How do I print forward or alternative config printing across subnets?

[SOHO11]

I just got off the phone with a senior Apple support rep that says I cannot print across subnets due to limitations with the Apple AirPort Extreme (extremely limited?) All my "good stuff" is on one subnet (let's call that 10.0.2.x) but on the guest wifi subnet (let's call that 10.0.3.x) I have a wireless printer for my guests (family and visitors). I was hoping to port forward print requests from the 10.0.2.x computers to the 10.0.3.y wifi printer. If true that I cannot port forward, can you suggest an inexpensive solution to allow me to keep the WIFI printer on the 10.0.3 wifi guest network but print to it from the 10.0.2 subnet?

PS I am told that if I cable the printer into the router, it will not be accessible by the guest subnet 10.0.3.

Printer are cheap compared to ink and I suppose I could by a second one, but that seems radical.

This is particularly irritating because the AirPort router definitely has port mapping capability.

 

[Alabalcho]

Port forward is meant to be between WAN and LAN ports, not between subnets on the LAN ports. What you are looking for is adding a "router" between these subnets, but the moment you do that your "guest" network will be no longer "guest".
What about temporary connecting to your guest network when you need to print?

 

[SOHO11]

What about temporary connecting to your guest network when you need to print?

I already do that as a work around, but it's not a solution. For one thing, switching network connections forces a disconnect on all my instant messaging tools for work just to be able to print a page.

What you are looking for is adding a "router" between these subnets,

Yeah, well, the Apple AirPort router that created these two subnets is the problem I'm trying to solve. I need a NAT so that print requests on port 9100 will transfer from the 10.0.2 to 10.0.3 subnet. Lots of web articles talk about this in gaming terms (for WAN as you say) but have not found something that explains for printing. I may have to trash the Apple hardware in favor of a different router.

 

[boosted1g]

Sorry I am not a guru in mac airport routers (mostly because they are way to much money for way too limited of features) but hopefully I can give you a conceptual answer to get you on track.

In general a router will block traffic between VLANs through a firewall rule, if airport even allows that then you may be able to add a custom firewall rule to allow traffic between 10.0.2.0/24 to the IP of your printer on port 9100.
So if airport used a standard IPTABLES Setup: iptables INPUT -p tcp -s 10.0.2.0/24 --dport 9100 -j ACCEPT
This rule will need to be BEFORE any rule rejecting 10.0.2.0 from 10.0.3.0

 

[boosted1g]

If printer can run both wired and wireless interface at the same time then you could also try that; as well as using cloud print/air print features.

 

[SOHO11]

If printer can run both wired and wireless interface at the same time ...

Sadly, the HP8600 cannot.

 

[boosted1g]

If you cant make custom firewall rules and dont have dual interfaces on your printer then your only other options are as follows:

1) Switch printer from subnets when needed
2) Put printer in DMZ (makes it very vulnerable to hacking from the internet, be interesting to see though what it prints)
3) Get a better router