Last updated: September 04, 2024
Requirements & Supported Environments
Third-Party Vendor Policy - Virtual Appliance works with third-party products listed below—so long as the vendor continues to support them. However, when they reach “end of life” (as defined by the vendor), we can no longer support them. If this occurs, we suggest you upgrade to a newer version. We define third-party software support as “mainstream support,” not any extended support options a company like Microsoft may offer.
Security Compliance
To see full details about our compliance against global standards, certifications policies and more visit the Vasion Trust Center.
Minimum Server Requirements
Resource usage may increase depending on configured features and user count. Use the recommendations below when creating your Virtual Appliance, but continue to monitor the CPU and RAM utilization and allocate additional resources as needed.
- Four 3.5-4.0 GHz processors. Add two 3.5 GHz processors for each additional 15,000 users.
- 16 GB RAM for up to 15,000 users.
- Add 2 CPUs / 8GB RAM for each additional 15,000 users.
- Add a minimum of 2 CPUs and 4GB RAM if using the Internal Service Client.
- Add 2 CPUs and 4GB RAM per 500 CPA / Simple Badge Release installations.
- 80GB free hard disk space for the host disk.
- There should be 50GB of free hard disk space on the persistent storage disk (add 4GB for every 100 printers).
- NT LAN Manager (NTLM) v2 must connect to the Virtual Appliance's appliance-storage shared folder.
Security Protocols
Virtual Appliance only supports NTLM2 for connections to the SMB share.
Allow List URLS
|
URL |
Purpose |
|---|---|
|
portainer. |
Portainer UI used by Product Support to troubleshoot the Virtual Appliance on a container level, if needed. |
|
agent-api. |
Currently the gateway used for SNMP Simple Network Management Protocol - Protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and more. service. Soon will replace cpp-ui.app. |
|
gw. |
Serves as the gateway for IdPs, LDAP Lightweight Directory Access Protocol. As the name suggests, it is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection oriented transfer services., SCIM System for Cross-domain Identity Management. It's an open standard designed to manage user identity information between identity domains or IT systems., APIs, and Quota Management. |
|
cpp-ui. |
Serves as the Gateway between the Service Client, the user Interface for the CPA, and your Virtual Appliance instance. |
|
cpa-api. |
Serves as the gateway for Control Panel Application (CPA) service. Soon will replace ccp-ui. |
|
cdn. |
Primary gateway for content delivery network - (AWS, CloudFront), and other static assets such as UI pages. |
|
edw. |
Primary gateway for Enterprise Data Warehouse (EDW). Used to offload data for analytics. |
|
traefik. |
Primary gateway used for communication inside your Virtual Appliance instance. |
Off-Network Printing
Virtual Appliance Self-Hosted External Gateway
Instance FQDN- gw.
Instance FQDN Self-Hosted gateway URL
Supported Authentication Methods
Virtual Appliance is designed to support a wide range of identity providers for authentication and authorization within the product. Here are the supported provider options and their respective configuration pages for your reference.
- LDAP
- IdP
Active Directory (No LDAP Domain connection) provides basic authentication to the Self-service Portal for Active Directory users on domain-joined devices with the Virtual Appliance client installed.
To use Active Directory or Oracle for identity management within your organization, an LDAP Domain connection is required to enable certain functionality, such as authenticating to the Admin Console or Mobile app and secure release printing. Environments using LDAP for Control Panel Application (CPA) authentication also require an Identity Sync configuration.
An Identity Provider (IdP) provides user authentication and authorization to the consoles and features. Vasion Print supports multi-tenant environments using multiple IdPs. Supported IdPs are:
Supported Hypervisors
- AWS *
- Azure
- Google Cloud
- Hyper-V
- VMware (ESXi, vCenter, Workstation Pro, Fusion)
Supported Mobile OS
- iOS 15, 16, and 17.
- iPadOS 15, 16, and 17
- Android 11, 12, 13, and 14.
Type 4 Drivers
It's crucial to understand that type 4 drivers are incompatible with TCP/IP printer objects when implementing Virtual Appliance. This is because they disable port monitoring, a key feature our application relies on. A TCP/IP printer installed on a workstation and using a type 4 driver can impact printing. Other printers, such as USB or software printers (Adobe, Microsoft XPS, etc.), can still use type 4 drivers without impacting printing.
Supported IPP Version
- 2.0
Printing with a mobile device requires access through two specific TCP ports: Port 631 and Port 80.
Virtual Appliance Client OS Hardware
The Virtual Appliance Client supports the following operating systems.
