Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wake On Lan (over the internet)


  • Please log in to reply
13 replies to this topic

#1 Bellzemos

Bellzemos

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 05 March 2015 - 10:46 PM

Hi!

I am able to Wake On Lan a remote PC - but only on the same LAN.

I would like to be able to do it over the internet or at lease to a different subnet for starters.

How would I go about it? I've opened port 9 in the router of the subnet for the remote computer's IP but it doesn't work. I've tried a couple Magic Packet sender programs but it won't work with any.

Please help. :)



BC AdBot (Login to Remove)

 


m

#2 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:49 AM

Posted 06 March 2015 - 01:03 AM

Consumer routers typically don't allow this. There a lot of crazy methods out there that may or may not work. Best solution is to buy a DDWRT router or flash the firmware on a router that can hold it. The DDWRT had a WOL utility in it and you can remote manage the router and execute the WOL command to the LAN side. Or use SSH or Openvpn as well. Other methods are hacking the java gui interface in the router to accept a x.x.x.255 entry. Another method is a go between machine like a low powered Rasberry PI. Another method I read was setting up the WOL pc and a printer behind a HUB not a switch. Once the packet is forwarded to the printer it hits the HUB and it broadcasts to all on the HUB. Again, all these methods may or may not work. Generally everything dies at the NAT router which is best to do the WOL from there because essentially a router is a PC like a Rasberry PI. Maybe you could use a Rasberry PI as a sonic wall and just login to it and execute a WOL to the pc you need. Then team viewer or RDP through a SSH tunnel.

 

Other tips... disable keyboard error halts, this way you can just throw a pc cube in the corner and still remote into it. Also, change the loss of power options in the bios so it powers down or reboots whichever you prefer. Check that the nic has +5 standby voltage and still remians lit up after S5 powered down state. Some older pc's still dont light up the nic but +5 is still there. Another way to check the USB ports if they charge devices. S5 is best because sometimes the standby or hibernation chatter on the network will wake the pc. I had the problem on a older motherboard. Enablling WOL in the bios should also turn on +5 standby voltage. Some old nics and pc's, the nic needs a cable to a +5 voltage header pins on the motherboard. That's about all I can think of for now, unless others have solutions.



#3 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 06 March 2015 - 12:05 PM

I see. The router in question here (the one leading to the subnet through which I want to wake a PC - through WAN port of the router) is Belkin N150 (F9K1009 v1). Reading the DD-WRT site I see that it isn't mentioned there. I tought that waking a computer over WAN would be easier.

 

How can I use SSH, what do I need for that to be able to wake a PC over WAN? I can forget about Rasberry PI or anything that would cost me money since this is just for fun and learning, I don't want to spend any money on WOL. And I would like to use Windows' own proprietary services, not Teamviewer or anything else. So RDC and a freeware WOL Magic Packet sender. I've tried some but none worked. On my LAN yes, over WAN, no. :(

 

Thank you for all the other tips too, I've managed to wake it over LAN so I'm familar with the most.



#4 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:49 AM

Posted 06 March 2015 - 11:16 PM

I see. The router in question here (the one leading to the subnet through which I want to wake a PC - through WAN port of the router) is Belkin N150 (F9K1009 v1). Reading the DD-WRT site I see that it isn't mentioned there. I tought that waking a computer over WAN would be easier.

 

How can I use SSH, what do I need for that to be able to wake a PC over WAN? I can forget about Rasberry PI or anything that would cost me money since this is just for fun and learning, I don't want to spend any money on WOL. And I would like to use Windows' own proprietary services, not Teamviewer or anything else. So RDC and a freeware WOL Magic Packet sender. I've tried some but none worked. On my LAN yes, over WAN, no. :(

 

Thank you for all the other tips too, I've managed to wake it over LAN so I'm familar with the most.

As metioned earlier most routers block WOL and for good reason. Some routers can be flashed for DDWRT, Tomato etc. This typically means that you have to buy into a more robust router that may or may not have those features, but could support features that DDRT offers. You can google for top rated DDWRT Wireless N, AC routers and you'll get lots of hits. Then shop around for one already flashed or one you can do yourself. Amazon.com is a good place to search for those.

 

SSH doesn't have anything to do with WOL. It has to do with securing your RDP session so hackers wont get ya. SSH is just one of many ways to securely tunnel RDP sessions. RDP has RC4 built into it and once the connection is made it's safe to use. However, during the process of connecting it is vunerable to man in the middle attacks, which leads to brute force attacks and passing the hash exploit to pivot the machine compromised to use it in attacking the rest of the other machines on the network. Securing the RDP is crucial. Many use teamviewer or some other RDP like software and leave the machine always on and port forward the port. That's all fine and dandy, but Mr Hacker comes along.

