I hope you're at least using HTTPS, because it's a bit risky leaving your router accessible from the internet side, esp. w/ HTTP. HTTP means your username/password is passed in the clear.
In the case of dd-wrt, I’d encourage setting up a PPTP VPN server, or even better, OpenVPN/SSH server w/ private/public key pairs. All of these place you on the local network so you can generate the magic packet as a local user (I use the Linux ether-wake command specifically for this purpose). And because these are general purpose tools, you can use them for many other purposes (e.g., internet proxy).
As far as WOL only working a few times, that’s because the router is working off its ARP table/cache. But that’s flushed after about 10 mins once the device is turned off. And then WOL becomes inaccessible for that device. So it’s inherently unreliable.
The problem w/ sending the magic packet over the router’s WAN interface is that most routers (including dd-wrt) don’t allow access to the broadcast address of your network (x.x.x.255). But there are instructions available that work around this limitation.
http://www.dd-wrt.com/wiki/index.php/WOL
I currently use this method w/ both dd-wrt and tomato routers, works very well. Requires only clicking a link to wake any PC, which is particularly handy for mobile devices (e.g., iPhone).
There are many ways to deal w/ WOL, some better than others.