Site-to-Site VPN and printing to remote printer

Sophos XG to Meraki Site to Site IPSec VPN

Firewall VPN to LAN and VPN to LAN created, everything seemed ok, except that users at XG site cannot print to remote printer.  We can ping the printer and bring up the HTTP page for the printer.  We can see the print job spooled, but no output is printed.

Ran a packet capture, the output is below.

What does 'Violation' mean? I've never seen that before.

Do I need a NAT rule to allow full communications between sites?

If I do, what would it look like?  Thats the part that is confusing me, never had to do this before.

Edited TAGs
[edited by: emmosophos at 10:29 PM (GMT -8) on 2 Dec 2022]