I can print to my HP printer via the LAN when I'm not connected to the VPN. When connected to the VPN, printing fails.
OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
I can ping the printer while connected to the VPN:
$ ping 192.168.100.12
PING 192.168.100.12 (192.168.100.12) 56(84) bytes of data.
64 bytes from 192.168.100.12: icmp_req=1 ttl=255 time=9.17 ms
--- 192.168.100.12 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss...
$ ping HpPrinter.local
PING HpPrinter.local (192.168.100.12) 56(84) bytes of data.
64 bytes from HpPrinter.local (192.168.100.12): icmp_req=1 ttl=255 time=0.383 ms
--- HpPrinter.local ping statistics ---
4 packets transmitted, 4 received, 0% packet loss...
But here's the error when I try to print while connected to the VPN:
hpijs[9990]: io/hpmud/jd.c 784: mdns lookup HpPrinter.local retry 1...
...
hpijs[9990]: io/hpmud/jd.c 784: mdns lookup HpPrinter.local retry 20...
hpijs[9990]: io/hpmud/jd.c 780: error timeout mdns lookup HpPrinter.local
hpijs[9990]: io/hpmud/jd.c 88: unable to read device-id
hp[9982]: io/hpmud/jd.c 784: mdns lookup HpPrinter.local retry 1...
...
hp[9982]: io/hpmud/jd.c 784: mdns lookup HpPrinter.local retry 20...
hp[9982]: io/hpmud/jd.c 780: error timeout mdns lookup HpPrinter.local
hp[9982]: io/hpmud/jd.c 88: unable to read device-id
hp[9982]: prnt/backend/hp.c 745: ERROR: open device failed stat=12: hp:/net/Officejet_Pro_L7600?zc=HpPrinter
I am running iptables rules, but the problem doesn't appear related to the firewall. I've tested with no rules (i.e., no firewall). The printing problem happens when the VPN is connected. I can guess it is an mdns problem, but searching google about mdns didn't turn up anything that seemed related to this (at my level of knowledge). Any suggestions?
I had a bit of dumb luck... I had been looking for "proper" solutions (and trying to learn more about what is causing the issue) and then for some reason I suddenly thought to try System > Administration > Printing. The GUI showed my printer at:
Original location: hp:/net/Officejet_Pro_L7600?zc=HpPrinter
I used the GUI wizard to find the printer again, this time while using the VPN. It came up with this location: dnssd://Officejet%20Pro%20L7600%20%5B32C801%5D._pdl-datastream._tcp.local/
Now printing works while on the VPN.
WHY??? I would really like to know what all this means as well as what the security implications are of mdns. I would appreciate any comments anyone wants to add.
In my Anyconnect client, I can click on the gears icon to edit "settings" and then select "Allow local (LAN) access when using VPN (if configured)". When I check that box and reconnect to the VPN, I can access my (local) network printer and other resources.