Requirements & Supported Environments

Third-Party Vendor Policy - Virtual Appliance works with third-party products listed below—so long as the vendor continues to support them. However, when they reach “end of life” (as defined by the vendor), we can no longer support them. If this occurs, we suggest you upgrade to a newer version. We define third-party software support as “mainstream support,” not any extended support options a company like Microsoft may offer.

Security Compliance

To see full details about our compliance against global standards, certifications policies and more visit the Vasion Trust Center.

Minimum Server Requirements

Resource usage may increase depending on configured features and user count. Use the recommendations below when creating your Virtual Appliance, but continue to monitor the CPU and RAM utilization and allocate additional resources as needed.

  • Four 3.5-4.0 GHz processors. Add two 3.5 GHz processors for each additional 15,000 users.
  • 16 GB RAM for up to 15,000 users.
    • Add 2 CPUs / 8GB RAM for each additional 15,000 users.
    • Add a minimum of 2 CPUs and 4GB RAM if using the Internal Service Client.
    • Add 2 CPUs and 4GB RAM per 500 CPA / Simple Badge Release installations.
  • 150GB free hard disk space for the host disk.
  • There should be 50GB of free hard disk space on the persistent storage disk (add 4GB for every 100 printers).
  • NT LAN Manager (NTLM) v2 must connect to the Virtual Appliance's appliance-storage shared folder.

Security Protocols

Portal Access Protocol

Define whether access to your Admin Console, Self-service Portal, and Release Portal requires HTTP or HTTPS.

Navigate to the Protocol section on Tools then Settings then General in the Admin Console, select from the following options, then select Save.

  • Any (specified by url) — allows HTTP and HTTPS traffic.
  • Only HTTP — allows only HTTP traffic.
  • Only HTTPS — allows only HTTPS traffic.

Protocol section showing the protocol drop-down options for the Admin Console and Self-Service Portal.

Server Message Block

Virtual Appliance only supports New Technology LAN Manager (NTLM2) for connections to the Server Message Block (SMB) share.

Allow List URLS

Virtual Appliance Services URLs

URL

Purpose

portainer. Instance FQDN

Portainer UI used by Product Support to troubleshoot the Virtual Appliance on a container level, if needed.

agent-api.Instance FQDN

Currently the gateway used for SNMP Simple Network Management Protocol - Protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and more. service. Soon will replace cpp-ui.app.Instance FQDN as the primary gateway for all Service Client Any PrinterLogic Client that has been promoted to provide one or more additional services that add specific functionality to the PrinterLogic environment (i.e., SNMP, iOS Printing, Email Printing, Printer Apps, etc.) communication.

gw.Instance FQDN

Serves as the gateway for IdPs, LDAP Lightweight Directory Access Protocol. As the name suggests, it is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection oriented transfer services., SCIM System for Cross-domain Identity Management. It's an open standard designed to manage user identity information between identity domains or IT systems., APIs, and Quota Management.

cpp-ui.Instance FQDN

Serves as the Gateway between the Service Client, the user Interface for the CPA, and your Virtual Appliance instance.

cpa-api.Instance FQDN

Serves as the gateway for Control Panel Application (CPA) service. Soon will replace ccp-ui.Instance FQDN as the primary gateway for CPA only.

cdn.Instance FQDN

Primary gateway for content delivery network - (AWS, CloudFront), and other static assets such as UI pages.

edw.Instance FQDN

Primary gateway for Enterprise Data Warehouse (EDW). Used to offload data for analytics.

traefik.Instance FQDN

Primary gateway used for communication inside your Virtual Appliance instance.

Off-Network Print

Virtual Appliance Self-Hosted External Gateway

  • Instance FQDN
  • gw.Instance FQDN
  • Self-Hosted gateway URL

Mail Flow Rules

Certain features may require Mail Flow Rules to allow them to function as expected. Features using the email service include:

  • Scheduled Reports
  • SNMP Emailed Alerts

Email Sender (From) — no-reply@vasion.com, no-reply@printercloud.com.

Signed By — vasion.com.

Mailed By — Ensure you add the applicable regional URL from below to your inbound email allow list so that emails reach the user(s).