I agree, I don't like running and wasting energy and keeping systems on if they don't need to be on. It's possible to get WOL working only it requires a router with DDWRT that has WOL tools in it's GUI. You then simply enable remote management and enable https, then login to the routers HTTPS://X.X.X.X. IMO DDWRT is the best solution, unless you have money to drop in a bucket for expensive managed rack hardware.

 

If it is just files you want to access many consumer grade routers has a USB port for external HD's etc. Netgear routers have a feature called readyshare. You can create a online readyshare account. Readyshare online account is a encrypted client web portal that you use to access your files on the routers USB port. After creating the online account, you setup the router with the same login account online informationand it syncs with the online server. While away you log into your online readyshare account and you can access the files. You can also download a client for android, mac, linux etc. During login it asks if you want to download that specified client program. If not, clicking cancel loads the web portal instead, which works in most browsers. The client is for access from a IPAD or something.


Edited by technonymous, 06 March 2015 - 11:32 PM.


#5 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 07 March 2015 - 10:47 AM

I have a Belkin F9K1009 router, I've checked the DD-WRT site and it seems that it's not supported and I'm not planning to buy a new router just to test WOL over WAN.

 

Anyway, thank you for your extensive and very informative post. :)



#6 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:49 AM

Posted 08 March 2015 - 04:09 AM

Sure no problem. Good luck on your adventures. :)



#7 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 08 March 2015 - 11:41 AM

Thank you!

 

This WOL problem is driving me crazy so I'll try again, to explain my WOL over WAN situation more in depth. So, I'm using NirSoft's WakeMeOnLan to send the magic packet.

The computer (PC A) I'm on is on a 192.168.1.X network and the one I would like to wake up (PC B) is on the 192.168.2.X subnet. I have a UTP cable going from 192.168.1.X LAN port into the 192.168.2.1 router's WAN port. And PC B is connected into the 192.168.2.1 router. While PC A is connected into the 192.168.1.1 router. Router's IP in the 192.168.1.X network is 192.168.1.100. IP of PC A is 192.168.1.101. PC B's IP on the 192.168.2.X subnet is 192.168.2.2.

In the router's Virtual servers page I have entered this: Inbound port = 9, type = both (TCP / UDP), Private port = 9, Private IP address = 192.168.2.2. But it doesn't work, it won't wake up the PC B through the WAN port.

If I connect PC B to the 192.168.1.X network, meaning the same subnet as PC A then I am able to wake it up without a problem. But when I connect it on the 192.168.2.X network I am unable to do it.

Note: I am able to connect remotely to the PC B on the other subnet using the 3389 port so router's port forwarding works. I really don't know what's the problem about WOL. I also have the MAC addresses of both the PC B and the router (it's LAN and it's WAN MAC) but don't really know how to use them in the WOL program.

It could be that I'm not doing things right in the WakeMeOnLan program, could you please tell me what to do in it to make WOL over WAN work?

Thank you a ton!
 



#8 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 08 March 2015 - 09:47 PM

Help me, please? :)


#9 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:49 AM

Posted 08 March 2015 - 11:19 PM

http://www.smallnetbuilder.com/lanwan/lanwan-howto/29941-how-to-wake-on-lan-wake-on-wan Follow each step....test like it says. DO NOT SKIP things just because "I've already done that" follow the directions. The only part I can tell you won't work is Dynamic DNS is no longer free.

 

 

EDIT: And don't ask me about how you do this or that cause I honestly do not know. If I had to guess at what is going on you are forwarding the wrong port. 


Edited by CaveDweller2, 09 March 2015 - 10:44 AM.

Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#10 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 09 March 2015 - 03:26 PM

It could well be that I'm forwarding the wrong port. I will read the info from the link you provided, thank you!


Edited by Bellzemos, 09 March 2015 - 03:26 PM.


#11 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:49 AM

Posted 09 March 2015 - 09:53 PM

You're connecting router-a LAN--------->WAN Router-b? That's not going to work. It's cascading routers is either LAN to WAN, or LAN to LAN for bridging/switches/hubs.

 

PC-a---->LAN-Router-a-WAN------->LAN-PC-b-Router-b-WAN------>Modem---->CLOUD/Internet.  PC a & b cannot ping or see each other. It's better to have 3 routers for this for better security.

 

Connecting Router-b LAN----->LAN Router-a, Is for bridging routers. This extends the router out somewhere and making it a AP/WAP. This is like a star configuration with a router in the middle and switches/ap's branching out.