Virtual Appliance does not control the Client version in IGEL. Since the Client version may not always be the latest, it's important to recognize that each version has unique features and fixes.
|
x86 |
x64 |
Other |
|---|---|---|
|
Windows 10/11 |
Windows 10/11/2016/2019/2022 |
ChromeOS 109+ |
|
|
macOS 12 (Monterey) macOS 13 (Ventura) macOS 14 (Sonoma) |
IGEL-OS 11 |
|
|
Ubuntu Linux (LTS) 18.04 Ubuntu Linux (LTS) 20.04 Red Hat 7 Red Hat 8 |
|
Client workstation installation requires an operating system with a minimum of 100MB of free hard disk space. Print drivers may require additional space.
ARM processors are not currently supported for Admin Console machines and end user workstations.
Chromebook OS Client
The ChromeOS Client is only compatible with Google Identity service. It will not work with other IdPs.
You can find the Chromebook Client in the Google Admin Console listed as Extension ID: llhfdhidddepenjnklbngmapjohlbekh
Antivirus Exclusions for Client Stability
To prevent antivirus scans from affecting essential client components, please refer to the Antivirus Exclusions topic for a list of folders and sub-folders to exclude.
Supported SNMP Versions
If SNMP Simple Network Management Protocol - Protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Devices that typically support SNMP include cable modems, routers, switches, servers, workstations, printers, and more. is enabled, Virtual Appliance leverages metadata to ensure precise reporting, SNMP information retrieval, Pull Print/Secure Release Print functionality, and local user identities and email address synchronization. For a comprehensive list of the collected metadata and concise descriptions of their use cases see the Metadata Collected by Virtual Appliance topic.
- SNMP v1
- SNMP v2
- SNMP v3
Supported Browsers
- Microsoft Edge (Chromium)
- Safari 15, 16
- Firefox 3+ and current release
- Google Chrome 88+
Browser Extensions
- Edge (Chromium)
- Chrome
- Chromebook OS
- Firefox
Find the Edge (Chromium) extension in the Microsoft Store listed as the PrinterLogic Extension v x.x.x.x. This extension is currently only supported for Windows OS. Visit the Microsoft Edge (Chromium) Extension documentation for more information on installing it.
Prerequisites for Edge (Chromium) to function correctly:
- Virtual Appliance Client version 25.0.0.481 or later.
- PrinterInstaller service version 5.0.6155 or later.
- Edge Browser version .88 or later.
- Using Windows OS. (macOS is not supported currently)
Find the Chrome extension in the Chrome Web Store listed as the PrinterLogic Extension vx.x.x.x.
The Chromebook extension can be found in the Google Admin Console listed as Extension ID: llhfdhidddepenjnklbngmapjohlbekh
Open the Firefox browser and browse to https://www.printerlogic.com/browser-extension/ to install the extension.
Network Connection Ports
- General Ports
- Mobile App Ports
- Off-Network Ports
- Simple Badge Release Ports
|
General Features |
Description |
Source |
Destination |
Destination Port |
|---|---|---|---|---|
|
Printing |
Direct IP printing from the end workstation to the printer. |
Client/Workstation |
Output Device/Printer |
TCP 9100 |
|
Chromebook Printing |
Driverless IPP printing from the Chromebook device. |
Chromebook |
Output Device/Printer |
TCP 631 |
|
LDAP Authentication |
LDAP User look up for user authentication. |
Client/Workstation |
LDAP Server |
TCP 636 |
|
SNMP Monitoring |
Output Device/Printer monitoring and reporting. |
SNMP Service Client |
Output Device/Printer |
UDP 161, 162 |
|
Windows Printer Server Import |
Tool for importing printers into a new instance. |
Windows Print Server |
Instance/Client |
TCP 80, 139, 445 and UDP 137, 138 |
|
Virtual Appliance Mobile App |
Description |
Source |
Destination |
Destination Port |
|---|---|---|---|---|
|
Direct IP |
Releasing "held" workstation print jobs using the mobile app. |
Client/Workstation |
Output Device/Printer |
TCP 9100 |
|
IPP Printing |
Printing directly from the mobile device using the mobile app. |
Mobile Device |
Output Device/Printer |
TCP 631/80 |
|
Off-Network Printing |
Description |
Source |
Destination |
Destination Port |
|---|---|---|---|---|
|
Print Job Submission |
Printing from Off-Network Device. |
Workstation/Client |
Off-Network External Gateway |
TCP 443 |
|
Print Job Routing |
External Gateway Service connection to Internal Routing Service. |
Off-Network External Gateway |
Internal Routing Service Client |
TCP 443 |
|
Direct IP from Internal Routing Service Client |
Internal Routing Service delivery of print job. |
Internal Routing Service Client |
Output Device/Printer |
TCP 9100 |
|
Simple Badge Release |
Description |
Source |
Destination |
Destination Port |
|---|---|---|---|---|
|
RFIDeas Ethernet 241 Device |
RFIDeas configuration. |
