[FAILED] Wake-On-Lan fails over Internet

midnite · Guru Joined: 09 Apr 2006 Posts: 451 Location: Hong Kong

i have just sorted WOL on my Gentoo box (in this post). Now i would like to wake my computer over the Internet, as i am going to study overseas soon.

i guess, as long as i have made it within LAN, it won't be a problem to do it over the Internet. My goal should be letting the magic packet route through the Internet, reach my router at my public IP, and do NAT port forwarding to my box (or just broadcast it within the LAN). Wiki Wake on Internet does say something similar to this.

wah_wah_69 · Tux's lil' helper Joined: 26 Aug 2003 Posts: 145

I've heard about routers blocking magic packets without possibility to fix without a firmware change.

Here's a tcl/tk script for generating/sending the magic packet, it uses by default UDP 32767.

http://wiki.tcl.tk/15423

Searching for on google "wake on lan 32767" hits a lot of interesting results.
_________________
Be good and if you can't be good, be careful.

desultory · Bodhisattva Joined: 04 Nov 2005 Posts: 9410

Moved from Off the Wall to Networking & Security.

dmpogo · Advocate Joined: 02 Sep 2004 Posts: 3468 Location: Canada

Properly, your router should forward the port that Magic Packet generator uses to LAN broadcast address, i.e. 192.168.1.255.
You need to make sure what exactly port the your generator uses. It may not be 7 or 9. For example net-misc/wol uses port 40000
by default (but it allows to choose it to your liking), if man page is to be believed.

Even then, it is not assured that Magic Packet will reach your router, since it may be blocked along the way by ISP routers.

Naib · Posted: Sun Aug 09, 2009 2:24 pm Post subject:

can you remote login to your router?

There are 3 methods I can use to WoL a machine at home when I am elsewhere

1) my router (which I can enable to config on the WAN) has a WoL option
2) my router is linux-based and I can ssh into it
3) I have a server always on which I can ssh into and use a python script to WoL other machines
_________________
#define HelloWorld int
#define Int main()
#define Return printf
#define Print return
#include <stdio>
HelloWorld Int {
Return("Hello, world!\n");
Print 0;

devilheart · Posted: Mon Aug 10, 2009 12:47 pm Post subject:

why don't you set up a vpn? it should be safer if you want to do operations over internet

midnite · Guru Joined: 09 Apr 2006 Posts: 451 Location: Hong Kong

Thanks ALL of you guys for helping!!!

First of all, i would like to ask: Is there anyone can wake their computer by the depicus web-based program?
(this one: http://www.depicus.com/wake-on-lan/woli.aspx)
To prove where is the problem, this is essential as i use that for testing WOL over Internet. So, would you please do me a little favour? :wink:

(i think sending from a pc within LAN to my public IP may not work and may make things complicated)

And also, if i have already set DMZ to 192.168.1.2 (that box), and failed to wake it with the depicus program. Does it mean no hope? (may be as dmpogo said: blocked by the ISP :cry:

)

i have a finding.
- i used the "waker" within LAN, sending to 192.168.1.255, and it works!
- How ever, packet over the Internet, port forwarding to 192.168.1.255, fails.

i have an idea. The magic packet needs to be broadcast because the off-ed computer has no IP yet. (Is it true?) When the router does address resolution on 192.168.1.2, no one (computer) answers. This is because that box still have not recognise itself as 192.168.1.2 yet, or it "sees" only the magic packet, but not responding to the ARP packet. So, port forwarding to 192.168.1.2 will never work. (Is it true?)
And somehow, as wah_wah_69 said, my router is blocking the magic packet, or ignoring port forwarding to 192.168.1.255. (may be)

* this idea is somehow proved by sending to 192.168.1.2 within LAN, but failed to wake.

Naib, thanks for your suggestions. i can login to my router configuration webpage from the Internet. But there is no WOL option. Those webpages are having .asp extension. So i guess it is not Linux and cant SSH. And also, i won't have another computer which will stay on always. In fact, the one i want to wake is the server - which may stay up the longest :lol:

devilheart, i guess my basic router does not have the VPN capability. If i set up the VPN just for waking up the machine, will it be a waste? i guess SSH is still secure nowadays. (i am not sure)

Thanks again for all of your kindly helps!! And also thanks desultory for moving.
_________________
- midnite.

eccerr0r · Posted: Mon Aug 10, 2009 7:33 pm Post subject:

Wake on LAN 'magic' packets tend to not be routed through the internet. It can be encapsulated into a UDP packet that is broadcast on the LAN.

Basically these remote services is depending these UDP packets are sent to the destination network broadcast. If the end router does not support broadcasting UDP then it won't work. Basically you have to have a non-NAT public IP address for your computer for these web services to send WOL packets. There are a lot of reasons why not (I sure don't want random people turning on my computer...)

For the most part I'm not sure how you can specify an end network if your network is on private IP -- it's gated by your router. There's no way to route from remote. The only way you can get this to work is if you install a WOL net client on your router that you can specify to send onto your LAN. Unfortunately most home routers aren't hackable and you're SOL on this. BTW- the poorly named "DMZ" on most routers typically only transmits TCP, and may not broadcast to the NAT address, so still no solution there.

If you have a Linux router, things get interesting. Assuming you don't have a Linux router, for the most part, I've found WOL to be fairly unreliable anyway, and simply leave my machine on. I was away from my machine for about a year and it was OK all alone... If you really need a low power solution, get a low power PC to run 24/7 that you can log into, and have that machine send WOL packets to your higher powered PC. And that 'low power pc' can be your Linux router, which is why it's "interesting"

midnite · Guru Joined: 09 Apr 2006 Posts: 451 Location: Hong Kong

done with port 8900

_________________
- midnite.

midnite · Guru Joined: 09 Apr 2006 Posts: 451 Location: Hong Kong

The situation was:

i updated the official firmware of my router.
my settings preserve except one: i did port forwarding of port 7 and 9 to 192.168.1.2 (or .255? i cant remember well). But now it changed to forward port 8900 to 192.168.1.2
my public IP has changed also because of my update.
so i use the depicus waker with my new IP and port 8900 and try.
then it works! It works, it works, it works, it worked for a few times also. Yet after about half an hour, i would like to try again. It fails, until now
i wonder if it works for a new IP. So i did disconnect, wait for a while, reconnect to get a new IP. Yet i still have not succeeded with it.

_________________
- midnite.