VPN.
Gather your baseball bats and meet me in the field and help me beat the s#$% out of this printer.
HCHTech
Well-Known Member
- Reaction score
- 4,045
- Location
- Pittsburgh, PA - USA
Whenever I make a custom subnet, I always change 2 octets - never knew why, it just felt better. Now I have a good reason! Good detective work!
timeshifter
Well-Known Member
- Reaction score
- 2,254
- Location
- USA
It's been a few weeks since the discovery of this issue and removing the bad printer. They've been getting along just fine, so tonight I came in to connect to their "good" switch and put things back. In one office they had two printers, the problem one and another similar one - an HP OfficeJet 4655.
This model has similar programming. It's WiFi Direct creates a 192.168.223.0 network too. It was connected to the WiFi here, not WiFi direct. I went ahead and disabled the WiFi Direct on this unit. My presumption is that this model didn't let it's network traffic bleed over from WiFi direct to WiFi client like the previous one did.
This model has similar programming. It's WiFi Direct creates a 192.168.223.0 network too. It was connected to the WiFi here, not WiFi direct. I went ahead and disabled the WiFi Direct on this unit. My presumption is that this model didn't let it's network traffic bleed over from WiFi direct to WiFi client like the previous one did.
YeOldeStonecat
Well-Known Member
- Reaction score
- 6,554
- Location
- Englewood Florida
I push clients to not use wireless printers, however many printers that they get come with wifi.
I plug 'em in via ethernet, and for decades I've had the habit of logging into the printer and DISABLING features not being used. Years ago many printers came with the network protocol IPX enabled, and netBEUI, and other stuff. I always disabled those, esp IPX, it's chatty, and if it's not used (I haven't stood up a Novell network in around 28 years)...I disable it. Less "stuff" broadcasting from a network node is better.
WiFi Direct..sorta newer feature, but I disable it.
I plug 'em in via ethernet, and for decades I've had the habit of logging into the printer and DISABLING features not being used. Years ago many printers came with the network protocol IPX enabled, and netBEUI, and other stuff. I always disabled those, esp IPX, it's chatty, and if it's not used (I haven't stood up a Novell network in around 28 years)...I disable it. Less "stuff" broadcasting from a network node is better.
WiFi Direct..sorta newer feature, but I disable it.
