if you know the remote network (remote but linked to your local networks), you can add this remote network as a trusted network (a lot of nethserver applications works with it, for example nethserver-fail2ban)
Yup, that’s obvious, but use VPN also need a OpenVPN account user-based firewall rule; also IPP supports encryption on connection (IPP over HTTPS) so … IMO, maybe there’s a “less access way to do it” using only Cups and IPP
Yes and no. If i add the remote network as “trusted network” i also need some firewall rules to “disable” access from that remote network, so that’s not the goal.
Consider the option for allow printing from hotspot interface.
A remote warehouse or facility not lan-connected with the headquarters that have to generate written reports of activities, without using email. I know that nowadays many MFP’s integrate an IpSec Client so maybe it’s needed only to throw over there the hardware, network connected and able to open a IPsecTunnel but… do NethServer support “like roadwarrior” ipsec connections.
I know that i could realize a little subnet of 2 hosts plus gateway and broadcast for deliver an IpSec connected device but… if i already have cups and user auth… why?