Simple Badge Release Service Client |
RFIDeas Device |
TCP 23 |
|
Elatec TCP3 Device |
Elatec TCP3 configuration. |
Simple Badge Release Service Client |
Elatec TCP3 Device |
TCP 80/81 |
|
Device Communication |
Communication between badge readers and Simple Badge Service Client. |
RFIDeas/Elatec Device |
Simple Badge Release Service Client |
TCP 31990 |
|
Direct IP Printing from Job Release |
Direct IP Printing once the badge reader has triggered the job for release. |
Workstation/Client |
Output Device/Printer |
TCP 9100 |
CPA Manufacturer Support
|
Manufacturer |
Authentication Methods |
Multifunction Printer (MFP) |
Card Reader |
Features |
Install/Uninstall Ports |
|---|---|---|---|---|---|
|
|
|
|
TCP 8000, 8443 |
|
|
|
|
|
TCP 58501 |
|
|
|
|
|
SOAP 7627 |
|
|
|
|
|
SOAP 7627 |
|
|
|
|
|
TCP 443, 50003 |
|
|
|
|
|
TCP 50003 |
|
|
|
|
|
TCP 8083, 9090, 9091 |
|
|
|
|
|
|
|
|
|
|
|
TCP 443 |
|
|
|
|
|
|
|
|
|
|
|
TCP 443, 51443 (Hybrid) |
|
|
|
|
|
TCP 80, 443, 10080, 10443 |
|
|
|
|
|
|
|
|
|
|
|
TCP 10443, 49629, 49630 |
|
|
|
|
|
TCP 433 |
|
|
|
|
|
TCP 443 |
*If you are using a Universal Serial Bus (USB) card reader for the release of print jobs, some Canon models require the Use MEAP Driver for USB Input Device setting enabled in the USB Settings section.
**Badge readers must be configured as keystroke readers and include a carriage return value at the end.
**Newer Lexmark devices may require an additional keyboard emulation USB driver. Contact your Lexmark dealer.
†Elatec is unresponsive on first badge scan. Subsequent scans are properly recognized.
CPA Supported Ports
|
Manufacturer |
Port |
|---|---|
|
Canon |
CPA installation and uninstallation occur from the Service Client to the printer over TCP 8000 and TCP 8443. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Fujifilm |
CPA installation and uninstallation occur from the Service Client to the printer over TCP 58501. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100. By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Fuji Xerox |
CPA installation and uninstallation occur from the Service Client object to the printer over TCP 58501. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
HP |
CPA installation and uninstallation occur from the Service Client object to the printer over SOAP 7627. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Konica Minolta |
CPA installation and uninstallation occur from the Service Client object to the printer over TCP 50003. CPA operation requires two main communication paths:
Communication with WebDAV from the Service Client to the Virtual Appliance instance over TCP 443. Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Kyocera |
CPA installation and uninstallation occur from the Service Client object to the printer over TCP 8083, TCP 9091 and TCP 9090. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Lexmark |
CPA installation and uninstallation occur from the Service Client object to the printer over TCP 443. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Ricoh |
CPA installation and uninstallation occur from the Service Client object to the printer over TCP 443 and TCP 51443 for hybrid Android / Java devices. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Sharp |
CPA installation and uninstallation occur from the Service Client object to the printer over TCP 80/443/10080/10443. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Toshiba |
CPA installation and uninstallation occur from the Service Client object to the printer over TCP 10443, 49629, and TCP 49630. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
|
Xerox |
CPA installation and uninstallation occur from the Service Client object to the printer over TCP 443. CPA operation requires two main communication paths:
Everyday printing communication occurs from the workstation to the printer over TCP 9100 (or TCP 515 for LPR queues). By default, Certificate Revocation List (CRL) checks occur over TCP 80 from the Service Client. |
Scan To Supported Cloud Storage Providers
Configuration of the listed providers can be found in the Configure the Cloud Storage Connection section of the Simplified Scanning documentation.
- Box
- Google Drive
- OneDrive
- SharePoint
Other
- Import Windows Printers: Administrator rights and access to connect to administrative shares (Admin$) on the print server are required to import printers from Windows print servers. Network ports to open between the print server and the importing computer include: TCP ports 80, 139, 445; UDP ports 137, 138.
-
Released: September 3rd, 2024
-
Updated Supported ChromeOS Version
Supports ChromeOS 109+
-
New Mobile App Releases
Released: August 26th, 2024 -
New Host and Application Builds
Released: 8/20/2024
Updated Client Versions Included
-
Set Up Using VMM
Now Supporting Linux KVM Environments