If you need to support printing from one subnet to another, configuring print capability can be difficult if you use a firewall at the gateway. If you do use a firewall, opening ports to allow printing across the gateway can lead to security risks. In addition, enabling users to easily locate and user printers can be difficult because of name broadcast restrictions.

A perfect solution to such situations is the Internet Printing Protocol (IPP), included with Windows 2000 and later. When you install Internet Information Services (IIS) on Windows 2000 Server, the setup process automatically adds a virtual directory named Printers to the default Web Site. This virtual directory points to the physical folder %systemroot%\Web\Printers, which contains the files necessary to enable users to manage and print to printers hosted by the server. (In Windows Server 2003, you must add Internet Printing from the Add Or Remove Programs applet.)

IPP uses port 80, which is open in most firewalls, making it possible for users to print through IPP across network segments or even across the Internet. For example, you could use IPP as a no-cost alternative to faxing between branch offices. Rather than faxing documents, just print them on the remote office's printer.

With IIS and the Printers virtual directory installed, you can add printers to the target server as needed. (Keep in mind that the printers must be local to the server.) Windows automatically makes the printers available through IPP when you add the printers.

To use or manage the printers, just connect to http://<server>/Printers, where <servers> is the IP address or fully qualified domain name of the server hosting the printers. Use the resulting Web page to manage or connect to the remote printer.