WOL over internet not working

[frietlied]

Hello everybody,

I have recently been trying to get my WOL to work over the internet but I havn't succeeded yet.
First of all I would like to know if it's even possible to do it on my setup. I'm using the default router from my provider (telenet from belgium) and it does not offer many options to configure it so I don't know if it's even compatible with Wake on Wan.

The WOL itself works but when I try to use it the internet it does not work anymore after +- 1 minute after shutdown of the computer. I am now using my android phone and a wake on lan app to wake it up. I have already tried to get a static ip in de arp table via some netsh commands, but that does not seem to change anything.

If anyone could help me, that would be great

Thank you

 

[jsmithepa]

In order for Internet WOL to work, your Internet router must be able to do PORT FORWARDING. On some routers this shows up as NAT/Gaming or similar. Basically there must be a configuration on this router that says, "Any Internet request from port 7-9 (standard WOL ports) send this request to THIS LAN box," where THIS=the box responding to the WOL and must have a static LAN IP.

 

[bill001g]

There really is not such thing wake on WAN so you have to hack it to make it work. Obviously if you have been setting static arp entries you have seen some of the discussion of what the issue is. The static arp needs to go in the router unfortunately.

So what you need to accomplish is you send data to your router and it translates that into a broadcast packet. Very technically there are no ip addresses involved since the pc could boot and get a IP via dhcp.

What makes this hard is some devices will accept packets that do not meet the standard and some only accept packets that meet the rules exactly.

Generally the way you do this is put in a port mapping to some dummy ip address.....they used to map it to the actual broadcast address of the subnet but many routers prevent that due to denial of service attacks. Then you need to put in a static arp entry for that ip mapped to the mac FF:FF:FF:FF:FF:FF To a point you have now opened yourself up to attack again but hopefully nobody guesses the port.

The way this used to be done with servers (before the ILO ports became standard) was you put in a machine whose job it was to send these packets. You would ether remote desktop into it or have a special web page and then have it send the packets on the local network. Tends to be much more secure and was really sending real WoL packets in the proper format.

 

[frietlied]

In order for Internet WOL to work, your Internet router must be able to do PORT FORWARDING. On some routers this shows up as NAT/Gaming or similar. Basically there must be a configuration on this router that says, "Any Internet request from port 7-9 (standard WOL ports) send this request to THIS LAN box," where THIS=the box responding to the WOL and must have a static LAN IP.

Thanks for the answer but I have already portforwarded my router on the ports 7 and 9 (both UPD and TCP).

 

[frietlied]

There really is not such thing wake on WAN so you have to hack it to make it work. Obviously if you have been setting static arp entries you have seen some of the discussion of what the issue is. The static arp needs to go in the router unfortunately.

So what you need to accomplish is you send data to your router and it translates that into a broadcast packet. Very technically there are no ip addresses involved since the pc could boot and get a IP via dhcp.

What makes this hard is some devices will accept packets that do not meet the standard and some only accept packets that meet the rules exactly.

Generally the way you do this is put in a port mapping to some dummy ip address.....they used to map it to the actual broadcast address of the subnet but many routers prevent that due to denial of service attacks. Then you need to put in a static arp entry for that ip mapped to the mac FF:FF:FF:FF:FF:FF To a point you have now opened yourself up to attack again but hopefully nobody guesses the port.

The way this used to be done with servers (before the ILO ports became standard) was you put in a machine whose job it was to send these packets. You would ether remote desktop into it or have a special web page and then have it send the packets on the local network. Tends to be much more secure and was really sending real WoL packets in the proper format.

Thank you for the anwser, but I do not quite seem to follow you here (not such a pro in all this stuff). What should I exactly do? When I added a static entry in the arp table, I did it with the ip and mac adress of the pc that I wanted to wake up. Should I do it with an other ip and mac adress? What do you mean with dummy Ip address?

 

[bill001g]

All this needs to be done in the ROUTER which you may not be able to do. How exactly will depend on the router....many people load third party firmware so they can do things like set static arp entries.

The PC is asleep so can not do anything other than wait for the special packet.

The problem is a packet comes in for say port yy. You have that mapped to ip zz.zz.zz.zz port yy The router looks in his arp table and finds nothing for zz.zz.zz.zz because it times out in about 15 minutes and issues a ARP request. The PC is asleep so it does not respond and the router drops the packet.

Now some people put in a static arp entry for the IP of the PC and the actual mac. That does not always work for a bunch of technical reasons that would take forever to explain. It does work sometimes which is why you see it. It is better to put a static arp entry in that maps to a broadcast mac. The problem is you only want traffic for this one special thing to go to the broadcast mac not all the traffic so you need a different IP than the pc is really going to use once it is active.

 

[jsmithepa]

I myself did not have to do a manual ARP, nor did I used the broadcast address. I did a straight port forward to my box and used the DEPICUS web App, with a mask of 255.255.255.255.

Guess it may depend on your equipment.

 

[frietlied]

All this needs to be done in the ROUTER which you may not be able to do. How exactly will depend on the router....many people load third party firmware so they can do things like set static arp entries.

The PC is asleep so can not do anything other than wait for the special packet.

The problem is a packet comes in for say port yy. You have that mapped to ip zz.zz.zz.zz port yy The router looks in his arp table and finds nothing for zz.zz.zz.zz because it times out in about 15 minutes and issues a ARP request. The PC is asleep so it does not respond and the router drops the packet.

Now some people put in a static arp entry for the IP of the PC and the actual mac. That does not always work for a bunch of technical reasons that would take forever to explain. It does work sometimes which is why you see it. It is better to put a static arp entry in that maps to a broadcast mac. The problem is you only want traffic for this one special thing to go to the broadcast mac not all the traffic so you need a different IP than the pc is really going to use once it is active.

Again, thanks for replying. What exactly should this broadcast ip and mac be? Is this a pc that's always running on the network?

 

[bill001g]

If you have a pc that is always running it would be better to just remote desktop into that and generate the WoL to wake the other machine.

This is all a hack, you are trying to trick the router into sending the special WoL packet to the broadcast MAC address.

The mac address is FF:FF:FF:FF:FF:FF. You must have some IP address or the port mapping won't work....you can't port map to a mac address directly. So you just pick anything that is not being used. 192.168.1.250 for example if you network is 192.168.1.1