  • mg.vasion.com — for US, APAC, or Canada regions.
  • mg.eu.vasion.com — for EMEA region.

Supported Authentication Methods

Virtual Appliance is designed to support a wide range of identity providers for authentication and authorization within the product. Here are the supported provider options and their respective configuration pages for your reference.

  • LDAP
  • IdP

Active Directory (No LDAP Domain connection) provides basic authentication to the Self-service Portal for Active Directory users on domain-joined devices with the Virtual Appliance Client installed.

To use Active Directory or Oracle for identity management within your organization, an LDAP Domain connection is required to enable certain functionality, such as authenticating to the Admin Console or Mobile app and secure release printing. Environments using LDAP for Control Panel Application (CPA) authentication also require an Identity Sync configuration.

An Identity Provider (IdP) provides user authentication and authorization to the consoles and features. Vasion Print supports multi-tenant environments using multiple IdPs. Supported IdPs are:

Supported Hypervisors

  • AWS *
  • Azure
  • Google Cloud
  • Hyper-V
  • VMware (ESXi, vCenter, Workstation Pro, Fusion)

Supported Mobile OS

  • iOS 15, 16, and 17.
  • iPadOS 15, 16, and 17
  • Android 11, 12, 13, and 14.

Type 4 Drivers

Type 4 drivers don’t work with TCP/IP printer objects with Virtual Appliance because they disable port monitoring, which the application needs. If a TCP/IP printer on a workstation uses a type 4 driver, it may cause printing issues. However, USB and software printers (like Adobe or Microsoft XPS) can still use type 4 drivers without problems.

Supported IPP Version

  • 2.0

Printing with a mobile device requires access through two specific TCP ports: Port 631 and Port 80.

Client OS Hardware

The Client supports the following operating systems.

Virtual Appliance does not control the Client version in IGEL. Since the Client version may not always be the latest, it's important to recognize that each version has unique features and fixes.

Supported Operating Systems

x86

x64

Other

Windows 10/11

Windows 10/11/2016/2019/2022

ChromeOS 109+

 

macOS 13 (Ventura)

macOS 14 (Sonoma)

macOS 15 (Sequoia)

IGEL-OS 11

 

Ubuntu Linux (LTS) 18.04

Ubuntu Linux (LTS) 20.04

Red Hat 7

Red Hat 8

 

Client workstation installation requires an operating system with a minimum of 100MB of free hard disk space. Print drivers may require additional space.

ARM processors are not currently supported for Admin Console machines and end user workstations.

Chromebook OS Client

The ChromeOS Client is only compatible with Google Identity service. It will not work with other IdPs.

You can find the Chromebook Client in the Google Admin Console listed as Extension ID: llhfdhidddepenjnklbngmapjohlbekh

Antivirus Exclusions for Client Stability

To prevent antivirus scans from affecting essential client components, please refer to the Antivirus Exclusions topic for a list of folders and sub-folders to exclude.

Supported SNMP Versions

If SNMP Simple Network Management Protocol - Protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and more. is enabled, Virtual Appliance leverages metadata to ensure precise reporting, SNMP information retrieval, Pull Print / Direct Secure Release Print functionality, and local user identities and email address synchronization. For a comprehensive list of the collected metadata and concise descriptions of their use cases see the Metadata Collected by Virtual Appliance topic.

  • SNMP v1
  • SNMP v2
  • SNMP v3

Supported Browsers

  • Microsoft Edge (Chromium)
  • Safari 15, 16
  • Firefox 3+ and current release
  • Google Chrome 88+

Browser Extensions

  • Edge (Chromium)
  • Chrome
  • Chromebook OS
  • Firefox

Find the Edge (Chromium) extension in the Microsoft Store listed as the PrinterLogic Extension v x.x.x.x. This extension is currently only supported for Windows OS. Visit the Microsoft Edge (Chromium) Extension documentation for more information on installing it.

Prerequisites for Edge (Chromium) to function correctly:

  • Virtual Appliance Client version 25.0.0.481 or later.
  • PrinterInstaller service version 5.0.6155 or later.
  • Edge Browser version .88 or later.
  • Using Windows OS. (macOS is not supported currently)

Find the Chrome extension in the Chrome Web Store listed as the PrinterLogic Extension vx.x.x.x.

