Problem solve Get help with specific problems with your technologies, process and projects.

How to maintain corporate VPN connection while printing to a private network

In this advice from our wireless networking expert, learn how to maintain a corporate VPN connection while printing to a private network.

I have a company wireless laptop with a VPN client that I use to log into my company network. How can I stay attached to the VPN client and still be able to print to my own wireless printer?

Unfortunately, you've run into a common problem with many VPN client configurations. Corporate VPN administrators often install VPN clients with policies that require all traffic to be tunneled over the Internet to the company's network. As a result, it is not possible for you to send any traffic to a wireless print server inside your own home network while you are connected to the VPN.

There is not much you can do to change this. You have two choices: convince your VPN administrator to reconfigure your VPN client to allow split tunneling (fat chance!) or disconnect from your corporate VPN whenever you want to print to your own wireless print server (inconvenient, but often the only easy answer.)

There is another thing you could try, but it's not a great idea. You could expose your home network's wireless print server to the Internet, letting anyone on the Internet submit print jobs.

Most home broadband routers can expose one system this way by configuring a "DMZ Host" or a port forward rule. If you did this, you might be able to print to your wireless print server while connected to the VPN by sending print jobs to your broadband router's WAN IP address.

That print request would be sent by your VPN client, over the VPN tunnel, through your company's network, back out onto the Internet, and through your home broadband router, where it would finally reach your wireless print server. Not only is this inefficient, but it could let your print server be abused by outsiders, and your corporate administrators might block the outbound ports required for this anyway

This was last published in July 2008

Dig Deeper on Working With Servers and Desktops