Wake on Lan

agent_paul · 28 Mar 2009 at 19:59

Hi guys,

my server's hardware is specifically setup so that it would use minimal power but have decent performance.

one thing i need to be more "green" is Wake on Lan. but for some reason i cant seem to make it work over the net (although it works fine over the internal network).

so my question is, does anyone use WoL over the net? if so how???

thanks!

sparkey196 · 28 Mar 2009 at 21:59

By "net", do you mean the internet? I'm guessing that you are trying to send the magic WOL packet across some kind of router which simply may not be possible. Most firewalls will not allow you to send packets to the broadcast address for security reason - although there are workarounds in some cases.

Perhaps you could remote into another server or workstation on the same broadcast domain as the server you want to wake up and send the command from there? If your firwall supports VPN, that would be another nice secure option.

agent_paul · 28 Mar 2009 at 22:58

Hi sparkey, thanks for the advice. yep by net i meant internet. logging onto another machine to wake my old one was my previous solution to this problem. but seeing as im getting rid of both of them that wont work anymore.

i havent much experience with VPN's so ill have a look at those. i think my router supports it so i should be fine.

thanks!

sparkey196 · 29 Mar 2009 at 00:55

No Probs. Once you have the VPN set up, which can be a pain in itself, you will be on easy street.

iaind · 29 Mar 2009 at 11:38

VPNs should be relatively straight forward to set up...

Some routers support sending a WOL packet themselves, so you might be able to enable remote admin so you can connect to the router over https and send the packet from there. If you're feeling really fancy you could even script it

agent_paul · 29 Mar 2009 at 14:40

ok, well i've spent some time reading the specs of my router and it supports vpn pass through or something like that. which as i understand it, is something i dont really want.

i havent spent much time reading up vpn's but as i understand it, its something like a server daemon that allows you to connect and act like your on the private network. sounds all too much work to just wake up a machine

iaind · 29 Mar 2009 at 17:33

agent_paul said:
ok, well i've spent some time reading the specs of my router and it supports vpn pass through or something like that. which as i understand it, is something i dont really want.

i havent spent much time reading up vpn's but as i understand it, its something like a server daemon that allows you to connect and act like your on the private network. sounds all too much work to just wake up a machine

VPN passthrough just allows you to run an IPSEC/PPTP host behind the firewall.

Any half decent host will support incoming VPN tunnels, even cheaper netgears do it - it really isnt very complicated.

If you tell us what router you've got, we might be able to give more helpful advice

bremen1874 · 29 Mar 2009 at 17:56

You should be able to WOL over the Internet without resorting to setting up a VPN.

This site has some useful information.

iaind · 29 Mar 2009 at 19:12

bremen1874 said:
You should be able to WOL over the Internet without resorting to setting up a VPN.

This site has some useful information.

How would you suggest doing that? Considering WOL packets are directed at MAC addresses so you need to be in the same broadcast domain

bremen1874 · 29 Mar 2009 at 20:19

Okay I just managed to WoL one of my machines from the Internet.

I opened an UDP port (7 in this case) on my router and forwarded to the IP of the machine I wanted to wake up.

I then used the tool here to send the magic packets.

I entered:
The MAC of the machine to WoL.
My WAN IP address (static in my case).
Subnet mask of 255.255.255.255
The number of the port I'd opened.

Edit:

I've just realised that it was a fluke. Obviously if the machine is off then it hasn't got an IP address so there's nothing tp port forward to. I assume it worked the first time because I didn't wait long enough and the router hadn't released the IP.

sparkey196 · 29 Mar 2009 at 21:05

What router have you got exactly?

Have you tried forwarding udp port 9 to the broadcast address (e.g 192.168.1.255). Some routers are hard coded not to allow this for obvious security reasons.

bremen1874 · 29 Mar 2009 at 21:51

I'm using a Netgear DG834G with DGTeam firmware. It doesn't let you port forward to the .255 broadcast address; a quick Google found plenty of people with the same problem.

I'm sure if I had a router that would port forward to .255 then WoL over the Internet would work. It should just be a matter of...