The Chromebook extension can be found in the Google Admin Console listed as Extension ID: llhfdhidddepenjnklbngmapjohlbekh

Open the Firefox browser and browse to https://www.printerlogic.com/browser-extension/ to install the extension.

Network Connection Ports

  • General Ports
  • Mobile App Ports
  • Off-Network Ports
  • Simple Badge Release Ports
General Connection Ports

General Features

Description

Source

Destination

Destination Port

Printing

Direct IP printing from the end workstation to the printer.

Client/Workstation

Output Device/Printer

TCP 9100

Chromebook Printing

Driverless IPP printing from the Chromebook device.

Chromebook

Output Device/Printer

TCP 631

LDAP Authentication

LDAP User look up for user authentication.

Client/Workstation

LDAP Server

TCP 636

SNMP Monitoring

Output Device/Printer monitoring and reporting.

SNMP Service Client

Output Device/Printer

UDP 161, 162

Windows Printer Server Import

Tool for importing printers into a new instance.

Windows Print Server

Instance/Client

TCP 80, 139, 445 and UDP 137, 138
Mobile App Connection Ports

Virtual Appliance Mobile App

Description

Source

Destination

Destination Port

Direct IP

Releasing "held" workstation print jobs using the mobile app.

Client/Workstation

Output Device/Printer

TCP 9100

IPP Printing

Printing directly from the mobile device using the mobile app.

Mobile Device

Output Device/Printer

TCP 631/80
Off-Network Connection Ports

Off-Network Print

Description

Source

Destination

Destination Port

Print Job Submission

Printing from Off-Network Device.

Workstation/Client

Off-Network External Gateway

TCP 443

Print Job Routing

External Gateway Service connection to Internal Routing Service.

Off-Network External Gateway

Internal Routing Service Client

TCP 443

Direct IP from Internal Routing Service Client

Internal Routing Service delivery of print job.

Internal Routing Service Client

Output Device/Printer

TCP 9100
Simple Badge Connection Ports

Simple Badge Release

Description

Source

Destination

Destination Port

RFIDeas Ethernet 241 Device

RFIDeas configuration.

Simple Badge Release Service Client

RFIDeas Device

TCP 23

Elatec TCP3 Device

Elatec TCP3 configuration.

Simple Badge Release Service Client

Elatec TCP3 Device

TCP 80/81

Device Communication

Communication between badge readers and Simple Badge Service Client.

RFIDeas/Elatec Device

Simple Badge Release Service Client

TCP 31990

Direct IP Printing from Job Release

Direct IP Printing once the badge reader has triggered the job for release.

Workstation/Client

Output Device/Printer

TCP 9100

CPA Manufacturer Support

CPA Supported Manufacturers

Manufacturer

Authentication Methods

Multifunction Printer (MFP)

Card Reader

Features

Install/Uninstall Ports

Canon - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • Gen 3 models (imageRunner Advance).
  • Latest DX models.
  • Elatec**
  • RFIDeas*
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

TCP 8000, 8443

Fuji Xerox - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • ApeosPort.
  • ApeosPort-V.
  • ApeosPort-VI.
  • ApeosPort-VII.
  • Fuji Xerox IC**
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

TCP 58501

HP - CPA 1.0

  • Manual Login (non-SSO)
  • Badge
  • FutureSmart 4 & 5 devices with touch screen control panel at least 4.3".
  • HP-embedded readers, only.

 

SOAP 7627

HP - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • FutureSmart 4 & 5 devices with touch screen control panel at least 4.3".
  • Elatec**
  • RFIDeas**
  • HP Universal Proximity Card X3D03A**
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

SOAP 7627

Konica Minolta - CPA 1.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge

 

 

TCP 443, 50003

Konica Minolta - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • Elatec**
  • RFIDeas**
  • Omnikey**
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

TCP 50003

Kyocera - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • ECOSYS.
  • TASKalfa.
  • FS Series.
  • Elatec TWN4**
  • RFIDeas**
  • Omnikey**
  • A Card Authentication Kit (CAK) license
  • Secure Release Print
  • Copy/Scan Tracking

TCP 8083, 9090, 9091

Lexmark - CPA 1.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • Virtual Appliance is certified on any device running the 3.x, 4.x, or the 5.x framework.
  • Any card reader that is in keyboard emulation mode.‡
  • Omnikey 5427 CK as a socket connection.