 

All these consumer routers wont forward directed broadcast. However, some people have gotten this to work but tricking the router with DOM firefox browser addon and loading the browser interface into it and forwarding port 9 to 192.168.x.255. DOM basically does the same thing as loading the routers gui and then turning off java, editing the fields and then saving to config and then turning java back on. Wol shoudn't be port forwarded because the router is susceptible to smurf attacks. DDOS flooding the router. The best solution for consumer routers is using DDRT and login to the router over enabled ssh or https and executing a WOL manually from the gui interface.


Edited by technonymous, 09 March 2015 - 11:50 PM.


#12 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:49 AM

Posted 19 March 2015 - 10:31 PM

You're connecting router-a LAN--------->WAN Router-b? That's not going to work. It's cascading routers is either LAN to WAN, or LAN to LAN for bridging/switches/hubs.

 

PC-a---->LAN-Router-a-WAN------->LAN-PC-b-Router-b-WAN------>Modem---->CLOUD/Internet.  PC a & b cannot ping or see each other. It's better to have 3 routers for this for better security.

 

Connecting Router-b LAN----->LAN Router-a, Is for bridging routers. This extends the router out somewhere and making it a AP/WAP. This is like a star configuration with a router in the middle and switches/ap's branching out.

 

All these consumer routers wont forward directed broadcast. However, some people have gotten this to work but tricking the router with DOM firefox browser addon and loading the browser interface into it and forwarding port 9 to 192.168.x.255. DOM basically does the same thing as loading the routers gui and then turning off java, editing the fields and then saving to config and then turning java back on. Wol shoudn't be port forwarded because the router is susceptible to smurf attacks. DDOS flooding the router. The best solution for consumer routers is using DDRT and login to the router over enabled ssh or https and executing a WOL manually from the gui interface.

 

Edit correction:

 

You're connecting router-a LAN--------->WAN Router-b? That's not going to work. It's cascading routers is either WAN to LAN, or LAN to LAN for bridging/switches/hubs.

 

I would like to reiterate this concept...

 

One WAN needs to face the next networks LAN, because a WAN is a nic card just like the lan side is. A router is basically a small pc with two nics in it. With consumer routers you're limited by what they can do and firmware. Some do support vlan and port programming which makes things a whole lot easier. For basic routers you should still be able to get some isolation. Which is more or less a hardware DMZ.

 

Router-A's WAN-----to------>Router-B's LAN port, & Router-B's WAN-----to----->MODEM.

 

Router-A 192.168.1.1

Router-B 192.168.2.1

 

Again, This still has limitations in security and is more referred to as a more secured hardware based DMZ. Any pc or public device server in 192.168.2.1 network will still have to fend for itself by it's software base firewalls as well. However, 192.168.1.1 network clients are protected by both routers NAT firewalls as well as it's own software firewalls. This is why commerical grade switches & routers with vlan support are more robust for this sort of thing. They have the firmware and the customizable physical backplane to do this more advanced networking architecture. Just like rack mount blade servers are better than just a plane Jane old desktop pc. They have Quad Xeon cpu's and loads of memory and triple redundant hardware power supplies and iSCSI failover systems. One Server dies one instantly comes up in the cluster. There is a lot of expense and technology behind all these things, just to bring Google to your browser 24/7 and all it's other services.



#13 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:49 AM

Posted 01 April 2015 - 12:11 PM

I hate waking up what seems to be a dead thread but I was reading a LifeHacker article and it mentioned a router with DD-WRT has a WOL daemon. Sure enough under the Admin section there is WOL tab. So that might be an option as well =) Unless you got it figured out, then NM lol


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#14 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:49 AM

Posted 01 April 2015 - 04:38 PM

I hate waking up what seems to be a dead thread but I was reading a LifeHacker article and it mentioned a router with DD-WRT has a WOL daemon. Sure enough under the Admin section there is WOL tab. So that might be an option as well =) Unless you got it figured out, then NM lol

Yeah, that's what I was talking about. That's the beauty of having a router that can be flashed with third party firmware. You can setup remote management through the https only. This will use the built in ssl cert and then you should use a nice long password. SSH and OpenVPN is also supported and more secure IMO because they have keypair security. It forces a policy to establish the tunnel first with public/private key before being prompted for the final username/password login. No matching key no access it simply denies all.

 

I know that there a risk in bricking routers. However, I read that now some routers cannot be bricked if something goes wrong during the flashing. So some things are getting better in consumer routers. I know that Netgear routers you can still reset the router and telnet in and push a factory config back on it. Apparently there is some kind of reserved memory that allows recovery.


Edited by technonymous, 01 April 2015 - 04:41 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users