1. Opening a UDP port and forwarding it to .255
2. Sending the magic packets to the router's WAN address (with a 255.255.255.255 mask to make sure the packets only go to the single address).

agent_paul · 29 Mar 2009 at 23:45

i've got a belkin n1 vision, ive noticed a lot of people on forums etc having issues with VPN's on it....

i havent setup my router to open a UDP port to .255 but instead was pointing that port to my machine, so thats gotta change.

when i have a chance, ill give it a go. just dont want to risk changing router settings when i only have remote access.

sparkey196 · 29 Mar 2009 at 23:58

bremen: I've not heard of DGTeam but doesnt it provide some kind of ssh shell like openwrt? Simply login to the shell and run "wake".

agent_paul: That router has no vpn support so you will need to abandon that idea. I'm doubtful that you can forward to .255. Perhaps you can forward rule to .254 then change the router's subnet mask so that this becomes the broadcast address. hope this makes sense.

bremen1874 · 30 Mar 2009 at 00:15

sparkey: I was only playing with this because I thought it should be possible. I may have a use for WoL at a client site, but they're running business class routers which should allow for the required configuration changes.

The DGTeam firmware actually has a dedicated WoL facility. You need to enable external access to the router configuration pages, and then you can login and send the magic packets from the router.

agent_paul · 30 Mar 2009 at 09:40

Hi sparkey,

i gave it a go but got stuck with changing the subnet mask address. the broadcast address (what it the terminal says when i type ifconfig) is 192.168.2.255 but logging onto my router and going in to change the subnet mask only allows me to change the last numbers (i.e. 255.xxx.xxx.xxx x's can only be changed).

so should i go about changing the broadcast address too so that they match to somthing like 255.xxx.xxx.254?

cokecan · 30 Mar 2009 at 10:40

I looked into this a while ago and found that at least for my old Lynksys WRT54G router I had to set the subnet mask to 255.255.255.128 in order to broadcast on 192.168.0.127. Setting the subnet to .128 alters the broadcast address to .127 and not .255

Then I just forwarded port UDP 9, however I cant remember what IP I forwarded that too? a lot of people say to forward it to the IP of the PC you want to wake up but while it's turned off, the PC doesnt have an IP so I'm not sure how that works? other say forward it to the broadcast IP etc. Even when I had it set up, it only worked about half the time and so I just abandoned the idea

Hope this is of some help

iaind · 30 Mar 2009 at 12:28

cokecan72 said:
I looked into this a while ago and found that at least for my old Lynksys WRT54G router I had to set the subnet mask to 255.255.255.128 in order to broadcast on 192.168.0.127. Setting the subnet to .128 alters the broadcast address to .127 and not .255

Then I just forwarded port UDP 9, however I cant remember what IP I forwarded that too? a lot of people say to forward it to the IP of the PC you want to wake up but while it's turned off, the PC doesnt have an IP so I'm not sure how that works? other say forward it to the broadcast IP etc. Even when I had it set up, it only worked about half the time and so I just abandoned the idea

Hope this is of some help

You might be able to forward to the broadcast address, not sure. If you forward to the IP of the PC it MIGHT work because it might be in the ARP cache

CatMangler · 28 Apr 2009 at 08:38

I have had similar problems with WAL from a remote host, i.e. from the internet.

Never really found a solution with my setup, the magic packet approach will work providing the MAC address resides in the ARP table. Once it has expired magic packet will not work.

Essentially you need a router that can hold static ARP entries or be able to add them on the fly.

If you are lucky enough to own a Linksys WRT54G Ver 1 & 2 there is a hacked version of the BIOS, Flash it with DD-WRT ver 23sp2micro and you can add static ARP entry's. Magic packet will then work flawlessly.

Hope this helps

Skidilliplop · 28 Apr 2009 at 10:42

bremen1874 said:
Okay I just managed to WoL one of my machines from the Internet.

I opened an UDP port (7 in this case) on my router and forwarded to the IP of the machine I wanted to wake up.

I then used the tool here to send the magic packets.

I entered:
The MAC of the machine to WoL.
My WAN IP address (static in my case).
Subnet mask of 255.255.255.255
The number of the port I'd opened.

Edit:

I've just realised that it was a fluke. Obviously if the machine is off then it hasn't got an IP address so there's nothing tp port forward to. I assume it worked the first time because I didn't wait long enough and the router hadn't released the IP.

You can possibly get around this by using indefinite DHCP leases or static ARP entries.
By far the tidiest way would be to use a layer 2 tunneling VPN like L2TP or PPTP that will (in theory at least) put you on the same broadcast domain as the target machines. PPTP VPNs can be set up very easily on XP machines, I think XP might support L2TP aswell though I've never tried it.
Downside is you'll have to have one PC on to act as VPN server so it depends on how many PCs you have that you need to wake up whether that becomes viable.