 

 

Lexmark - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • All devices that support eSF6.0 or higher.
  • Elatec**
  • RFIDeas**
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

TCP 443

Ricoh - CPA 1.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • Virtual Appliance is certified by Ricoh on all platform 10.x, 11.x and 12.x devices.
  • We do no support pull printing with a Fiery controller.
  • RFIDeas with a keyboard emulation mode
  • Elatec†

 

 

Ricoh - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • IM Series and MP series with a minimum of Smart Operating Panel 2.0 or higher.
  • Elatec TWN3 & TWN4**
  • RFIDeas**
  • HID Omnikey 5427 & 5428**
  • Inepro**
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

TCP 443, 51443 (Hybrid)

Sharp - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • Essential Series.
  • Advanced Series.
  • Pro Series.
  • Elatec**
  • RFIDeas**
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

TCP 80, 443, 10080, 10443

Toshiba - CPA 1.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge

 

 

 

Toshiba - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • Elatec TWN4**
  • RFIDeas**
  • Omnikey**
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

TCP 10443, 49629, 49630

Xerox - CPA 1.0

  • Manual Login (non-SSO)
  • Badge
  • EIP Level 1.0.
  • EIP 2.0 for badge scanning .
  • EIP 3.0 for Single Sign-On (SSO).
  • Virtual Appliance supports the card readers supported by the individual devices.

 

TCP 433

Xerox - CPA 2.0

  • Manual Login (non-SSO)
  • Single Sign-On (SSO)
  • Badge
  • PIN
  • AltaLink family.
  • Versalink family.
  • Workcentre family.
  • Elatec**
  • RFIDeas**
  • Secure Release Print
  • Copy/Scan Tracking
  • QR Code Display

TCP 443

*If you are using a Universal Serial Bus (USB) card reader for the release of print jobs, some Canon models require the Use MEAP Driver for USB Input Device setting enabled in the USB Settings section.

**Badge readers must be configured as keystroke readers and include a carriage return value at the end.

‡Newer Lexmark devices may require an additional keyboard emulation USB driver. Contact your Lexmark dealer.

†Elatec is unresponsive on first badge scan. Subsequent scans are properly recognized.

CPA Supported Ports

CPA 2 Supported Ports by Manufacturer

Manufacturer

Port

Canon

CPA installation and uninstallation occur from the Service Client to the printer over TCP 8000 and TCP 8443.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Epson

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 443.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988 (and TCP 31987 for scanning).
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Fujifilm

CPA installation and uninstallation occur from the Service Client to the printer over TCP 58501.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100.

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Fuji Xerox

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 58501.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

HP

CPA installation and uninstallation occur from the Service Client object to the printer over SOAP 7627.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Konica Minolta

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 50003.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 80/443.

Communication with WebDAV from the Service Client to the Virtual Appliance instance over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Kyocera

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 8083, TCP 9091 and TCP 9090.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Lexmark

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 443.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Ricoh

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 443 and TCP 51443 for hybrid Android / Java devices.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Sharp

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 80/443/10080/10443.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Toshiba

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 10443, 49629, and TCP 49630.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 80/443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Xerox

CPA installation and uninstallation occur from the Service Client object to the printer over TCP 443.

CPA operation requires two main communication paths:

  • From the printer to the Service Client object over TCP 31988.
  • From the printer to the Virtual Appliance instance (cpp-ui.FQDN_of_Virtual Appliance and cpa-api.FQDN_of_Virtual Appliance) over TCP 443.

Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues).

By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. The installation may fail if the CRL check cannot complete over Port 80.

Simplified Scanning Supported Cloud Storage Providers

You can find configuration details of the listed providers in the Configure the Cloud Storage Connectionsection of the Simplified Scanning documentation.

  • Box
  • Google Drive
  • OneDrive
  • SharePoint

Other

Import Windows Printers

  • Administrator rights and access to connect to administrative shares (Admin$) on the print server are required to import printers from Windows print servers. Network ports to open between the print server and the importing computer include: TCP ports 80, 139, 445; UDP ports 137, 138.